<oriansj>xentrac: ultimately a sshfs mount to a fault-tolerant volume ended up being a better solution for my usecase. Looking forward to btrfs raid1c4 to hit Debian Stable <Hagfish>i guess someone had to try that eventually <civodul>it's very much focused on the distribution of binaries <civodul>i think it's more fruitful to focus on reproducible builds, provenance tracking, and building everything from source <Hagfish>the comments by NYKevin and Foxboron seem to better understand the importance of something like rekor (and Reproducible Builds) <Hagfish>it's a pity that the Fedora community themselves aren't very interested in that (or even in signing repo metadata) <oriansj>Hagfish: well it might end up useful or just end up another deadend. Only time will tell. <oriansj>pabs3: looks like another misguided attempt to avoid reproducible builds to me. Signing keys might keep the little bad guys from doing damage but not those with First World Nation State intelligence agencies. <oriansj>falsification that is cheap is the only way to catch malicious tampering of binaries. With all sources of non-reproducibility hunted down, documented and systematically destroyed. ***stikonas_ is now known as stikonas
***stikonas_ is now known as stikonas
<Hagfish>i wonder if they've thought about compiling tcc on it, or something <oriansj>siraben: if one goes far back enough in the logs, you'll discover that akkartik actually used to be on #bootstrappable. Although the lack of memory safety and "incremental accountability" were the differences which resulted in them leaving. <oriansj>I can't blame them, it is extremely hard to have memory safety when one is working with individual bytes in memory on an architecture(s) that don't support memory safety beyound paging protection bits. <oriansj>but I believe the leaving was on good terms for all parties involved.