VOOZH

URL: https://www.phoronix.com/news/Debian-debaudit

⇱ debauit Announced As Debian Source Package Auditor - Phoronix

👁 Phoronix

Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

debauit Announced As Debian Source Package Auditor

Written by Michael Larabel in Debian on 13 March 2026 at 05:48 PM EDT. 11 Comments

Announced today was debaudit, a new set of tools and services designed to verify the integrity and reproducibility of Debian source packages.

Debaudit was developed wit hthe intent of helping to secure the software supply chain used to build Debian binary packages. Debaudit consists of upstream2orig, git2dsc, and git2orig. The upstream2orig verifies the upstream tarball found in Debian is a faithful representation of the original source code from upstream. The git2sc helps verify the source packages from the Vcs-Git repository matches the source package in the Debian archive. Lastly, git2orig verifies the original tarball generated from the repository matches the original tarball in the archive.

👁 Debaudit diagram

The debaudit.debian.net project site explains:

"Ensuring that the source code in Debian matches its upstream or version control origins is fundamental for software supply chain security and reproducible builds. It helps with guaranteeing that the software hasn't been maliciously altered during the packaging process."

Today's release announcement of Debaudit can be read on debian-devel-announce.

11 Comments

Debian 13.5 Released To Ship The Latest Linux Security Fixes

Debian Release Team: Debian Must Now Ship Reproducible Packages

New Debian Project Leader Elected For 2026

Debian Is Figuring Out How Age Verification Laws Will Impact It

Debian 13.4 Released With Dozens Of Fixes

Debian Still Debating AI Contributions Plus A Need For More Diverse Contributors

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Arch Linux Now Believes Malware Incident Under Control: More Than 1,500 Affected Packages

ReactOS "Open-Source Windows" Reaches The Milestone Of Being Able To Run Half-Life

macOS 27 Beta Breaks The Ability To Boot Asahi Linux

Arch Linux's AUR Sees More Than 400 Packages Compromised With Malware

Arch Linux AUR Hit By Another Wave Of Now More Sophisticated Malware Attack

Russian Spam & Profanities Are Now Plaguing The Arch Linux AUR

YSERVER: Modern X11 Server Written In Rust With The Help Of Claude Code

AMD Opens Pre-Orders For The Linux-Friendly Ryzen AI Halo Developer Platform

Support Phoronix
While Having Ad-Free Browsing,
Single-Page Article Viewing

Legal Disclaimer, Privacy Policy, Cookies | | Contact
Copyright © 2004 - 2026 by Phoronix Media.
All trademarks used are properties of their respective owners. All rights reserved.