Not quite. Those are trackers: lists of bugs. If you open one, you’ll see a list of individual package bugs that are blocking these ones—up to a couple of dozen unresolved in some cases. Still, it isn’t that long a list, and a lot of the packages are minor or obscure.

A standalone utility for decoding QR codes that will work on a desktop. All I want is to be able to put a picture of the code in and get whatever text it was concealing in a little text box where I can read it, and C&P it if it’s useful to do so. If something like this exists, I’ve never been able to find it, although there are seemingly dozens of programs for generating QR codes.

. . . until something in the stack requires a significant kernel upgrade, and then you’re stuck.

What exactly is the point of stable release? I don’t need everything pinned to specific versions—I’m not running a major corporate web service that needs a 99.9999% uptime guarantee—and Internet security is a moving target that requires constant updates.

Security and bug fixes—especially bug fixes, in my experience—are a good enough reason to go rolling-release even if you don’t usually need bleeding-edge features in your software.

I think part of what you’re missing may be a set of very old assumptions about where the danger is coming from.

Linux was modeled after UNIX, and much of its core software was ported from other UNIX versions, or at least written in imitation of their utilities. UNIX was designed to be installed on large pre-Internet multi-user mainframe+dumb terminal systems in industry or post-secondary education. So there’s an underlying assumption that a system is likely to have multiple human users, most of whom are not involved in maintaining the system, some of whom may be hostile to each other or to the owner of the system (think student pranks or disgruntled employees), and they all log in at once. Under those circumstances, users need to be protected from each other, and the system needs to be protected from malicious users. That’s where the system of user and root passwords is coming from: it’s trying to deal with an internal threat model, although separating some software into its own accounts also allows the system to be deployed against external threats. Over the years, other things have been layered on top of the base model, but if you scratch the paint off, you’ll find it there underneath.

Windows, on the other hand, was built for PCs, and more or less assumes that only one user can be logged in to a machine at a time. Windows security is concerned almost entirely with external threats: viruses and other malware, remote access, etc. User-versus-user situations are a very minor concern. It’s also a much more recent creation—Windows had essentially no security until the Internet had become well-established and Microsoft’s poor early choices about macros and scripts came back to bite them on the buttocks.

So it isn’t so much that one is more secure than the other as that they started with different threat models and come from different periods of computing history.

I think you’re using obsolete closed-source drivers that require external patches for each new kernel version. So the situation is entirely Broadcom’s fault.

From the Gentoo ebuild for broadcom-sta:

If you are stuck using this unmaintained driver (likely in a MacBook), you may be interested to know that a newer compatible wireless card is supported by the in-tree brcmfmac driver. It has a model number BCM943602CS and is for sale on the second hand market for less than 20 USD.

Github is only used to mirror the main repo (which is on gitweb.gentoo.org). I assume that was done to attract driveby patches and reduce load from Portage git syncs on the Gentoo servers.

It broke a bash script that’s going to be gone within a month. The continuous integration stack in Gentoo (which probably doesn’t do quite what you think it does) is basically a stack of bash hacks that causes as many problems as it solves, so it’s being retired. ( relevant gentoo-dev ML thread )

When I first installed Gentoo, it was because it was one of only around three distros that supported x86_64 at the time. Yes, that was a long time ago.

I’ve kept it as a daily driver for a number of reasons. First, because I’m a control freak, and Gentoo goes out of its way to allow me to select exactly the packages I want, and gives me access to all the knobs and switches that other distros may hide in the name of user-friendliness.

Second, because once installed it’s surprisingly solid and trouble-free—Portage is an excellent (if slow) package manager that, judging from what I’ve heard from people running other distros, is better than the average at preventing breakage, and since it’s rolling-release there are no whole-distro upgrades to complicate things. I ran one system on rolling updates for 17 years without reinstalling, and it was still pretty much up-to-date on all packages when I retired it back in March—try that with Ubuntu. (The replacement system also runs Gentoo.)

Thirdly, I’ve been with Gentoo for so long that I know how to create packages, unbork a system that I’ve messed up by doing something really stupid, and various other tricks. If I went to another distro, I’d have to relearn much of that from scratch.

(A fourth reason for some might be that it supports a wider range of CPU architectures than any other distro except possibly Debian.)