Comment by whirlwin
2 days ago
So bubblewrap is the community medicine to this issue. But isn't it funny that we're now trusting a single GH user (although allegedly a RH employee) for the supply chain security? Imagine bubblewrap itself being compromised.
Now you trust a single GH user rather than a company. Fair enough. I just think it's very paradoxical.
No comments yet
Contribute on Hacker News ↗