- Update to Fedora 41;
- Change default Fedora template to Xfce variant;
- Enforce Fedora based formulas to depend on a chain that always has the
correct management disposable set. For 'qubes-builder,' it requires
'mgmt', which requires 'fedora-minimal', which requires 'fedora-xfce';
- Cleanup salt patch necessary on version 39 and 40.
- Update base templates when stale before being cloned to derivative
templates.
- Remove non-essential bootstrap formulas from requirements. Dom0 was
never required, but very recommended, templates were required because
it was best to update them on their formula before generating outdated
clones of it.
Fix: https://github.com/ben-grande/qusal/issues/108
Fix: https://github.com/ben-grande/qusal/issues/57
GPGME can be relevant for client applications such as Thunderbird.
Pinentry can be relevant for the server side, but it is way less tested
in split-gpg2 and discouraged to be used.
For: https://github.com/ben-grande/qusal/issues/83
Only way to have a unified markdown syntax is to enforce the wanted
syntax by linting the files. Don't rely on the many markdown syntaxes,
be consistent.
Ability to read the program's manual from the terminal is much better
than to ask the user to search the manual page on the internet, we
already trust the installed program and documentation, but we should not
trust every manual page on the internet.
Updates happens multiple times, normally 2 to 3, even if we consider a
state without includes. On states with multiple includes, it could
easily get approximately 10 updates being ran. This behavior leads to
unnecessary network bandwidth being spent and more time to run the
installation state. When the connection is slow and not using the
cacher, such as torified connections on Whonix, the installation can
occurs much faster.
Adding external repositories has to be done prior to update to ensure it
is also fetched.
Fixes: https://github.com/ben-grande/qusal/issues/29
Split-gpg V1 allowed for querying public keys, but as split-gpg2 is
running as an agent, public keys are not queried. Allowing connection to
the server to query only public parts of the key exposes the server more
than needed to the client.
All clients now have to hold the public key they need locally in order
to do GPG operations.
