| ▲ | lrvick 5 days ago | ||||||||||||||||||||||
Unlike Nix and Guix, Stagex goes much further in that it has a 100% mandate on supply chain integrity. It trusts no single maintainer or computer and disallows any binary blobs. It is thus not possible to package any software that cannot be bootstrapped, reproduced, and signed by at least two maintainers. Haskell and Ada are the only languages not possible for us to support, or any software built with them. Everything else is just fine though. I do hope both languages address this though, as it is blocking a lot of important open source software like pandoc or coreboot from being used in security critical environments. | |||||||||||||||||||||||
| ▲ | frumplestlatz 5 days ago | parent [-] | ||||||||||||||||||||||
How are you bootstrapping a modern C compiler without an existing C/C++ compiler and linker? | |||||||||||||||||||||||
| |||||||||||||||||||||||