logo
Dates

Author


Conferences

Tags

Sort by:  

Authors: Rose Judge, Joshua Lock
2022-06-21

tldr - powered by Generative AI

The presentation discusses the importance of reproducibility in software development pipelines and infrastructure for better security and transparency. It provides three levels of reproducibility and their supply chain security implications.
  • Reproducibility in software development pipelines and infrastructure is crucial for better security and transparency
  • There are three levels of reproducibility: unscripted builds, repeatable builds, and rebuildable builds
  • Rebuildable builds control all explicit inputs for a build and can produce an equivalent artifact that can be reproduced at any future point in time
  • Achieving reproducible builds requires engineering effort and long-term storage, which can be costly for some organizations