George Hotelling on Nostr: Can a #WordPress plugin use the `upgrader_pre_install` hook to check if the version ...
Can a #WordPress plugin use the `upgrader_pre_install` hook to check if the version downloaded by the updater is cryptographically signed?
If so, that seems like a good way to mitigate supply-chain attacks if a central updating system gets compromised. It's frustrating that cyber-security takes away time from feature development, but you can't be too safe these days.
https://www.crowdstrike.com/en-us/cybersecurity-101/cyberattacks/supply-chain-attack/
If so, that seems like a good way to mitigate supply-chain attacks if a central updating system gets compromised. It's frustrating that cyber-security takes away time from feature development, but you can't be too safe these days.
https://www.crowdstrike.com/en-us/cybersecurity-101/cyberattacks/supply-chain-attack/