I'm most excited for the partition and address translation support - partitions can be mapped to the same address for A/B boot slots (and it supports "try before you buy" to boot into a slot temporarily). No more compiling two copies for the A and B slots (at different addresses)!
You don't even need to download anything - if you're using a supported browser you can just use the web installer (you can even use another Android phone!): https://grapheneos.org/install/web
Any Chromium-based browser works including Edge included with Windows, Brave or our own Vanadium browser. Firefox may be gradually changing their mind about WebUSB. They added similar features they said they wouldn't such as MIDI. We would make some minor changes and test each revision in Firefox if we could, but they don't provide a way to do it.
GitHub themselves don't seem to provide any mechanism to make runners ephemeral. It looks like all they allow you to do is flag a runner as ephemeral, meaning it will be de-registered once a job is completed - you need to write your own tooling to wipe it yourself (either via starting a whole new runner in a new environment and registering that or wiping the existing runner and re-registering it).
I've just made runs-on [1] for that purpose: self-hosted, ephemeral runners for GitHub Action workflows. Long-running self-hosted runners are simply too risky if your project is public.
(1) disclosure, maintainer
(2) zero implicit trust in this case = no open inbound ports on underlay; need to access via app-specific overlay which requires strong identity, authN, authZ
reply