Draft Fixups

blog/2023-07-14-cwtch-ui-reproducible-builds.md

@@ -1,5 +1,5 @@
 ---
-title: Cwtch UI Reproducible Builds (Linux)
+title: Progress Towards Reproducible UI Builds
 description: ""
 slug: cwtch-ui-reproducible-builds-linux
 tags: [cwtch, cwtch-stable, reproducible-builds, bindings, repliqate]
@@ -43,27 +43,34 @@ For reproducible linux builds we had to modify the generated `linux/CMakeLists.t
 * `--hash-style=gnu` - asserts a standard hashing scheme to use across all compiled artifacts. Without this compilers that have been compiled with different default schemes will produce different artifacts
 * `--build-id=none` - suppresses build id generation. Without this each compiled artifact will have a section of effectively randomized data.
 
-We also define a new [link script](https://git.openprivacy.ca/cwtch.im/cwtch-ui/src/commit/3148a8e0642e51bc59d9eb00ca2b319a7097285a/elf_x86_64.x) that differs from the default by removing all `.comment` sections from object files. We do this because the linking process links in non-project artifacts like `crtbeginS.o` which, in most systems, us compiled with a `.comment` section (the default linking script already removes the `.note.gnu*` sections.
+We have also defined a new [linker script](https://git.openprivacy.ca/cwtch.im/cwtch-ui/src/commit/3148a8e0642e51bc59d9eb00ca2b319a7097285a/elf_x86_64.x) that differs from the default by removing all `.comment` sections from object files. We do this because the linking process links in non-project artifacts like `crtbeginS.o` which, in most systems, us compiled with a `.comment` section (the default linking script already removes the `.note.gnu*` sections.
 
 ### Tar Archives
 
-Finally, following the [guide at https://reproducible-builds.org/docs/archives/](https://reproducible-builds.org/docs/archives/) we defined standard metadata for the generated Tar archives to make them also reproducible.
+Finally, following the [guide at reproducible-builds.org](https://reproducible-builds.org/docs/archives/) we have defined standard metadata for the generated Tar archives to make them also reproducible.
 
 ## Limitations and Next Steps
 
-The above changes mean that official linux builds of the same commit will now result in identical artifacts. We have also produced a repliqate script
+The above changes mean that official linux builds of the same commit will now result in identical artifacts.
 
-However, because repliqate is based on Debian images and our official builds are based on an Ubuntu distribution the resulting archives differ by a single instruction at the start of a few sections - introduced because Ubuntu compiles and provides C Runtime (CRT) artifacts (e.g. `crti.o` with full branch protection enabled. On 64-bit systems this results in an `endcr64` instruction being inserted at the start of the `.init` and `.fini` sections, among others.
+The next step is to roll these changes into [repliqate](https://docs.cwtch.im/blog/cwtch-bindings-reproducible#introducing-repliqate) as we have done with our bindings builds.
+
+However, because Repliqate is based on Debian images and our official UI builds are based on an Ubuntu distribution the resulting archives differ by a single instruction at the start of a few sections - introduced because Ubuntu compiles and provides C Runtime (CRT) artifacts (e.g. `crti.o` with full branch protection enabled. On 64-bit systems this results in an `endcr64` instruction being inserted at the start of the `.init` and `.fini` sections, among others.
 
 In order to allow people to fully repliqate Cwtch builds in an isolated environment like repliqate, as we do for Cwtch Bindings, it will be necessary to provide instructions for setting up a hardened image that can work the same way in repliqate.
 
 ### Pinned Dependencies
 
-While our repliqate scripts pin several major dependencies like flutter and go, and the dependencies managed by these systems are locked to specific versions, there are still a few dependencies within the ecosystems that are not strictly pinned. 
+Additionally, while our repliqate scripts pin several major dependencies like flutter and go, and the dependencies managed by these systems are locked to specific versions, there are still a few dependencies within the ecosystems that are not strictly pinned. 
 
 The major one is libc. Operating systems rarely make big changes to packaged libc versions for a specific distribution (typically because doing so in a non-breaking way would be a major undertaking). 
 
-However this does mean that Cwtch reproduciblility is implicitly tied to operating system practices - this is something we would like to begin decoupling ourselves from.
+However this does mean that Cwtch reproduciblility is implicitly tied to operating system practices - this is something we would like to begin decoupling ourselves from going forward.
+
+## Stay up to date!
+
+We expect to make additional progress on this in the coming weeks and months. Subscribe to our [RSS feed](/blog/rss.xml), [Atom feed](/blog/atom.xml), or [JSON feed](/blog/feed.json) to stay up to date, and get the latest on, all aspects of Cwtch development.
+
 
 ## Help us go further!
 
@@ -78,6 +85,4 @@ For more information about donating to Open Privacy and claiming a thank you gif
 ![A Photo of Cwtch Stickers](/img/stickers-new.jpg)
 
 
-## Stay up to date!
 
