• Lung
    link
    229 months ago

    Very generous to imagine that maintainers have so much time on their hands

    • @rockSlayer
      link
      10
      edit-2
      9 months ago

      Bug fixes can be delayed for a security sweep. One of the quicker ways that come to mind is checking the hash between built from source and the tarball

      • Lung
        link
        169 months ago

        The whole point here is that the build process was infiltrated - so you’d have to remake the build system yourself to compare, and that’s not a task that can be automated