actually, i somewhat ponder whether the harassment i got to add a maintainer to ifupdown-ng was part of a XZ-type attack from an APT
because, you know, compromising a tool that runs as root in early boot and configures things like VPNs is probably a valuable target