deeplow

Somehow I had missed the [switch from pip+venv to poetry](https://github.com/freedomofpress/securedrop-workstation/pull/1007). So as I understand `make venv` and associated commands is deprecated now and should be removed. Am I understanding correctly?

Awesome. I'm happy that this was closed as a "collateral benefit" of independent container updates :)

In the end, in 0.17.0 we ended up going with CTor instead of Arti. But given that we're leaning towards having it as a separate program and just use SOCKS,...

> > But given that we're leaning towards having it as a separate program and just use SOCKS, I don't think it matters for the completion of this task whether...

Update: release candidate is out and the in-place migration script is also done.

> As Debian Trixie and Qubes 4.3 are about to be released, we'll want to plan out the exact testing & release strategy in more detail. There's been a development...

### Revised Timeline EOLs and estimations: - **Debian 12 EOL:** 31 August 2026 (apparently Debian still has security updates for 2+ years after that, so we're good) - **Qubes 4.2...

Re-scoped this to be just about trixie. 4.3 is tracked as #1245.

I had not realized that Debian still had security updates 2+ years after the official EOL. Although we probably want to update it much sooner so users benefit from actually...

I wonder if this is what the `updateable` preference is for. [The docs](https://dev.qubes-os.org/projects/core-admin/en/latest/qubes-vm/qubesvm.html#qubes.vm.qubesvm.QubesVM.updateable) don't clarify much about the intended purpose: > **updateable** > True if this machine may be updated...