Source code missing for test/data/helloworld binary #297
Comments
|
For reference, here is the patch we use to disable the /Simon |
|
IIRC it's only the hash but I can take another look. FWIW, we're evaluating the future of in-toto-golang and how it may be merged with github.com/in-toto/witness / go-witness, so perhaps it's best to hit pause on packaging this one? Is this for a specific Debian-based use case? |
|
Thanks for quick response!
The binary
I need (parts of) in-toto for sigstore's rekor. Are your plans likely to be implemented in the next few weeks and rekor updated? If not I think it is okay to continue package /Simon |
|
No, the consolidation effort will likely take longer than that. |
Hi. I am packaging in-toto-golang for Debian.
We noticed that the
test/data/helloworldis a binary executable that is stored in the git repository, and is used during self-tests. Where is the source code to generate that binary? Debian does not want to ship binaries that cannot be rebuilt from source code.I tried replacing it with another binary that I built myself, but I see hard-coded SHA checksums in
in_toto/runlib_testof thehelloworldbinary, and I'm not sure if there are other properties this binary must have in order for the self-tests to work. Can you help me? I will disable the self-tests that depend in this binary in order to proceed with inclusion into Debian.Thanks,
Simon
The text was updated successfully, but these errors were encountered: