2019-05: fix grammar ; fix description

parent 7a95cce0
Pipeline #49214 passed with stage
in 2 minutes and 45 seconds
......@@ -31,7 +31,7 @@ In this months's report, we will cover:
* The work of Chris Lamb in/around Debian's Reproducible Builds effort [won a Google Open Source Peer Bonus award](https://opensource.googleblog.com/2019/04/google-open-source-peer-bonus-winners.html), a program with the goal of recognising and supporting the ecosystem and sustainability of free software by rewarding and recognising developers for their contributions to open source projects
* Kushal Das presented at [PyCon](https://us.pycon.org/2019/about/) 2019 on [building reproducible Python applications for secured environments](https://www.youtube.com/watch?v=wRHi8Ui5vWA). In the talk, Kushal argues that validating the dependencies of project is very critical along with the actual project source code, referring to incidents where people were [able to steal bitcoins using a popular library](https://www.theregister.co.uk/2018/11/26/npm_repo_bitcoin_stealer/). His talk uses the [SecureDrop client application](https://github.com/freedomofpress/securedrop-client) for journalists as an example project and see how he tried to tackle the similar problem.
* Kushal Das presented at [PyCon](https://us.pycon.org/2019/about/) 2019 on [building reproducible Python applications for secured environments](https://www.youtube.com/watch?v=wRHi8Ui5vWA). In the talk, Kushal argues that validating the dependencies of the project is very critical along with the actual project source code, referring to incidents where people were [able to steal bitcoins using a popular library](https://www.theregister.co.uk/2018/11/26/npm_repo_bitcoin_stealer/). His talk uses the [SecureDrop client application](https://github.com/freedomofpress/securedrop-client) for journalists as an example project and see how he tried to tackle the similar problem.
* [GitHub](https://github.com/) announced [adding a package registry feature](https://github.com/features/package-registry) which [suggest but alas not guarantee](https://github.com/ipfs/package-managers/issues/55) a strong link between the Git repository and the published packages, highlighting the need for Reproducible Builds.
......@@ -86,7 +86,7 @@ The Reproducible Builds project detects, dissects and attempts to fix as many cu
* [mvapich2](https://build.opensuse.org/request/show/705701) (Sort `readdir(2)` call, [already filed upstream](http://mailman.cse.ohio-state.edu/pipermail/mvapich-discuss/2019-April/006837.html))
* [nulloy](https://github.com/nulloy/nulloy/pull/149) (`.zip` timestamps)
* [osc](https://github.com/openSUSE/osc/issues/547) (Dependency bug hindering openSUSE reproducible builds)
* [pithos](https://build.opensuse.org/request/show/706096) (mark `.pyc` files as "no architecture")
* [pithos](https://build.opensuse.org/request/show/706096) (make `.pyc` files not vary from architecture)
* [plata-theme](https://gitlab.com/tista500/plata-theme/merge_requests/3) (zip `mtime`)
* [python-Fabric3](https://build.opensuse.org/request/show/702815) (Workaround FTBFS `-j1`)
* [python-keystonemiddleware](https://review.opendev.org/657780) (Make tests pass in 2020)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment