Public transparency

Linux 7.0.1 — security & supply chain

What Alfred verifies in git, what still depends on your builder, and where the full technical write-ups live on GoForge. Honest scope for auditors and the public.

What we do not claim

No “every CVE in 7.0.1” list inside the Alfred OS repo — that set is not finite over time, and the full kernel tree is built out of tree, not vendored in the live-build repository.
We do not run a full static analysis of Linus’s tree from the small Alfred integration repo alone; heavy scanning belongs on the extracted kernel tree (private builder or a dedicated kernel mirror + CI on GoForge).

What we do ship — integrity & trust boundaries

Download integrity: scripts/kernel-download-7.0.1.sh fetches linux-7.0.1.tar.xz and patch-7.0.1.xz from cdn.kernel.org over HTTPS and verifies SHA256 against sha256sums.asc before you unpack (skip only with an explicit env flag — not for production ISOs).
ISO trust model: published checksums + GPG on sums; staging sync before lb build; hooks 0050 (kernel package gate), 0160 (sysctl / audit / modules), 0710 (do not replace Alfred kernel with Debian meta). See verification flow at /verify and apps at /apps.
Explicit ownership of other supply-chain edges: host KERNEL_WORK, Docker bind mounts, gitignored .deb binaries, staged tarballs (e.g. liboqs), and Kconfig defaults when no Alfred .config is supplied — all documented in the manifests below.

GoForge — canonical technical documents (AGPL source)

These are the same files shipped in the Alfred Linux repository; raw links follow the GoForge …/raw/branch/main/docs/… layout. If a link 404s after a rename, open the repo tree and browse docs/.

GoForge infrastructure upgrade Security manifest Supply-chain & trojan-path audit ISO staging ship gaps ISO completeness covenant + risk register

Bigger picture — where full kernel audit runs

Alfred repo = integration, hooks, live-build staging, download verification.
Kernel audit = separate pipeline: extracted linux-7.0.1 on a trusted host or a second GoForge repo whose CI checks out or unpacks Linux and runs scanners (sparse, checkstack, distro checklist, SBOM). That is workflow + runner capacity you define — not something a forge UI refresh replaces.
When “upgrade GoForge” actually helps: bigger runners (disk/RAM for the full tree + ccache), first-class Actions (or equivalent pipelines), artifacts for logs/SARIF/deb hashes, registry/LFS if you mirror sources — optionally a dedicated heavy repo so Alfred PRs stay fast.
Roadmap bar: Alfred’s forge is aimed at self-hosted seriousness — kernel-sized jobs, sovereign infra, and release integrity without depending on a single proprietary SaaS ceiling. Beating GitHub (and “every competitor”) is earned in shipped runner scale + pipeline ergonomics + trust tooling, not in themes alone.