New comment by Chocimier on void-packages repository

https://github.com/void-linux/void-packages/pull/30588#issuecomment-830230405

Comment:
1. I enjoy seeing effort to increase build reproducibility.
2. Ericonr is right that presence of `source-revisions` increases reproducibility, as it provides information on what dependencies, build tools and packaging tools, including xbps-src build-style and hooks, all affecting resulting package, was used. However guarantee of mismatching checksum of packages built from different commits, even if diff is unrelated to package, may still pose a problem.
3. Some packages will still come out identical even without reproducing every dependency recursively since foundation of distro. As I understand, this PR aims to assess is it closer 5 or 75 percent of packages.
4. How do you plan to use this hook? Is it filling variable locally, then observing hook messages on builder? Is it to store historical checksums in source repository? I am asking, because we already collect checksum of packages in binary repo, as sig files. If your workflow could be reversed to verify official signatures against packages reproduced outside of builders, then all packages are already checksummed, and this hook may be not necessary.