commit: 3deee55d6eea208f7ca3d1715e2d7b853c3d46c3
parent 5f858dbe3acc01ba2331cfc52f54d5b85e7a3314
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date: Sat, 24 Jun 2023 13:36:09 +0200
notes/bootstrapping: Add note on debian suspicious-source
Diffstat:
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/notes/bootstrapping.shtml b/notes/bootstrapping.shtml
@@ -30,9 +30,12 @@
</dl>
<h2 id="tools">Tools</h2>
- <ul>
- <li><a href="https://hacktivis.me/projects/deblob">deblob</a>: Remove binary executable files (including bytecode)</li>
- </ul>
+ <dl>
+ <dt><a href="https://hacktivis.me/projects/deblob">deblob</a></dt>
+ <dd>Remove known binary executable formats (including bytecode), designed to be fast enough to barely impact distro-scale package building performance, cannot detect all blobs</dd>
+ <dt>Debian's <a href="https://salsa.debian.org/debian/devscripts/-/blob/master/scripts/suspicious-source">suspicious-source</a> script</dt>
+ <dd>Lists what isn't present in a list of source code formats, good for manual audits. Python+<code>magic(5)</code> means it is quite slow.</dd>
+ </dl>
<h2>Problematic software</h2>