-This is not all we have planned for the upcoming months. Subscribe to our [RSS feed](/blog/rss.xml), [Atom feed](/blog/atom.xml), or [JSON feed](/blog/feed.json) to stay up to date, and get the latest on, all aspects of Cwtch development.

build-staging/assets/js/814f3328.0e4f9c9a.js

@@ -1 +0,0 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[2535],{5641:t=>{t.exports=JSON.parse('{"title":"Recent Logs","items":[{"title":"Cwtch UI Reproducible Builds (Linux)","permalink":"/blog/cwtch-ui-reproducible-builds-linux"},{"title":"Cwtch Stable Roadmap Update","permalink":"/blog/cwtch-stable-roadmap-update-june"},{"title":"Cwtch Beta 1.12","permalink":"/blog/cwtch-nightly-1-12"},{"title":"New Cwtch Nightly (v1.11.0-74-g0406)","permalink":"/blog/cwtch-nightly-v.11-74"},{"title":"Cwtch Developer Documentation, Cwtchbot v0.1.0 and New Nightly.","permalink":"/blog/cwtch-developer-documentation"},{"title":"Availability Status and Profile Attributes","permalink":"/blog/availability-status-profile-attributes"},{"title":"Cwtch Stable Roadmap Update","permalink":"/blog/cwtch-stable-roadmap-update"},{"title":"Cwtch Beta 1.11","permalink":"/blog/cwtch-nightly-1-11"},{"title":"Updates to Cwtch Documentation","permalink":"/blog/cwtch-documentation"},{"title":"Compile-time Optional Application Experiments (Autobindings)","permalink":"/blog/autobindings-ii"},{"title":"Autogenerating Cwtch Bindings","permalink":"/blog/autobindings"},{"title":"Notes on Cwtch UI Testing (II)","permalink":"/blog/cwtch-testing-ii"},{"title":"Making Cwtch Android Bindings Reproducible","permalink":"/blog/cwtch-android-reproducibility"},{"title":"Notes on Cwtch UI Testing","permalink":"/blog/cwtch-testing-i"},{"title":"Cwtch UI Platform Support","permalink":"/blog/cwtch-platform-support"},{"title":"Making Cwtch Bindings Reproducible","permalink":"/blog/cwtch-bindings-reproducible"},{"title":"Cwtch Stable API Design","permalink":"/blog/cwtch-stable-api-design"},{"title":"Path to Cwtch Stable","permalink":"/blog/path-to-cwtch-stable"}]}')}}]);

build-staging/assets/js/814f3328.2c1aa583.js

@@ -0,0 +1 @@
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[2535],{5641:t=>{t.exports=JSON.parse('{"title":"Recent Logs","items":[{"title":"Progress Towards Reproducible UI Builds","permalink":"/blog/cwtch-ui-reproducible-builds-linux"},{"title":"Cwtch Stable Roadmap Update","permalink":"/blog/cwtch-stable-roadmap-update-june"},{"title":"Cwtch Beta 1.12","permalink":"/blog/cwtch-nightly-1-12"},{"title":"New Cwtch Nightly (v1.11.0-74-g0406)","permalink":"/blog/cwtch-nightly-v.11-74"},{"title":"Cwtch Developer Documentation, Cwtchbot v0.1.0 and New Nightly.","permalink":"/blog/cwtch-developer-documentation"},{"title":"Availability Status and Profile Attributes","permalink":"/blog/availability-status-profile-attributes"},{"title":"Cwtch Stable Roadmap Update","permalink":"/blog/cwtch-stable-roadmap-update"},{"title":"Cwtch Beta 1.11","permalink":"/blog/cwtch-nightly-1-11"},{"title":"Updates to Cwtch Documentation","permalink":"/blog/cwtch-documentation"},{"title":"Compile-time Optional Application Experiments (Autobindings)","permalink":"/blog/autobindings-ii"},{"title":"Autogenerating Cwtch Bindings","permalink":"/blog/autobindings"},{"title":"Notes on Cwtch UI Testing (II)","permalink":"/blog/cwtch-testing-ii"},{"title":"Making Cwtch Android Bindings Reproducible","permalink":"/blog/cwtch-android-reproducibility"},{"title":"Notes on Cwtch UI Testing","permalink":"/blog/cwtch-testing-i"},{"title":"Cwtch UI Platform Support","permalink":"/blog/cwtch-platform-support"},{"title":"Making Cwtch Bindings Reproducible","permalink":"/blog/cwtch-bindings-reproducible"},{"title":"Cwtch Stable API Design","permalink":"/blog/cwtch-stable-api-design"},{"title":"Path to Cwtch Stable","permalink":"/blog/path-to-cwtch-stable"}]}')}}]);

