Hi Guix! I think one of the things where Guix could be better is security / ensuring CVEs are fixed quickly.
In 76819 I developped some missing functionality in the CVE linter, so that it will be easier to get proper missing libraries. A few ideas/questions to advance on that : - there are still a lot of linted CVEs for toolchains (former go versions etc) that users should in principle not be exposed to. Should we handle or ignore those? - Maybe having a team or a responsible person for this is a good idea. - A good practice could be to setup a daily job to get notified of all CVEs, so that we can quickly handle them. -- Best regards, Nicolas Graves
