I love XFCE but I use MATE's Caja file manager on mine.

No. Neither Intel or AMD provide microcode which meets Debian's definition of "free" so CPU microcode is non-free:

https://wiki.debian.org/Microcode

You might consider that your CPU is already running non-free microcode provided by your non-free motherboard BIOS.

If you have one of these CPUs, it's literally impossible for you not to run some non-free components.

All you're doing is exposing yourself to vulnerabilities in old microcode.

aiui apt will compare downloads from repositories against the repository signing key, whereas downloading a deb and installing it manually with dpkg bypasses that.

So theoretically the Debian website could get compromised and provide you a malicious deb package. That has happened to other Linux distros before so it's not entirely unrealistic.

Practically I think that's very unlikely.

I know apt has the --download option if you'd like to fetch deb packages on the commandline, though I'm not sure if apt compares the package with the key during this process. I hope it does. You could probably run apt in verbose mode and hopefully see this happen.

Some references:

• https://askubuntu.com/questions/131397/what-is-a-repository-key-under-ubuntu-and-how-do-they-work
• https://wiki.debian.org/SecureApt

I don't care but it's annoying that they won't put a normal application name into $PATH.

There is a denied GitHub Issue for it but I can't be bothered finding it. It'll never happen so it doesn't matter.

It is pretty nice but ultimately it's just Debian with a slightly different package set and a theme. You can boot the regular live image and set the theme to Adwaita-dark and there's not really much difference.

What you wish for is how I use make. Off the top of my head, something like this:

EXEC = programname
SOURCES = $(wildcard *.c)
OBJECTS = $(SOURCES:.c=.o)

all: $(EXEC)

$(EXEC): $(OBJECTS)

%.o: %.c %.h

.PHONY: all clean

clean:
        rm -f $(EXEC) $(OBJECTS)

Then just run make and it compiles and links all .c files into the executable. Each .c file needs a .h with the same name. Remove the %.h if you don't like that requirement.

From memory you might need a .c and .h file with the same name as the executable.

Perhaps quiet has been made quieter. Try removing quiet and see if you get the messages you want?

I remove quiet from all my systems.

If you're using Flatpak then you'll be using their Mesa, which is updated with the runtime. You can also use Mesa-git which is updated much more frequently.

I am doing this and not worrying about the Debian installed Mesa.