I don’t think those are sufficient. We could prove that a given binary can be produced from a given repo commit, but that doesn’t actually ensure that the code itself is safe. Malicious code is malicious code even if it’s reproducible.