Done
@dthompson

Calling on all #FOSS developers to give up on #GitHub.

https://giveupgithub.org

#giveUpGithub #git #gitlab

> I"m not sure if many other projects do like Guix and record the checksum of the whole repository so as to ensure reproducibility purely from source.

If the packager chooses to use the official tarball as "the source", validating the checksum would not have helped. :-( Also whether it's always possible to run running autoreconf depends on the content of the tarball.

Which brings me to the (preliminary) conclusion that we'd better use repos as source of trust
@lispi314 @AndresFreundTec @glyph

Regarding guix: This is is a huge effort, still work in process, anyhow great progress has been achieved in the last months and years. Read more about this at https://guix.gnu.org/de/blog/2023/the-full-source-bootstrap-building-from-source-all-the-way-down/

Regarding #nix, I don't know whether they actually try since they even include blobs provided by others (e.g. proprietary software).
@ahelwer

Hallo @campact
Danke für die Einladung zum Förder.innen-Treffen.

Aber warum findet das Treffen auf Zoom statt? Damit schließt Ihr Menschen aus, denen ihre Grundrechte wichtig sind.

Verwendet statt dessen Alternativen wie #BigBlueButton oder @OpenTalkMeeting

Wie Ihr sicher mitbekommen habt, hat Zoom dieses Jahr einen #BigBrotherAward bekommen: https://bigbrotherawards.de/2023/zoom. Eigentlich ging der Negativpreis allerdings an z.B. Euch, die Ihr Eure Förderinnen nötigt, auf ihre Grundrechte zu verzichten.