Raspberry Pi OS has turned into spyware for M$:
And yes, they add M$'s repository key to APT's trusted database and add their repo to APT's repo list.
Or informing you via a NEWS file.
So now every time you do "apt[itude] update", M$ will know about it.
This is soo freaking bad.
You'd think that over the years they'd learn a bit on how #Debian works. But I guess not.
rpdom: "Repos should not be added to a system without permissions from the owner/administrator." 👌
jamesh (#RPF): "where do you draw the line on stuff changed during an install or upgrade." ... "Do you say 'No changes to configs at all' which basically makes updates not work?" 🤦♂️
Declare as conf file and use debconf.
@FreePietje The posts by "gsh" (Raspberry Pi Engineer & Forum Moderator) are also telling:
"So there's nothing wrong here, as other's say, it's just the repo, you don't have to install anything from it and we won't have a dependency on anything from Microsoft in the Debian / Raspbian or Raspberry Pi repositories"
That's complete horseshit. What if MS decides to host a "openssh-server" package in their repo with whitelisted MS keys? You know, to make life easier for their support employees.
It looks like the worst aspect, like you mentioned, may get addressed:
Several people explain, imo extremely polite, what is wrong with it and how to remedy that (including a DD mentioning using NEWS.Debian ;P) ... and that still got his feelings hurt.
But that he needs to be educated about these things, while he's been building/maintaining RPF deb packages for years now, is just sad.
@kekcoin @FreePietje it’s a bit different than what you are describing https://github.com/RPi-Distro/raspberrypi-sys-mods/issues/42 Debian devs have voiced concern and they have been heard.
@wa__em @FreePietje Do note the timeline; the first comment on that issue by the devs conceding there might be a bit of a problem (https://github.com/RPi-Distro/raspberrypi-sys-mods/issues/42#issuecomment-773407383) was posted after my remark here. So at the time of writing, my criticism was accurate.
I'm not going to excuse the way that they did it or their dismissive and belittling response to valid criticism.
I also stand by my point that they should have known and done better. Asking permission to add a 'random' repo is one of them.
I will not assume malice though.
I 'know' some more/longer then I can tell.
Bitcoin Maston Instance