Demi Marie Obenour

Also, this is not . It’s a serious legal problem.

> Rpm actually already verifies signatures _if present_ by default since 4.0 or thereabouts, but it doesn't _require_ them. Enforcing is supported since >= 4.14.2 and we also have the...

> > Personally, I would consider being able to disable this on a per-package basis a good idea, but it isn’t a blocker. > > How is `--nosignature` failing to...

Are the tarballs signed by Element?

@t3chguy I think this would allow dropping the Debian package altogether, rather than requiring an additional platform to be maintained. Right now, someone who is using a non-Debian-based distro has...

Tarballs are not integrated with any GUI software installer and do not have an automatic update mechanism, so they are a very poor user experience. That’s why so many people...

> Created #6905 to specifically address EOL concerns. Are there other scenarios that qualify as requiring critical action? To handle this issue separately, it would help a great deal to...

> Are you proposing changing the default compression algorithm used by qvm-backup? Yes, for performance reasons. Zstd has better compression and compresses faster.

> > > Are you proposing changing the default compression algorithm used by qvm-backup? > > > > > > Yes, for performance reasons. Zstd has better compression and compresses...

It depends on whether one trusts Linux to be secure against an untrusted host. Linux does not implement SEV-SNP restricted injection, so this is arguable.