Adapting kicksecure's derivative repository to .buildinfo (Reproducible Builds) [Forky]

Hi Kicksecure team,

I wanted to ask whether there are any plans to add .buildinfo files to the Kicksecure package repository.

As many here may know, forky has stated that .buildinfo will become a strict requirement for Debian packages going forward. While this requirement does not apply to third-party repositories that users add manually, it would be great if Kicksecure could align with this direction for the sake of uniformity.

Having .buildinfo available would bring Kicksecure closer to achieving full reproducible builds in the near future, which could then be independently verified through services like rebuilderd.

Is this something that is already on the roadmap, or would the project consider adopting or keeping an eye on it to see where it goes?

Thanks for all the great work on Kicksecure!

I would guess this probably won’t happen for Trixie, but if it’s a thing for Forky and archive management software doesn’t make it prohibitively difficult to implement, it might be a good idea once Forky is released and we port to it.

dpkg-buildpackage calls dpkg-genbuildinfo. And reprepro supports includebuildinfos.

So we might get this in Debian forky almost for free.