port Whonix package build process to Qubes package build process


ID: 709
PHID: PHID-TASK-xmlqbnogfgjjdoawzbm4
Author: Patrick
Status at Migration Time: open
Priority at Migration Time: Normal


That would help with automation. More frequent updates. Then git tag signing, deterministic builds and release quality assurance would be sorted out.


All packages not coming from Debian like Tor Browser (not packaged at all) and Tor (newer versions from deb.torproject.org) is a major non-fun hassle maintenance burden.

  • watch upstream package updates
  • upload to developers repository
  • test
  • upload to testers repository
  • have testers test it
  • upload to proposed-stable repository
  • have testers test it
  • upload to stable repository

Since all of this needs mental resources, time, remembering things, and cannot be done in connected working hours (since time has to pass), it’s a major hassle.

Most of the time, no issues are caught. But if there was an issue, it could be huge, such as:

  • Tor no longer connecting, requesting all users to apply manual steps to solve it
  • apt-get package management is broken dependency state



2019-02-14 23:20:08 UTC