Comment by joshka 13 hours ago Yeah, this seems like a very smart but inherently flawed idea. 2 comments joshka Reply cypherpunks01 13 hours ago Yes I agree! OSS package management ecosystems are a great idea, but allowing submissions without any review or vetting is just asking for supply chain attacks. Xss3 13 hours ago May as well just release an executable tbh.
cypherpunks01 13 hours ago Yes I agree! OSS package management ecosystems are a great idea, but allowing submissions without any review or vetting is just asking for supply chain attacks.
Yes I agree! OSS package management ecosystems are a great idea, but allowing submissions without any review or vetting is just asking for supply chain attacks.
May as well just release an executable tbh.