It is not the same as COSMIC, but Krohnkite is very customizable and has like 9 tiling modes.

I have recently replaced COSMIC by KDE + Krohnkite on the newly released Debian 13.

After some tweaking of the key bindings, I managed to make it behave very similarly to COSMIC.

AFAICT, the only thing this attack relies on, is the lack of scrutiny by developers when adding new dependencies.

Unless this lack of scrutiny is exclusive to JavaScript ecosystem, then this attack could just as well have happened in Rust or Golang.

Something similar to Deno's permission system, but operating at a package level instead of a process level.

When declaring dependencies, you'd also declare the permissions of those dependencies. So a package like `tinycolor` would never need network or disk access.

My only concern is this: Android phones I tried to root so far will be "tainted" if I unlock the bootloader and can never go back to a state where it passes all checks.

I'm okay with losing access to Google wallet while using Graphene os (I can just use plain old credit cards), but I would like to have the option to revert it in the future.