Reproducible Builds creates an independently-verifiable path from source code to software

The Reproducible Builds project aims to create an independently-verifiable path from source code to the binary code used by computers, to allow verification.

Internet freedom tools are often free and open source, allowing anyone to inspect their code. However, software is usually distributed in a precompiled form, so it’s not immediately clear whether the code found in the software corresponds with what is in the source code. Reproducible Builds creates an independently-verifiable path from source code to the binary code used by computers, allowing verification that no vulnerabilities or backdoors have been introduced during the compilation process.

This project focuses on developing and deploying reproducible installer images to ensure secure means of performing the first-time installation; enhancing the diffoscope tool, which provides in-depth comparison of files, archives, and directories; improving the distribution infrastructure, in order to actually deliver a reproducible operating system; and engaging the community to increase participation in the Reproducible Builds project by promoting its benefits, tools, and ideals.