|
|
|
|
|
|
by octoberfranklin
245 days ago
|
|
|
Yes of course, and nixpkgs (nixos) already does, although unfortunately not for this particular package. The XZ backdoor was possible because people stick generated code (autoconf's output), which is totally impractical to audit, into the source tarballs. In nixpkgs, all you have to do is add `autoreconfHook` to the `nativeBuildInputs` and all that stuff gets regenerated at build time. Sadly this is not the default behavior yet. |
|
|