@@ -21,7 +21,7 @@ Here's what happened in the [Reproducible Builds](https://reproducible-builds.or
* Vagrant Cascadian worked on [Debian packaging for Mes](https://bugs.debian.org/902174), with help from Jan Nieuwenhuizen.
* 6 package reviews were been added, 3 were been updated and 6 were removed in this week, adding to [our knowledge about identified issues](https://tests.reproducible-builds.org/debian/index_issues.html). In addition, two issue types ([variations\_from\_march\_native](https://salsa.debian.org/reproducible-builds/reproducible-notes/commit/89029ae8) and [randomness\_in\_documentation\_generated\_by\_lua\_ldoc](https://salsa.debian.org/reproducible-builds/reproducible-notes/commit/06fc7acd)) were added. Lastly, two new classes of issue were added to [theunreproduciblepackage](https://github.com/bmwiedemann/theunreproduciblepackage/tree/master/compile-time-check/).
* 6 package reviews were added, 3 have been updated and 6 were removed in this week, adding to [our knowledge about identified issues](https://tests.reproducible-builds.org/debian/index_issues.html). In addition, two issue types ([variations\_from\_march\_native](https://salsa.debian.org/reproducible-builds/reproducible-notes/commit/89029ae8) and [randomness\_in\_documentation\_generated\_by\_lua\_ldoc](https://salsa.debian.org/reproducible-builds/reproducible-notes/commit/06fc7acd)) were added. Lastly, two new classes of issue were added to [theunreproduciblepackage](https://github.com/bmwiedemann/theunreproduciblepackage/tree/master/compile-time-check/).
*The schedule for the [DebConf18](https://debconf18.debconf.org/) annual Debian Developers conference [was published](https://debconf18.debconf.org/schedule/), including talks entitled:
* "[Reproducible Buster and beyond](https://debconf18.debconf.org/talks/80-reproducible-buster-and-beyond/)" by the Reproducible Builds team
* "[My crush on GNU Guix](https://debconf18.debconf.org/talks/99-my-crush-on-gnu-guix/)" by Vagrant Cascadian
* "[Software transparency: package security beyond signatures and reproducible builds](https://debconf18.debconf.org/talks/104-software-transparency-package-security-beyond-signatures-and-reproducible-builds/)" by Benjamin Hof.
*Bernhard M. Wiedemann [completed rebuilding all official openSUSE-Leap-15.0 packages](https://lists.opensuse.org/opensuse-factory/2018-07/msg00119.html). No bit-for-bit identical rebuilds are possible yet (as file modification times are kept). However, several new bugs were found/fixed, and no backdoors were found.
*[FIXME](https://bugs.debian.org/845034)
*The default GCC version in Debian unstable was changed from GCC 7 to GCC 8. Unfortunately as we have not updated our build path patches for this latter version, this is resulting in a large number of packages becoming unreproducible in our testing framework. Holger Levsen has [temporarily disabled scheduling of some packages](https://salsa.debian.org/qa/jenkins.debian.net/commit/53fc8962) accordingly.
* Chris Lamb's patches to [ensure Debian initrd images are reproducible](https://bugs.debian.org/845034) were merged and released by Ben Hutchings.
* Eli Schwartz posted to [our mailing list](https://lists.reproducible-builds.org/pipermail/rb-general/) with a [patch to extend the buildinfo support in makepkg](https://lists.reproducible-builds.org/pipermail/rb-general/2018-July/001083.html) in [Archlinux](https://www.archlinux.org/).
* Holger Levsen [submitted a request to the Prototype Fund](https://prototypefund.de/project/reproducible-builds-in-der-wirklichkeit/) entitled «*Reproducible Builds in der Wirklichkeit*» ("Reproducible builds in reality").
* Chris Lamb updated [diffoscope](https://diffoscope.org)(our in-depth "diff-on-steroids" utility which helps us diagnose reproducibility issues in packages) to [wrap jsondiff calls with a try-except to prevent fatal errors](https://salsa.debian.org/reproducible-builds/diffoscope/commit/794f815) to close Debian bugs [#903447](https://bugs.debian.org/903447) and [#903449](https://bugs.debian.org/903449).
* One Debian package review was added and one was removed in this week, adding to [our knowledge about identified issues](https://tests.reproducible-builds.org/debian/index_issues.html).
* Bernhard M. Wiedemann [completed rebuilding all official openSUSE-Leap-15.0 packages](https://lists.opensuse.org/opensuse-factory/2018-07/msg00119.html) - no bit-identical rebuilds are possible yet (because mtimes are kept). Several new bugs were found and fixed. No backdoors found.
Packages reviewed and fixed, and bugs filed
-------------------------------------------
* Bernhard M. Wiedemann:
*[ceph/spdk](http://bugzilla.opensuse.org/show_bug.cgi?id=1101262)(march=native, also handled upstream)
There were a number of updates to our [Jenkins](https://jenkins.io/)-based testing framework that powers [tests.reproducible-builds.org](tests.reproducible-builds.org):
* Holger Levsen:
*[Stop scheduling old versions in unstable and experimental as gcc-8 is the default now](https://salsa.debian.org/qa/jenkins.debian.net/commit/53fc8962).
*[Do not warn about the failed Ultimate Debian Database (UDD) connection on every query](https://salsa.debian.org/qa/jenkins.debian.net/commit/18346336).
Misc.
-----
This week's edition was written by Bernhard M. Wiedemann, Chris Lamb, Holger Levsen & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.
Chris Lamb authored39afd760