단일 실패 지점을 제거하도록 설계된 Linux 배포판

How StageX compares | StageX | Guix | Debian | Arch | Nix | Yocto | Buildroot | Chimera | Alpine | Fedora | | |---|---|---|---|---|---|---|---|---|---|---| | Trust model Decentralized: No single system or individual is trusted Centralized: One single system or individual is trusted Distributed: All members of a system or organization are trusted | Decentralized | Distributed | Distributed | Distributed | Centralized | Centralized | Centralized | Centralized | Centralized | Centralized | | OCI OCI (Open Container Initiative) defines standard formats and runtimes for containers. Native: OCI layers serve as the native package management system Exported: Can export OCI images from a non-OCI build system Published: Provides officially published OCI images | Native | Exported | Published | Published | Exported | Exported | Exported | Published | Published | Published | | Language Domain‑specific language used for package build definitions. | Containerfile | Custom | Custom | Shell | Custom | Custom | Makefile | Python | Shell | Custom | | Bootstrapped Can the entire distro be full-source bootsrapped from Stage0? | Yes | Yes | No | No | Partial | No | No | No | No | No | | Reproducible Is the entire distro reproducible bit-for-bit identically? | Yes | Mostly | Mostly | Mostly | Mostly | No | No | No | No | No | | Toolchain base | LLVM | GNU | GNU | GNU | GNU | GNU | GNU | LLVM | GNU | GNU | | C standard library | musl | glibc | glibc | glibc | glibc | glibc | glibc | musl | musl | glibc | | Memory allocator | mallocng | glibc | glibc | glibc | glibc | glibc | glibc | mimalloc | mallocng | glibc | | StageX | Guix | Debian | Arch | Nix | Yocto | Buildroot | Chimera | Alpine | Fedora | | |---|---|---|---|---|---|---|---|---|---|---| | Trust model Decentralized: No single system or individual is trusted Centralized: One single system or individual is trusted Distributed: All members of a system or organization are trusted | Decentralized | Distributed | Distributed | Distributed | Centralized | Centralized | Centralized | Centralized | Centralized | Centralized | | OCI OCI (Open Container Initiative) defines standard formats and runtimes for containers. Native: OCI layers serve as the native package management system Exported: Can export OCI images from a non-OCI build system Published: Provides officially published OCI images | Native | Exported | Published | Published | Exported | Exported | Exported | Published | Published | Published | | Language Domain‑specific language used for package build definitions. | Containerfile | Custom | Custom | Shell | Custom | Custom | Makefile | Python | Shell | Custom | | Bootstrapped Can the entire distro be full-source bootsrapped from Stage0? | Yes | Yes | No | No | Partial | No | No | No | No | No | | Reproducible Is the entire distro reproducible bit-for-bit identically? | Yes | Mostly | Mostly | Mostly | Mostly | No | No | No | No | No | | Toolchain base | LLVM | GNU | GNU | GNU | GNU | GNU | GNU | LLVM | GNU | GNU | | C standard library | musl | glibc | glibc | glibc | glibc | glibc | glibc | musl | musl | glibc | | Memory allocator | mallocng | glibc | glibc | glibc | glibc | glibc | glibc | mimalloc | mallocng | glibc | Built for verifiable infrastructure $ curl -s https://codeberg.org/stagex/stagex/raw/branch/main/packages/bootstrap/stage0/hex0-seed | hexdump > 457f 464c 0101 0301 0000 0000 0000 0000 0002 0003 0001 0000 804c 0804 002c 0000 0000 0000 0000 0000 0034 0020 0001 0000 0000 0000 8000 0804 8000 0804 00b5 0000 00b5 0000 0001 0000 0001 0000 5b58 315b 6ac9 5805 cd99 5b80 6650 41b9 6602 c0ba 6a01 5805 80cd 4299 3197 89ed 4ed6 895b 6ae1 5803 80cd 8553 75c0 4005 db31 80cd 018a 0a3c e574 f685 e475 233c df74 3b3c db74 302c 0a2c 0872 072c df24 073c ce73 e5c1 0404 010a f7c5 7cdf 89c3 8929 b0fb cd04 eb80 00b4 Full-source bootstrapped StageX is bootstrapped entirely from source, so nothing depends on unverified binaries. Only fully bootstrappable software, including programming languages, is allowed. - A &1 ; \ | grep Good \ | cut -d\ -f5- >"Ryan Heywood " [ultimate] "Daniel Grove " [ultimate] "Lance Vick " [ultimate] "Anton Livaja " [ultimate] Multi-signed Distributed trust, cryptographically enforced. Every change and artifact in StageX is independently attested. - Every commit is signed by its author. - Every merge is signed by a reviewer. - Every artifact is signed by multiple maintainers. - All signatures use hardware-backed PGP keys. - Signatures follow the OCI container-signing standard. - Native multi-sig validation in containerd. Container-native Built on Open Container Initiative (OCI) standards for seamless integration with your existing workflows. - StageX uses the OCI packaging standard instead of yet another custom manager. - Every "package" is an OCI layer. - Easily lock any combination of build dependencies to SHA-256 hashes. - Build your project's Containerfile with any OCI-compatible runtime you prefer. FROM stagex/pallet-gcc COPY int main() { printf("Hell