make reproducible builds
NodeGuy opened this issue · comments
We need reproducible builds but the .dmg produced is different each time:
$ electron-installer-dmg --icon=../../../app/icons/png/96x96.png ./Cosmos\ Voyager.app FooBar1
$ electron-installer-dmg --icon=../../../app/icons/png/96x96.png ./Cosmos\ Voyager.app FooBar2
$ electron-installer-dmg --icon=../../../app/icons/png/96x96.png ./Cosmos\ Voyager.app FooBar3
$ ls -l FooBar*
-rw-r--r--@ 1 david staff 164625758 Jul 23 17:39 FooBar1.dmg
-rw-r--r--@ 1 david staff 164625772 Jul 23 17:40 FooBar2.dmg
-rw-r--r--@ 1 david staff 164625780 Jul 23 17:40 FooBar3.dmg
Can you use diffoscope on the DMGs?
Done. The diff is ~600 MB (available for download here. Here's the first page:
--- FooBar1.dmg
+++ FooBar2.dmg
@@ -1,37 +1,37 @@
00000000: 78da 6360 1805 4318 fcfb ffff 1d10 3302 x.c`..C.......3.
00000010: 99ff c345 49d6 1eba 0a00 fb60 0952 78da ...EI......`.Rx.
00000020: 7375 f354 0870 0c0a 6160 6064 8861 6060 su.T.p..a``d.a``
-00000030: 4897 0a0b 0752 401e 04fc 0f17 05d3 4a50 H....R@.......JP
-00000040: fe3d 285f 27ae ec3e 6fba b5ef 4e43 b3f0 .=(_'..>o...NC..
-00000050: 00b1 6dbf 98a0 f20d 505c 1971 b085 6114 ..m.....P\.q..a.
-00000060: 0c7a 0000 e44d 100f 78da edc5 210a c200 .z...M..x...!...
-00000070: 0005 d07f 8505 bbd1 e819 14c4 a245 9879 .............E.y
-00000080: e010 1193 7803 0f61 b70d 4f60 df19 ac1e ....x..a..O`....
-00000090: c0e8 bac2 8ad9 fc5e 7959 cde6 4953 3445 .......^yY..IS4E
-000000a0: c6f5 f475 7b2e 2fd5 e9de 2ece 6dd9 bdbb ...u{./.....m...
-000000b0: c975 94de 633d c8af 4d76 3966 9fe1 f743 .u..c=..Mv9f...C
-000000c0: aa6c 5307 0000 0000 0000 0000 0000 0000 .lS.............
-000000d0: 0000 00f8 cf07 c42d 13cb 78da eddd 3d4a .......-..x...=J
-000000e0: 0341 1400 e0b7 931f c542 835e c03e a051 .A.......B.^.>.Q
-000000f0: 0fa0 5859 5a98 ce22 bda5 2081 3439 8fd7 ..XYZ..".. .49..
-00000100: b0b6 ce15 6c6c c34a 40dd 64b7 50b0 db28 ....ll.J@.d.P..(
-00000110: 89f9 3e78 3b3f 30b3 eccc c232 c5f2 2280 ..>x;?0....2..".
-00000120: 4d75 d58d e638 b238 e91d f5e6 edc9 e8e9 Mu...8.8........
-00000130: 6c32 9a3d 94f5 d97d 44f6 5654 5f23 3a11 l2.=...}D.VT_#:.
-00000140: e971 1a59 3a8c 7470 570c 8945 449a 4634 .q.Y:.tpW..ED.F4
-00000150: 86d5 74f3 9e54 d5d3 97db a4ee f1f3 fecb ..t..T..........
-00000160: f6e9 65d9 1c54 11ed 6a4c bbd6 43f4 afcb ..e..T..jL..C...
-00000170: 8856 bfb8 6c55 e592 e63b cfeb cf77 5146 .V..lU...;...wQF
-00000180: b46e 8ab8 2d4b 0000 f87b 1ffc 02ef 1500 .n..-K...{......
-00000190: 3eff 4b91 db2c 0056 5ae6 fc0b 0000 0000 >.K..,.VZ.......
-000001a0: 0000 0000 0000 00c0 5a7a f773 1000 0000 ........Zz.s....
-000001b0: 00ff 49d3 1200 00b0 92b2 88c6 4ffd 9d88 ..I.........O...
