Mastodon Feed
Reblogged by nadim@symbolic.software ("Nadim Kobeissi"):
carrotcypher@fosstodon.org wrote:
@nadim this is a real problem. Not only do we not consider this from a supply chain sustainability standpoint, but we also don’t consider audits as a mandatory part of development like we should in the FOSS community.