- A program that you can run is generated based on some source code. The process of generating the program from the code is called building.
- verifiable build
- A build where a third party can verify the binary to match the source code is called verifiable.
- deterministic build
- If the build process does not depend on external factors such as time or machine it is run on, it deterministically results in the same output for the same input.
- reproducible build
- See deterministic build
- Android apps are distributed as files with the
.apk extension. It’s an install package that contains all the properties of the executable app.
- version pinning
- If an app wants to use features provided by a third party, that third party’s software is being loaded into the app. For deterministic builds it is essential that the third party’s “library” is specified by its exact version. The version has to be pinned.