NSIS: Nullsoft Scriptable Install System / Bugs / #1311 Is it possible to make reproducible builds?

Windows installer development tool

#1311 Is it possible to make reproducible builds?

Milestone: 3.0 Series

Status: open

Owner: nobody

Labels: reproducible builds (3)

Priority: 5

Updated: 3 days ago

Created: 2024-07-12

Creator: Protocol Droid

Private: No

NSIS v3.10
I cannot get identical outputs for identical inputs
Any script
N/A

I have begun automatically hashing all of my binaries on publish and tracking them in version control. This way, anyone who builds from my source can verify that their output is identical to what I got during development.

While all of my other build artifacts are deterministic, the hash of the NSIS installer changes on each publish. Thus, I don't get identical outputs for identical inputs.

There is likely some timestamping or other such meta data happening. Are there any options or switches that can ensure deterministic reproducible builds of NSIS installer packages?

https://reproducible-builds.org

Discussion

Anders - 2024-07-15

If you are building NSIS from source, pass SOURCE_DATE_EPOCH to SCons.

👍
1

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Protocol Droid - 2024-07-16
  
  Thanks. I usually just use the published binaries.
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
  - Anders - 2024-08-06
    
    example1.nsi produces the same output every time IIRC.
    
    If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Anders - 3 days ago

labels: --> reproducible builds
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Is it possible to make reproducible builds?

Windows installer development tool

Group

Searches

Help

#1311 Is it possible to make reproducible builds?

Discussion