build-staging/de/assets/js/814f3328.3bf27fe6.js

@@ -1 +0,0 @@
-"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[2535],{5641:t=>{t.exports=JSON.parse('{"title":"Neueste Logs","items":[{"title":"Cwtch UI Reproducible Builds (Linux)","permalink":"/de/blog/cwtch-ui-reproducible-builds-linux"},{"title":"Cwtch Stable Roadmap Update","permalink":"/de/blog/cwtch-stable-roadmap-update-june"},{"title":"Cwtch Beta 1.12","permalink":"/de/blog/cwtch-nightly-1-12"},{"title":"New Cwtch Nightly (v1.11.0-74-g0406)","permalink":"/de/blog/cwtch-nightly-v.11-74"},{"title":"Cwtch Developer Documentation, Cwtchbot v0.1.0 and New Nightly.","permalink":"/de/blog/cwtch-developer-documentation"},{"title":"Availability Status and Profile Attributes","permalink":"/de/blog/availability-status-profile-attributes"},{"title":"Cwtch Stable Roadmap Update","permalink":"/de/blog/cwtch-stable-roadmap-update"},{"title":"Cwtch Beta 1.11","permalink":"/de/blog/cwtch-nightly-1-11"},{"title":"Updates to Cwtch Documentation","permalink":"/de/blog/cwtch-documentation"},{"title":"Compile-time Optional Application Experiments (Autobindings)","permalink":"/de/blog/autobindings-ii"},{"title":"Autogenerating Cwtch Bindings","permalink":"/de/blog/autobindings"},{"title":"Notes on Cwtch UI Testing (II)","permalink":"/de/blog/cwtch-testing-ii"},{"title":"Making Cwtch Android Bindings Reproducible","permalink":"/de/blog/cwtch-android-reproducibility"},{"title":"Notes on Cwtch UI Testing","permalink":"/de/blog/cwtch-testing-i"},{"title":"Cwtch UI Platform Support","permalink":"/de/blog/cwtch-platform-support"},{"title":"Making Cwtch Bindings Reproducible","permalink":"/de/blog/cwtch-bindings-reproducible"},{"title":"Cwtch Stable API Design","permalink":"/de/blog/cwtch-stable-api-design"},{"title":"Path to Cwtch Stable","permalink":"/de/blog/path-to-cwtch-stable"}]}')}}]);

build-staging/de/assets/js/814f3328.602b4477.js

@@ -0,0 +1 @@
+"use strict";(self.webpackChunkuser_handbook=self.webpackChunkuser_handbook||[]).push([[2535],{5641:t=>{t.exports=JSON.parse('{"title":"Neueste Logs","items":[{"title":"Progress Towards Reproducible UI Builds","permalink":"/de/blog/cwtch-ui-reproducible-builds-linux"},{"title":"Cwtch Stable Roadmap Update","permalink":"/de/blog/cwtch-stable-roadmap-update-june"},{"title":"Cwtch Beta 1.12","permalink":"/de/blog/cwtch-nightly-1-12"},{"title":"New Cwtch Nightly (v1.11.0-74-g0406)","permalink":"/de/blog/cwtch-nightly-v.11-74"},{"title":"Cwtch Developer Documentation, Cwtchbot v0.1.0 and New Nightly.","permalink":"/de/blog/cwtch-developer-documentation"},{"title":"Availability Status and Profile Attributes","permalink":"/de/blog/availability-status-profile-attributes"},{"title":"Cwtch Stable Roadmap Update","permalink":"/de/blog/cwtch-stable-roadmap-update"},{"title":"Cwtch Beta 1.11","permalink":"/de/blog/cwtch-nightly-1-11"},{"title":"Updates to Cwtch Documentation","permalink":"/de/blog/cwtch-documentation"},{"title":"Compile-time Optional Application Experiments (Autobindings)","permalink":"/de/blog/autobindings-ii"},{"title":"Autogenerating Cwtch Bindings","permalink":"/de/blog/autobindings"},{"title":"Notes on Cwtch UI Testing (II)","permalink":"/de/blog/cwtch-testing-ii"},{"title":"Making Cwtch Android Bindings Reproducible","permalink":"/de/blog/cwtch-android-reproducibility"},{"title":"Notes on Cwtch UI Testing","permalink":"/de/blog/cwtch-testing-i"},{"title":"Cwtch UI Platform Support","permalink":"/de/blog/cwtch-platform-support"},{"title":"Making Cwtch Bindings Reproducible","permalink":"/de/blog/cwtch-bindings-reproducible"},{"title":"Cwtch Stable API Design","permalink":"/de/blog/cwtch-stable-api-design"},{"title":"Path to Cwtch Stable","permalink":"/de/blog/path-to-cwtch-stable"}]}')}}]);