https://bugs.kde.org/show_bug.cgi?id=447403
Bug ID: 447403
Summary: Feature request - show which repo an install is coming
from
Product: Discover
Version: 5.23.4
Platform: Other
OS: Linux
Status: REPORTED
Severity: normal
Priority: NOR
Component: discover
Assignee: lei...@leinir.dk
Reporter: k...@flavor8.com
CC: aleix...@kde.org
Target Milestone: ---
PPAs are for better or worse widespread. (To my understanding) if a PPA were to
be compromised, an attacker could introduce packages outside of the core scope
of the PPA (e.g. somebody could introduce a backdoored version of systemd via a
pipewire PPA). For this reason, it'd be useful if Discover shows which repo a
package update is coming from, to give the user a chance to see something
unusual.
--
You are receiving this mail because:
You are watching all bug changes.
