V8.03.768.2025.06.18

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>

README.md

@@ -149,6 +149,13 @@ Example: `8.03.384.2025.06.03`
 Date (YYYY.MM.DD) denotes the build or release date, facilitating clear tracking of incremental changes and ensuring 
 reproducibility and traceability.
 
+### 1.6. Keywords
+
+The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED",
+"MAY", and "OPTIONAL" in this Repo are to be interpreted as described in [[BCP 14](https://www.rfc-editor.org/info/bcp14)], 
+[[RFC2119](https://datatracker.ietf.org/doc/html/rfc2119)], [[RFC8174](https://datatracker.ietf.org/doc/html/rfc8174)] when,
+and only when, they appear in all capitals, as shown here.
+
 # 2. Features & Rationale
 
 Below is a breakdown of each hardening component, with a summary of why each is critical to your security posture.

lib/lib_check_pkgs.sh

@@ -19,26 +19,26 @@ check_pkgs() {
   apt-get update -y
 
   if [[ -z "$(command -v lsb_release || true)" ]]; then
-    apt-get install --no-install-recommends lsb-release -y
+    apt-get install -y --no-install-recommends lsb-release
   fi
 
   if [[ -z "$(command -v debootstrap || true)" ]]; then
     if grep -RqsE '^[[:space:]]*deb .*backports' /etc/apt/sources.list /etc/apt/sources.list.d; then
       # shellcheck disable=SC2155
       declare codename=$(lsb_release -sc)
-      apt-get -t "${codename}-backports" install debootstrap -y
+      apt-get install -y -t "${codename}-backports" debootstrap
     else
-      apt-get install debootstrap -y
+      apt-get install -y debootstrap
     fi
   fi
 
   if [[ ! -f /usr/share/live/build/VERSION ]]; then
-    apt-get install live-build -y
+    apt-get install -y live-build
   fi
 
+  if [[ "${VAR_HANDLER_AUTOBUILD}" == false ]]; then
     if [[ -z "$(command -v dialog || true)" ]]; then
-    if ! $VAR_HANDLER_AUTOBUILD; then
+      apt-get install -y --no-install-recommends dialog
-      apt-get install --no-install-recommends dialog -y;
     fi
   fi