Generally all of our Rust code are reproducible. If you build it in a fixed
path, and also use
SOURCE_DATE_EPOCH environment variable, the final library
or executables will be producible. This is really helpful, for example while
building cryptography python wheel, I can keep building it in a
reproducible way even with the Rust dependencies.
A few days ago I saw shadow-rs, which can
provide a lot of build time information. For example, in
khata now I have a way to tell if I am
using any custom build and also identify which one. I was a bit worried as
shadow allows to store the build time too, but later found that the community
already put in the patches so that it follows
So, I can still have reproducibility if I use the same build toolchain and environment while depending on shadow. Here is some example code for you to play around.