The double-build check ran both passes on the same runner/daemon/filesystem —
any non-determinism it could catch is already eliminated by the build pins
(SOURCE_DATE_EPOCH, compiler digest, pinned deps). Replace with a single build
that prints the binary SHA256 for external verification.
SVG: add Sigma Prime brand color background (#CC00A0), white logo mark.
Co-Authored-By: Claude Sonnet 4 <noreply@anthropic.com>
- Replace docker-reproducible.yml with reproducible.yml which produces
three artifacts per arch: Docker image, binary tarball, and AppImage
- Use a single multi-arch index digest in Dockerfile.reproducible as the
sole version tag to maintain; Makefile and CI no longer carry their own
per-arch image references
- Add packaging/appimage/ template (AppRun, .desktop, lighthouse.svg)
Co-Authored-By: Claude Sonnet 4 <noreply@anthropic.com>
