this post was submitted on 28 Sep 2024
884 points (98.7% liked)

Technology

60076 readers
4105 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 

We are excited to announce that Arch Linux is entering into a direct collaboration with Valve. Valve is generously providing backing for two critical projects that will have a huge impact on our distribution: a build service infrastructure and a secure signing enclave. By supporting work on a freelance basis for these topics, Valve enables us to work on them without being limited solely by the free time of our volunteers.

This opportunity allows us to address some of the biggest outstanding challenges we have been facing for a while. The collaboration will speed-up the progress that would otherwise take much longer for us to achieve, and will ultimately unblock us from finally pursuing some of our planned endeavors. We are incredibly grateful for Valve to make this possible and for their explicit commitment to help and support Arch Linux.

These projects will follow our usual development and consensus-building workflows. [RFCs] will be created for any wide-ranging changes. Discussions on this mailing list as well as issue, milestone and epic planning in our GitLab will provide transparency and insight into the work. We believe this collaboration will greatly benefit Arch Linux, and are looking forward to share further development on this mailing list as work progresses.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 2 months ago

And given that experience I of course did not follow up with another thread, just to experience the same thing.

If they had commented in the new thread, suspension would be definite. IMO, locking it would be a good choice, since if that user commented on the new thread, they's very likely to be stalking you and have a concrete reason to get punished. I'm sure the only disruptive user got a formal warning.

As for being unable to report, that's because of default policies by Discourse, the forum software used by EOS: You can only flag posts after reading 30 posts across 5 topics for 10 minutes. The Manjaro forums use the same forums and configuration. (Not as in exactly the same, just the same on this front.)

It lists a bunch of inconsequential things when it comes to the distro.

You seem to have skipped over the part about shipping the M1 kernel 3 days after its first demo with bugs. They then PR'd a commit they obviously did not understand to archlinuxarm, a much smaller project unaffilated with ARM, causing breakage. This was in October 2022.

The SSL certificates of their websites I really don't give a damn about but people then keep saying "yeah but if they are sloppy there then...", without being able to provide examples where the distro was ever affected by it.

The SSL certificate expiring means you are not able to connect to Manjaro servers to update anything. No Manjaro packages at all can be upgraded or installed while the SSL certificate's expired. That's pretty big.

And if you're super paranoid, just update the AUR when Manjaro updates.

But when Manjaro gives you updates from two weeks prior, AUR gives you new updates from today.

Holding updates does not make the system more secureHolding all updates for two weeks is just a dumb design choice:

They do have a different testing system now—with a good justification of being quite a different system from Arch—where all updates are pushed to a test branch and errors are caught, supposedly. I say supposedly because that did not stop the AUR being DDOS'd for the 2nd time under the same exact system in 2021.

This is all on top on the fact that Manjaro has officially said that they are not Arch, albeit based on Arch. Though at the end of the day, anyone is of course free to use whatever they wants. Manjaro has done some wonderful work for everyone. It's just I need to wait until at least 2028 to trust it.