diff --git a/.bootc-dev-infra-commit.txt b/.bootc-dev-infra-commit.txt
index 5a7bdcd..a23c9fc 100644
--- a/.bootc-dev-infra-commit.txt
+++ b/.bootc-dev-infra-commit.txt
@@ -1 +1 @@
-e03327703622b506788369cbaef7ea5b4d61fb3d
+1c2a5bc48c08d077982cbae3bb9cd03e2923683a
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
index 26e62a2..678171b 100644
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -13,9 +13,17 @@
   },
   "features": {},
   "runArgs": [
-    // Because we want to be able to run podman and also use e.g. /dev/kvm
-    // among other things
-    "--privileged"
+    // In general we hope that the outer environment has set up
+    // a user namespace to keep this secure.
+    "--cap-add=all",
+    // Required for mounting /proc in nested user namespace
+    "--security-opt", "label=disable",
+    // Allows access to /proc paths needed for nested containers
+    "--security-opt", "unmask=/proc/*",
+    // Device access for nested containers and VMs
+    "--device", "/dev/net/tun",
+    // I always want KVM
+    "--device", "/dev/kvm"
   ],
   "postCreateCommand": {
     // Our init script
diff --git a/.github/actions/bootc-ubuntu-setup/action.yml b/.github/actions/bootc-ubuntu-setup/action.yml
index ad39f78..4548775 100644
--- a/.github/actions/bootc-ubuntu-setup/action.yml
+++ b/.github/actions/bootc-ubuntu-setup/action.yml
@@ -14,7 +14,8 @@ runs:
       run: |
         set -xeuo pipefail
         sudo df -h
-        unwanted_pkgs=('^aspnetcore-.*' '^dotnet-.*' '^llvm-.*' 'php.*' '^mongodb-.*' '^mysql-.*'
+        # Use globs for package patterns (apt and dpkg both support fnmatch globs)
+        unwanted_pkgs=('aspnetcore-*' 'dotnet-*' 'llvm-*' 'php*' 'mongodb-*' 'mysql-*'
                        azure-cli google-chrome-stable firefox mono-devel)
         unwanted_dirs=(/usr/share/dotnet /opt/ghc /usr/local/lib/android /opt/hostedtoolcache/CodeQL)
         # Start background removal operations as systemd units; if this causes
@@ -30,9 +31,12 @@ runs:
         for x in ${unwanted_dirs[@]}; do
           runcleanup rm -rf "$x"
         done
-        # Apt removals in foreground, as we can't parallelize these
+        # Apt removals in foreground, as we can't parallelize these.
+        # Only attempt removal if matching packages are installed.
         for x in ${unwanted_pkgs[@]}; do
-          /bin/time -f '%E %C' sudo apt-get remove -y $x
+          if dpkg -l "$x" >/dev/null 2>&1; then
+            /bin/time -f '%E %C' sudo apt-get remove -y "$x"
+          fi
         done
     # We really want support for heredocs
     - name: Update podman and install just
@@ -67,7 +71,7 @@ runs:
       shell: bash
       run: |
         set -xeuo pipefail
-        export BCVK_VERSION=0.9.0
+        export BCVK_VERSION=0.10.0
         # see https://github.com/bootc-dev/bcvk/issues/176
         /bin/time -f '%E %C' sudo apt install -y libkrb5-dev pkg-config libvirt-dev genisoimage qemu-utils qemu-kvm virtiofsd libvirt-daemon-system python3-virt-firmware
         # Something in the stack is overriding this, but we want session right now for bcvk
diff --git a/.github/workflows/openssf-scorecard-gate.yml b/.github/workflows/openssf-scorecard-gate.yml
new file mode 100644
index 0000000..830564a
--- /dev/null
+++ b/.github/workflows/openssf-scorecard-gate.yml
@@ -0,0 +1,28 @@
+# Gate PRs on OpenSSF Scorecard regressions.
+#
+# See also: https://github.com/ossf/scorecard/issues/1270
+name: OpenSSF Scorecard
+
+on:
+  pull_request:
+    branches:
+      - main
+
+permissions:
+  contents: read
+
+jobs:
+  scorecard:
+    name: Scorecard
+    runs-on: ubuntu-24.04
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v6
+        with:
+          fetch-depth: 0
+
+      - name: Check for regressions
+        uses: bootc-dev/actions/openssf-scorecard@main
+        with:
+          base-sha: ${{ github.event.pull_request.base.sha }}
+          head-sha: ${{ github.event.pull_request.head.sha }}
diff --git a/.github/workflows/openssf-scorecard.yml b/.github/workflows/openssf-scorecard.yml
deleted file mode 100644
index 314a0fa..0000000
--- a/.github/workflows/openssf-scorecard.yml
+++ /dev/null
@@ -1,50 +0,0 @@
-# Upstream https://github.com/ossf/scorecard/blob/main/.github/workflows/scorecard-analysis.yml
-# Tweaked to not pin actions by SHA digest as I think that's overkill noisy security theater.
-name: OpenSSF Scorecard analysis
-on:
-  push:
-    branches:
-      - main
-
-permissions: read-all
-
-jobs:
-  analysis:
-    name: Scorecard analysis
-    runs-on: ubuntu-24.04
-    permissions:
-      # Needed for Code scanning upload
-      security-events: write
-      # Needed for GitHub OIDC token if publish_results is true
-      id-token: write
-
-    steps:
-      - name: "Checkout code"
-        uses: actions/checkout@v6
-        with:
-          persist-credentials: false
-
-      - name: "Run analysis"
-        uses: ossf/scorecard-action@v2.4.3
-        with:
-          results_file: results.sarif
-          results_format: sarif
-          # Scorecard team runs a weekly scan of public GitHub repos,
-          # see https://github.com/ossf/scorecard#public-data.
-          # Setting `publish_results: true` helps us scale by leveraging your workflow to
-          # extract the results instead of relying on our own infrastructure to run scans.
-          # And it's free for you!
-          publish_results: true
-
-      - name: "Upload artifact"
-        uses: actions/upload-artifact@v6
-        with:
-          name: SARIF file
-          path: results.sarif
-          retention-days: 5
-
-      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@v4
-        with:
-          sarif_file: results.sarif
-