Fedora As A Qubes Dependency(Supply Chain Attack)

Doesn’t the fact that Fedora is a QubesOS dependency, and it doesn’t have reproducible builds

make Fedora susceptible to a supply chain attack?

Wouldn’t the fact that Debian has reproducible builds make it a better candidate as the default template
instead of fedora?

1 Like

How is this not a duplicate of your other thread?

1 Like