Nit: there’s nothing “cryptographic” about reproducible builds.
reply“Reproducible build” already usually implies bit-by-bit reproducibility.
I meant with Nix you're comparing hashes. With Docker, you're using pinned versions
replyi thought it mainly implied architectural/hardware compatibility and deterministic output
replyNix is also great at work. You keep the server nix code in the same repo and OpenCode can just change and test server config.
reply