This is very true. Once you get used to the Arch model: everything up to date, no big release upgrades, AUR, everything else seems inferior.https://twitter.com/burntsushi5/status/1222225990728003587 …
Hmm I think a lot of security stuff is overblown for the average threat model and causes all sorts of busy work for theoretical issues. The project has worked fine nearly 2 decades. If issues arise I’ll reevaluate then.
-
-
The problem is that with such lack of auditability, it is rather hard to know if something has happened or is happening already.
-
I can’t find a lot of details on how packages are built but I have found references to a build server. There’s also an effort to implement reproducible builds. https://wiki.archlinux.org/index.php/DeveloperWiki:ReproducibleBuilds …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.