From 5a2028320272222921d00aac17672475571d816e Mon Sep 17 00:00:00 2001
From: Debanjum Singh Solanky <debanjum@gmail.com>
Date: Wed, 17 Aug 2022 19:53:44 +0300
Subject: [PATCH] Set Pyinstaller, Pip environment to create reproducible
 builds of Khoj

- Dependency Version Pinning
  - First level dependency versions have been pinned.
  - Transitive dependencies have not been specified yet

- Testing
  - The Pyinstaller build has been only minimally tested for reproducibility
  - The Khoj package generated for PyPi have not been tested for reproducibility

- References
  - https://reproducible-builds.org/docs/source-date-epoch/
  - https://pyinstaller.org/en/stable/advanced-topics.html#creating-a-reproducible-build
---
 .github/workflows/publish.yml | 4 ++++
 .github/workflows/release.yml | 4 ++++
 setup.py                      | 2 +-
 3 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 1f36d0b8..176e03e2 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -45,6 +45,10 @@ jobs:
           TWINE_USERNAME: __token__
           TWINE_PASSWORD: ${{ secrets.PYPI_API_KEY }}
         run: |
+          # Setup Environment for Reproducible Builds
+          export PYTHONHASHSEED=42
+          export SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct
+
           rm -rf dist
           python -m build
           twine check dist/*
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index cc2d5382..0a672e37 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -47,6 +47,10 @@ jobs:
       - name: Package Khoj App
         shell: bash
         run: |
+          # Setup Environment for Reproducible Builds
+          export PYTHONHASHSEED=42
+          export SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct
+
           pyinstaller Khoj.spec
           if [ "$RUNNER_OS" == "Windows" ]; then
             mv dist/Khoj.exe dist/khoj_"$GITHUB_REF_NAME"_amd64.exe
diff --git a/setup.py b/setup.py
index 3af246e9..a8640aa3 100644
--- a/setup.py
+++ b/setup.py
@@ -36,7 +36,7 @@ setup(
         "jinja2 == 3.1.2",
         "pyyaml == 6.0",
         "pytest == 7.1.2",
-        "pillow >= 9.0.1",
+        "pillow == 9.2.0",
         "aiofiles == 0.8.0",
         "dateparser == 1.1.1",
         "pyqt6 == 6.3.1",