• wkk@lemmy.world
      link
      fedilink
      arrow-up
      7
      ·
      14 hours ago

      Python with PyPI, C# with Nuget, Docker with Dockerhub, Java with Maven Central, hell even just regular Linux packages from dodgy repositories…

      Supply chain attacks concern almost everything everyone everywhere.

      • mox@lemmy.sdf.orgOP
        link
        fedilink
        arrow-up
        3
        ·
        10 hours ago

        This is one of the more important reasons to minimize dependencies and be very picky about the ones we adopt.