feat: add --seed flag for deterministic manifest UUID

Adds a --seed CLI flag to 'generate' that derives a deterministic UUID
from the seed value by hashing it 1,000,000,000 times with SHA-256.
This makes manifest generation fully reproducible when the same seed
and input files are provided.

- Builder.SetSeed(seed) method for programmatic use
- deriveSeedUUID() extracted for testability
- MFER_SEED env var also supported
- Test with reduced iteration count for speed

internal/cli/gen.go

@@ -25,6 +25,12 @@ func (mfa *CLIApp) generateManifestOperation(ctx *cli.Context) error {
 		Fs:              mfa.Fs,
 	}
 
+	// Set seed for deterministic UUID if provided
+	if seed := ctx.String("seed"); seed != "" {
+		opts.Seed = seed
+		log.Infof("using deterministic seed for manifest UUID")
+	}
+
 	// Set up signing options if sign-key is provided
 	if signKey := ctx.String("sign-key"); signKey != "" {
 		opts.SigningOptions = &mfer.SigningOptions{

internal/cli/mfer.go

@@ -154,6 +154,11 @@ func (mfa *CLIApp) run(args []string) {
 						Usage:   "GPG key ID to sign the manifest with",
 						EnvVars: []string{"MFER_SIGN_KEY"},
 					},
+					&cli.StringFlag{
+						Name:    "seed",
+						Usage:   "Seed value for deterministic manifest UUID (hashed 1B times with SHA-256)",
+						EnvVars: []string{"MFER_SEED"},
+					},
 				),
 			},
 			{

mfer/builder.go

@@ -92,6 +92,26 @@ type Builder struct {
 	fixedUUID      []byte // if set, use this UUID instead of generating one
 }
 
+// seedIterations is the number of SHA-256 rounds used to derive a UUID from a seed.
+const seedIterations = 1_000_000_000
+
+// SetSeed derives a deterministic UUID from the given seed string.
+// The seed is hashed 1,000,000,000 times with SHA-256 to produce
+// 16 bytes used as a fixed UUID for the manifest.
+func (b *Builder) SetSeed(seed string) {
+	b.fixedUUID = deriveSeedUUID(seed, seedIterations)
+}
+
+// deriveSeedUUID hashes the seed string n times with SHA-256
+// and returns the first 16 bytes as a UUID.
+func deriveSeedUUID(seed string, iterations int) []byte {
+	hash := sha256.Sum256([]byte(seed))
+	for i := 1; i < iterations; i++ {
+		hash = sha256.Sum256(hash[:])
+	}
+	return hash[:16]
+}
+
 // NewBuilder creates a new Builder.
 func NewBuilder() *Builder {
 	return &Builder{

mfer/builder_test.go

@@ -150,6 +150,17 @@ func TestBuilderDeterministicOutput(t *testing.T) {
 	assert.Equal(t, out1, out2, "two builds with same input should produce byte-identical output")
 }
 
+func TestDeriveSeedUUID(t *testing.T) {
+	// Use a small iteration count for testing (production uses 1B)
+	uuid1 := deriveSeedUUID("test-seed-value", 1000)
+	uuid2 := deriveSeedUUID("test-seed-value", 1000)
+	assert.Equal(t, uuid1, uuid2, "same seed should produce same UUID")
+	assert.Len(t, uuid1, 16, "UUID should be 16 bytes")
+
+	uuid3 := deriveSeedUUID("different-seed", 1000)
+	assert.NotEqual(t, uuid1, uuid3, "different seeds should produce different UUIDs")
+}
+
 func TestBuilderBuildEmpty(t *testing.T) {
 	b := NewBuilder()
 

mfer/scanner.go

@@ -47,6 +47,7 @@ type ScannerOptions struct {
 	FollowSymLinks  bool            // Resolve symlinks instead of skipping them
 	Fs              afero.Fs        // Filesystem to use, defaults to OsFs if nil
 	SigningOptions  *SigningOptions // GPG signing options (nil = no signing)
+	Seed            string          // If set, derive a deterministic UUID from this seed
 }
 
 // FileEntry represents a file that has been enumerated.
@@ -276,6 +277,9 @@ func (s *Scanner) ToManifest(ctx context.Context, w io.Writer, progress chan<- S
 	if s.options.SigningOptions != nil {
 		builder.SetSigningOptions(s.options.SigningOptions)
 	}
+	if s.options.Seed != "" {
+		builder.SetSeed(s.options.Seed)
+	}
 
 	var scannedFiles FileCount
 	var scannedBytes FileSize