Kevin O'Gorman
Kevin O'Gorman
Sounds like it will still work with volumes created under Sequoia - that might be worth verifying if we have anyone running that.
I'd go for sequoia-nodejs via IPC, safest is good. Since encryption operations are pretty rare (compared to decryption of synced messages) added overhead's not likely to be a problem.
I've mentioned it elsewhere, but IMO the less we have accessible in-browser the better. The rationale for having bindings for only a subset of sequoia's functionality for the server applications...
To be revisited as part of key management in general
Also relevant to: https://github.com/freedomofpress/securedrop-workstation/issues/524
Leaving open for now - intent is to reduce used of mocks wherever we can. It might be worth doing a pass through tests and eliminating the former pattern altogether.
Still an open issue. With the move to bookworm journald is also in the picture so this needs to be reviewed.
Leaving open for now, further discussion required. One improvement here would be better support in Qubes for locking down the state of individual VMs.
Flagging for @deeplow - also @rocodes who had some thoughts on how to monitor system state.
Worth revisiting - choosing a different built-in XFCE theme and updating the config seems pretty straightforward. Flagged for @tina-ux's attention