sudo apt dist-upgrade on Whonix-Gateway 15.0.0.4.9 results installation of the following extra packages:
firmware-linux-free gstreamer1.0-libav libass9 libavfilter7
libbs2b0 libfftw3-double3 libflite1 liblilv-0-0 libmysofa0 libnorm1
libpgm-5.2-0 libpostproc55 librubberband2 libsamplerate0 libserd-0-0
libsodium23 libsord-0-0 libsratom-0-0 libvidstab1.1 libzmq5
Using apt with --no-install-recommends could prevent that.
I.e. using sudo apt --no-install-recommends dist-upgrade could prevent that.
Should we encourage users to use apt dist-upgrade with --no-install-recommends in user documentation?
Should upgrade-nonroot use --no-install-recommends?
Also “often” it is useful to use apt install with --no-install-recommends.
I.e. apt –no-install-recommends install pkg-name`.
It would be possible to set --no-install-recommends thorugh an /etc/apt/apt.conf.d drop-in configuration snippet too.
File /etc/apt/apt.conf.d/no-install-recommends
APT::Install-Recommends "0";
But I am vary of doing this since this would break things that usually work. Since --install-recommends is Debian default. For example, package build-essential Recommends: some packages which are often required to compile software.