On Sun, 31 Mar 2024 at 13:55, Christopher Klooz py0xc3@posteo.net wrote: [..] BTW all that scandal with xz backdoor. Looks like if fedora spec file would be using not
Source0: https://github.com/tukaani-project/%%7Bname%7D/releases/download/v%%7Bversio...
but
Source0: https://github.com/tukaani-project/%%7Bname%7D/archive/v%%7Bversion%7D/%%7Bn...
It would be no issue.
kloczek