NOTE: Someone has already been selected to work on this task, but feel free to increase the bounty.
DUB, the D build tool and package manager, has become a critical component in the D ecosystem. A significant number of projects depend on it and we need it to be able to meet a wide range of project needs. To that end, there are certainly improvements to be made. One such is in how DUB determines which of a project's source files are in need of recompilation. Currently, DUB follows in the tradition of the venerable `make` and uses timestamp comparisons to make that determination.
A new generation of version control and build tools (git, buck, bazel, scons, waf, plz, and more) rely on file checksums to assess the need for action. This is a much more robust approach because it detects actual changes in file content. Timestamps can change in any number of irrelevant ways. Robustness is important if one is to depend on a build working properly even when files are moved, copied, and shared across people, machines, and teams. As hashes are fast to compute on modern hardware, the impact on speed is very low.
Symmetry Investments is offering a $2,000 bounty to the programmer who either converts DUB's use of timestamp-dependent builds to use SHA-1 hashing throughout, or implements it as a global option to preserve the current behavior.
For inspiration, see this clip from Linus Torvald's Google talk, and the article Build-Systems Should Use Hashes Over Timestamps.