Pāladhammika schreef op za 12-02-2022 om 16:21 [+0000]: Are they? The trustcrypto fork claims to be 12 commits ahead. > Even still it makes sense to use the fork that by trustcrypto > since they also produce the onlykey package, no? AFAICT the fork is exactly the same as upstream, except with a slightly different name, without any text in the README and with some docstrings, warnings and error messages tweaked. The only non-tweak commit appears to be , which seems a tiny change that should have been discussed upstream (maybe it's as simple as recognising both pairs of vendor_id/product_id). Also, no development seems to happen in the fork, development happens upstream. The fork does not appear to accept pull requests and there is no option for submitting an issue, whereas upstream does, so it seems that upstream has a much better community. Considering all this, this does not appear to be a fork in the sense that, say, XEmacs is a fork of Emacs. Instead, it appears to be pure branding -- and branding that will cause collisions in the profile at that if both upstream and the trustcrypto-branded variant are installed in the same profile, since the variant didn't change module names. As such, I do not see a reason to prefer the branded variant over upstream, and I would recommend not to, to prevent future problems (see profile collisions), to reduce the number of packages that need to be updated and to not cater to marketing. Greetings, Maxime.