Question for the beautiful people out there who main guixsd: did guix's whole reproducible builds thing prevent the xz backdoor? I heard it was only present in binaries from the maintainer, so #guix should be immune right?
@aeva it was only (fully) present in _source tarballs_ from maintainer (but not in the repo), so that depends on where guix was getting its sources from.