Is there such a thing as a Multisig APT Repository?
So multiple signatures would be needed to release updates should for example, @Patrick be detained and forced to sign malicious scripts? (And who would be brave enough to hold a key?)
Do warrant canaries (https://en.wikipedia.org/wiki/Warrant_canary) work? Couldn’t an adversay force you to issue an “all ok”?