Installing the tor from deb.torproject.org is great because it gives us more recent versions of Tor. Which has versions closer to the one included in TBB.
At one point this was even required:
The problem with deb.torproject.org is that it is a too fast moving target, i.e. a new release of Tor might break Whonix for all users. Could happen when they change something related to the systemd service or so.
The responsible way would be to download Tor from deb.torproject.org and to upload it to the Whonix repository.
I could not think of yet how this gets together with builds from source code. (You cannot run apt-get update from postinst scripts.)
automate download (verification) and adding to Whonix local / remote apt repository(done) disable TPO sources.list on existing installations using whonix-legacy remove TPO signing key on existing installations using whonix-legacy(happens during deb.torproject.org-keyring package removal Debian maintainer prerm script) actually upload TPO packages to Whonix repository more comments in /etc/apt/sources.list.d/torproject.list anon-shared-build-apt-sources-tpo to more easily add experimental versions of Tor usability feature for testers output torproject repo in use: cat /etc/apt/sources.list.d/torproject.list | grep -v '#' | grep deb
output of Tor version