Compiling your own packages only ensures that, well, you’re running packages that you compiled. This definitely does not mean that your computer is running what you intend at all.
Half the time I don’t know what my CPU is executing, and that’s code that I wrote myself.
Most of the reason to build your own packages is a form of runtime assurance - to know what your computer is running is 100% what you intend.
At least as a guix user that’s what I tell myself.
Compiling your own packages only ensures that, well, you’re running packages that you compiled. This definitely does not mean that your computer is running what you intend at all.
Half the time I don’t know what my CPU is executing, and that’s code that I wrote myself.
This is true of all programming