Sure. But besides reproducible builds it's impossible to know if the build is not manipulating the source code. So you got to trust the dev and the build environment
But it doesn't matter if the builds are reproducable if the source code contains malicious code.
Please Login to reply.
No replies yet.
