Emphasis was on significant
.
It would be quicker to list the ones that are insignificant…
https://github.com/secureblue/Trivalent/blob/ffdc92ee42e54403788d1855f9ac57927ee24572/patches/add-feature-to-disable-pdf-javascript.patch
https://github.com/secureblue/Trivalent/blob/ffdc92ee42e54403788d1855f9ac57927ee24572/patches/build-hardening.patch
https://github.com/secureblue/Trivalent/blob/ffdc92ee42e54403788d1855f9ac57927ee24572/patches/default-disable-3d-apis.patch
https://github.com/secureblue/Trivalent/blob/ffdc92ee42e54403788d1855f9ac57927ee24572/patches/disable-gssapi-to-enable-network-service-sandbox.patch
https://github.com/secureblue/Trivalent/blob/ffdc92ee42e54403788d1855f9ac57927ee24572/patches/enable-audio-service-sandbox.patch
https://github.com/secureblue/Trivalent/blob/ffdc92ee42e54403788d1855f9ac57927ee24572/patches/enable-network-service-sandbox.patch
https://github.com/secureblue/Trivalent/blob/ffdc92ee42e54403788d1855f9ac57927ee24572/patches/linux-gpu-sandbox.patch
https://github.com/secureblue/Trivalent/blob/ffdc92ee42e54403788d1855f9ac57927ee24572/patches/revert-upstream-Revert-clearing-javascript-JIT-site-settings.patch
https://github.com/secureblue/Trivalent/blob/ffdc92ee42e54403788d1855f9ac57927ee24572/patches/revert-130-optimizer-jit-change.patch
https://github.com/secureblue/Trivalent/blob/ffdc92ee42e54403788d1855f9ac57927ee24572/vanadium_patches/0008-switch-to-fstack-protector-strong.patch
https://github.com/secureblue/Trivalent/blob/ffdc92ee42e54403788d1855f9ac57927ee24572/vanadium_patches/0009-enable-fwrapv-in-Clang-for-non-UBSan-builds.patch
etc…
Is this really a problem since it is written in Rust?
Yes, Rust isn’t a panacea.