-000001c0: 9d32 ffd5 2267 d522 2b56 7ccf edb5 96c6 .2.."g."+V|.....
-000001d0: b61c 0000 800d b097 471e c3d8 b512 0000 ........G.......
+00000030: b036 cbf9 0ba4 803c 08f8 1f2e 0aa6 95a0 .6.....<........
+00000040: fc7b 507e a7f1 76de 374e 4bfd 7b6f bcf7 .{P~..v.7NK.{o..
+00000050: cada 1eb5 8809 2adf 00c5 d74e e4f7 338c ......*....N..3.
+00000060: 8241 0f00 7c8b 1336 78da edc5 210a c200 .A..|..6x...!...
+00000070: 0005 d07f 8581 768b 60f4 0882 30ec 8621 ......v.`...0..!
+00000080: 26d1 2143 4c1e c82a c3ec 01bc 84d1 68f1 &.!CL..*......h.
+00000090: 0462 5058 319b df2b 2ff3 7296 b445 5b64 .bPX1..+/.r..E[d
+000000a0: 5c4f 9fe7 c7b5 3cad df8b c965 787c dd97 \O....<....ex|..
+000000b0: bd66 94ce adea e7d7 264d 0ed9 65f0 7d9f .f......&M..e.}.
+000000c0: 55b6 a903 0000 0000 0000 0000 0000 0000 U...............
+000000d0: 0000 00fc e703 e224 12bb 78da eddd 3b4a .......$..x...;J
+000000e0: 0341 1800 e07f 270f d142 035e c05a 41e2 .A....'..B.^.ZA.
+000000f0: 09b4 b4b4 7005 c1c2 dece 2a90 26d7 103c ....p.....*.&..<
+00000100: 41ae e121 7209 6dc3 4af0 b1d9 dd42 c12e A..!r.m.J....B..
+00000110: 5112 f37d f0ef 3c60 66d9 9985 658a e58f Q..}..<`f...e...
+00000120: 0036 d5f9 51b4 4791 c549 ffb8 3f6f 4f86 .6..Q.G..I..?oO.
+00000130: 4fd7 93e1 ecb1 aecf 1e22 b2d7 b2fa 12d1 O........"......
+00000140: 8b48 e369 64e9 20d2 fe5d 3924 aa88 348d .H.id. ..]9$..4.
+00000150: 680d 9ae9 e63d a9a9 a72f b749 87f9 f3fd h....=.../.I....
+00000160: f6db f8aa 6ede 3611 dd66 4c77 a187 c82f ....n.6..fLw.../
+00000170: ea88 4e5e 5eb6 9a72 49f3 9d16 8bcf 7756 ..N^^..rI.....wV
+00000180: 4774 2ecb b8a9 4b00 00f8 7b1f fc02 ef15 Gt....K...{.....
+00000190: 003e ff4b 51d8 2c00 565a e6fc 0b00 0000 .>.KQ.,.VZ......
+000001a0: 0000 0000 0000 0000 c05a 7af7 7310 0000 .........Zz.s...
+000001b0: 0000 ff49 db12 0000 b092 b288 d64f fdbd ...I.........O..
+000001c0: 889d 3aff 5595 b3aa ca8a 15df 737b ada5 ..:.U.......s{..
+000001d0: 912d 0700 0060 03ec 1551 c420 76ad 0400 .-...`...Q. v...
000001e0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
000001f0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000200: 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000210: 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000220: 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000230: 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000240: 0000 0000 0000 0000 0000 0000 0000 0000 ................
@@ -85,16 +85,16 @@
00000540: 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000550: 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000560: 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000570: 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000580: 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000590: 0000 0000 0000 0000 0000 0000 0000 0000 ................
000005a0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
-000005b0: 0000 0000 0000 f57c 0259 6907 9678 daed .......|.Yi..x..
-000005c0: c131 0100 0000 c2a0 f54f 6d08 5fa0 0000 .1.......Om._...
+000005b0: 0000 0000 0000 c062 3e01 801c 094e 78da .......b>....Nx.
Huh. I guess diffoscope doesn't read DMG files?
Yeah, looks like not.
My guess is that this problem is at the appdmg level or further upstream. I'm not seeing any indication that we're passing in different config to appdmg on each run.
Thanks, I'll investigate there.