Comment by lrvick

Comment by lrvick a day ago

Unlike Nix and Guix, Stagex goes much further in that it has a 100% mandate on supply chain integrity. It trusts no single maintainer or computer and disallows any binary blobs. It is thus not possible to package any software that cannot be bootstrapped, reproduced, and signed by at least two maintainers.

Haskell and Ada are the only languages not possible for us to support, or any software built with them.

Everything else is just fine though.

I do hope both languages address this though, as it is blocking a lot of important open source software like pandoc or coreboot from being used in security critical environments.

frumplestlatz a day ago

How are you bootstrapping a modern C compiler without an existing C/C++ compiler and linker?

Reply View 3 replies

lrvick a day ago

From 180 bytes of human readable machine code all the way up.
https://codeberg.org/stagex/stagex/src/branch/main/packages/...

Reply View | 0 replies
degamad a day ago

In assembly, like stage0 does: https://github.com/oriansj/stage0

Reply View | 1 reply
- lrvick a day ago
  
  Technically it is raw x86 machine code in hexadecimal, a scheme called "hex0"
  
  Reply View | 0 replies