CalyxOS is back

Post Syndicated from jzb original https://lwn.net/Articles/1081038/

In August 2025, the CalyxOS privacy-focused
Android distribution announced
that it was pausing all releases while it reworked its
release process, security protocols, and changed its signing keys
following the departure of one of its founders. The project has now announced
that it is “officially back from the hiatus” with the
7.2.2.0 release.

CalyxOS 7.2.2.0 is signed by us using a new
HSM-based, open-source signing solution
we designed to enhance the
security of the entire signing process, ensure redundancy, and remove
single points of failure. You can verify CalyxOS 7.2.2.0 and future
builds following these
instructions
. For anyone who is interested, the security audit
report of the HSM provisioning ceremony script can be found here.

In addition, we also went through significant infrastructure
improvements. In particular, we have set up a cleaner server structure
to streamline each release. In response to Google’s less frequent AOSP
source code releases, our team developed scripts to reduce the
overhead in applying monthly patches and updates. Please keep in mind,
additional manual steps are still needed to compensate for AOSP
changes, such as requesting and storing kernel sources with each
update. Currently, our lead engineer is continuing the maintenance of
the base device trees for both LineageOS and CalyxOS to bridge the gap
created by the absence of Google Pixel device trees.