Demystifying Unreproducible Builds: What, Why, and How

Explore the concept of reproducible builds and their importance in preventing software supply chain attacks in this 23-minute conference talk by Rahul Rajesh Bajaj from Red Hat. Delve into the challenges faced by large software distributions with thousands of interdependent packages, and learn how recent attacks like SolarWinds and Mimecast have highlighted vulnerabilities in the software supply chain. Discover the principles behind reproducible builds, where identical source code, build instructions, and environments generate bit-by-bit identical artifacts. Examine the reasons for implementing reproducible builds, potential solutions for achieving them, and practical measures organizations can take to improve their reproducibility rates. Gain valuable insights into safeguarding software integrity and mitigating risks in modern software development practices.

Demystifying Unreproducible Builds: What, Why, and How? - Rahul Rajesh Bajaj, Red Hat