They use a Mac to compare the Ubuntu Go package to a self-compliled go from source:
"Now we can diff the Go toolchain we’ve created on our Mac with the Go toolchain that Ubuntu ships:" [..]
"We’ve successfully reproduced the Ubuntu package’s executables" [..]
"Note in particular that we’ve reconstructed the toolchain binaries bit-for-bit: they do not show up in the diff at all. That is, we proved that the Ubuntu Go binaries correspond exactly to the upstream Go sources."
Also, for your own programs:
"For Go programs that don’t need cgo, a reproducible build is as simple as compiling with CGO_ENABLED=0 go build -trimpath. Disabling cgo removes the host C toolchain as a relevant input, and -trimpath removes the current directory"
It's so great that you automatically get trivially reproducible builds with Go, even when cross-compiling. At least when not using cgo, which is why I avoid cgo.
Features like this take a lot of effort and aren't very visible, but are very much appreciated. Thanks to everyone who worked on this!
That's great news! Having recently started a job using Go, I like how the language is slowly but surely improving. It feels like it's possible for me to catch up with what has already been done and the evolutions.
Not sure I understand your concern? Isn't this something they're doing as part of the release process, not somethings that happens on a developer's machine?
I couldn't see any mention of needing an internet link.
"Now we can diff the Go toolchain we’ve created on our Mac with the Go toolchain that Ubuntu ships:" [..]
"We’ve successfully reproduced the Ubuntu package’s executables" [..]
"Note in particular that we’ve reconstructed the toolchain binaries bit-for-bit: they do not show up in the diff at all. That is, we proved that the Ubuntu Go binaries correspond exactly to the upstream Go sources."
Also, for your own programs:
"For Go programs that don’t need cgo, a reproducible build is as simple as compiling with CGO_ENABLED=0 go build -trimpath. Disabling cgo removes the host C toolchain as a relevant input, and -trimpath removes the current directory"