The Seven Voyages Of Steve on Nostr: Every week there’s an article about the high vulnerability of package managers to ...
Every week there’s an article about the high vulnerability of package managers to supply chain attacks and I’m just amazed it’s taken this long for people to figure out that routinely auto-pulling 500 disparate third party libraries unseen into your project is a terrible idea
Published at
2024-07-02 11:56:01Event JSON
{
"id": "f5c85a3951a6e4b6072213da2afcbe1643f9d7e06a2e1768f1e554debb9655c3",
"pubkey": "e13b1fe1c99f88b18eca2b7381198bb9e8a8de2774de2f2a80663e261706dc42",
"created_at": 1719921361,
"kind": 1,
"tags": [
[
"proxy",
"https://mastodon.gamedev.place/@sinbad/112716766342737192",
"web"
],
[
"proxy",
"https://mastodon.gamedev.place/users/sinbad/statuses/112716766342737192",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://mastodon.gamedev.place/users/sinbad/statuses/112716766342737192",
"pink.momostr"
],
[
"expiration",
"1722594438"
]
],
"content": "Every week there’s an article about the high vulnerability of package managers to supply chain attacks and I’m just amazed it’s taken this long for people to figure out that routinely auto-pulling 500 disparate third party libraries unseen into your project is a terrible idea",
"sig": "a9797ff5fbe8d29637485bc3b8991d3f4f6c2b01fdf85826ea52994f865528eb9210e74a6866953739beab5e5715c28c8d84c83379f87b785752f2830c05cb6f"
}
