• wkk
      link
      58 hours ago

      Python with PyPI, C# with Nuget, Docker with Dockerhub, Java with Maven Central, hell even just regular Linux packages from dodgy repositories…

      Supply chain attacks concern almost everything everyone everywhere.

      • moxOP
        link
        fedilink
        34 hours ago

        This is one of the more important reasons to minimize dependencies and be very picky about the ones we adopt.