(post :title "Bootstrappable builds" (page (p [To have trust in our computing platforms, we should be able to tell how each part was produced from source. This would allow us to feel confident that the system is built on good foundations.]) (p [Compilers are often written in the language they are compiling. This creates a chicken-and-egg problem that leads users and distributors to rely on opaque, pre-built binaries of those compilers that they use to build newer versions of the compiler.]) (p [We believe that opaque binaries are a threat to user security and user freedom since they are not auditable; we believe the amount of bootstrap binaries should be minimized.]) (h2 [Motivation]) (p [If you are not yet convinced that having to trust unauditable binaries in your system is bad, you might find this ,(anchor "discussion of possible exploits and dangers" "motivation.html") interesting.]) (h2 [Benefits]) (p [This is nice, but what are the ,(em [actual]) benefits of “bootstrappable” implementations? ,(anchor "Find out what additional benefits" "benefits.html") there are to achieving bootstrappable builds.]) (h2 [Best practises]) (p [Are you developing or contributing to software that is affected by the bootstrapping problem? Here we list ,(anchor "best practises and practical examples" "best-practises.html") that can help you pull yourself up by your own bootstraps.]) (h2 [Collaboration projects]) (p [To solve bootstrapping problems in existing compilers and build systems requires collaboration. Here is a ,(anchor "list of long-term high-impact projects" "projects.html") that we would like to work on collaboratively.])))