Kunal Mehta

apt (and this was backported to focal) now protects the latest 2 kernels: https://askubuntu.com/questions/620266/how-does-apt-decide-how-many-old-kernels-to-keep - this makes things a lot simpler and from my testing today, the plan should work!!...

This was resolved a while back.

deb-tests-1 is now running unconditionally and is much slower because it does 2 builds and diffoscopes them. But when I made that change, it was roughly at the same speed...

> and we'd probably also try the policy out on a component repo before deploying on the SecureDrop repo Yeah, I think the [securedrop-builder](https://github.com/freedomofpress/securedrop-builder) repository is probably what would get...

@cfm has proposed a workaround of sorts in https://github.com/freedomofpress/securedrop/pull/7181.

Could you expand on what the edge-cases are? Or like, what would you like to see the HTML look like, but the templating isn't allowing?

I've been testing this over the past day on a few hundred tracks in different configurations: all offline, all online, and "shitty internet" where requests randomly fail (>.>); haven't encountered...

> That said, I don't know if Fedora applies security updates in a similar manner after a project has reached EOL upstream Usually they do, but it can take longer,...

I would suggest doing kinda what I outlined in https://github.com/freedomofpress/dangerzone/issues/323#issuecomment-1485548943, run `python3 setup.py --command-packages=stdeb.command sdist_dsc` as a one-time thing, commit the generated `debian/`, and then build the package using the...

> Turns out that these two base images do differ from each other, albeit in small ways. Still, using the (seemingly working) Fedora image from `registry.fedoraproject.org/fedora` does not fix this...