The Journey to Reproducible OpenJDK builds at Eclipse Adoptium
Level of Knowledge: Beginner
- Why do we need Reproducible Builds?
- Provides confidence to the consumer of high quality binaries
- Secure Supply Chains
- How does a reproducible OpenJDK build achieve this?
- Open source binary validation
- System Bill of Materials (SBOM)
- We know exactly what was used to build a binary
- Eclipse Adoptium leveraging standards for secure supply chains
- CycloneDX SBOM
- Secure Software Development Framework