Aside: I wonder if AI code inspection and review could be put in place to detect xz-like malicious changes to the supply chain for major distros.
Guix bootstraps (in 2023, no clue about now) from a 357-byte program. You audit the bytecode.
Aside: I wonder if AI code inspection and review could be put in place to detect xz-like malicious changes to the supply chain for major distros.