I’m not dismissive of you - I’m drawing a line under what I consider
to be fruitless discussion. I’ve given my take on Solene’s points, and I
dont believe they stand.
In any case, as I pointed out very early on, the initial question
rests on a false premise: that the number of people in the core team
is the number of people working on Qubes. This is just false.
If the question is “how can we get more people to contribute without
compromising security?” that’s a different question, and we could discuss
various strategies. We will obviously have different views on what will
work, and on what stops people contributing now.
There’s a difference between being able to set up a working build
environment and being able to build templates or Qubes itself. You have
not made this distinction clear.
It is possible to build a Qubes system with qubesbulder2 - after all,
the iso is there to be used. The main templates are all build able in a
straight forward way ( at least using qubes executor), as well as
contributed templates. That’s how I am able to create custom templates
like Parrot and BlackArch, available from 3isec
Most people who want to contribute should be able to get to work on
specific packages with minimum fuss. If they are concerned about
JavaScript I have proposed a method for avoiding GitHub registration. Or
3isec could offer a GitHub registration service.
I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.