+* adjust OOM score slightly for journald
+
+* beef up hibernation to optionally do swapon/swapoff immediately before/after
+ the hibernation
+
+* beef up s2h to implement a battery watch loop: instead of entering
+ hibernation unconditionally after coming back from resume make a decision
+ based on the battery load level: if battery level is above a specific
+ threshold, go to suspend again, only hibernate if below it. This means we'd
+ stick to suspend usually, but fall back to hibernation only when battery runs
+ empty (well, subject to our sampling interval). Related to this, check if we
+ can make ACPI _BTP (i.e. /sys/class/power_supply/*/alarm) work for us too,
+ i.e. see if it can wake up machines from suspend, so that we could resume
+ automatically when the system is low on power and move automatically to
+ hibernation mode. (see
+ https://uefi.org/sites/default/files/resources/ACPI%206_2_A_Sept29.pdf
+ section 10.2.2.8 and
+ https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/modern-standby-wake-sources
+ at the end).
+
+* add an explicit "vertical" mode to format-table, so that "systemctl
+ status"-like outputs (i.e. with a series of field names left and values
+ right) become genuine first class citizens, and we gain automatic, sane JSON
+ output for them.
+
+* dissector: invoke fsck on the file systems we encounter, after all ext4 is
+ still pretty popular (and we mount the ESP too with it after all, which is
+ fat)
+
+* systemd-firstboot: teach it dissector magic, so that you can point it to some
+ disk image and it will just set everything in it all behind the scenes.
+
+* systemd-firstboot: add --force mode that replaces existing configuration.
+
+* We should probably replace /var/log/README, /etc/rc.d/README with symlinks
+ that are linked to these places instead of copied. After all they are
+ constant vendor data.
+
+* maybe add kernel cmdline params: 1) to force first-boot mode + 2) to force
+ random seed crediting
+
+* nspawn: on cgroupsv1 issue cgroup empty handler process based on host events,
+ so that we make cgroup agent logic safe
+
+* nspawn/machined: add API to invoke binary in container, then use that as
+ fallback in "machinectl shell"
+
+* logind: rework pam_logind to also do a bus call in case of invocation from
+ user@.service, which returns the XDG_RUNTIME_DIR value, and make this
+ behaviour selectable via pam module option.
+
+* introduce a new per-process uuid, similar to the boot id, the machine id, the
+ invocation id, that is derived from process creds, specifically a hashed
+ combination of AT_RANDOM + getpid() + the starttime from
+ /proc/self/status. Then add these ids implicitly when logging. Deriving this
+ uuid from these three things has the benefit that it can be derived easily
+ from /proc/$PID/ in a stable, and unique way that changes on both fork() and
+ exec().
+
+* let's not GC a unit while its ratelimits are still pending
+