On 2022-07-11, Vagrant Cascadian wrote: > I hear Efraim say better to have unique randomness and no substitutes, > and I hear Tobias say more or less it's ok as long as upstream is right > about it being ok to embed a specific prime as other random numbers get > mixed in at runtime...
Well, now that I hit send already, I guess another option is ... to have both? One package without patches that is not substitutable and not reproducible, and one with patches that is verifyably reproducible and substitutable? live well, vagrant
signature.asc
Description: PGP signature
