Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

consider how the xz supply-chain attack occurred 2 years ago [0]. the malware isn't auditable with a `git clone` as easily as you might want.

[0] https://research.swtch.com/xz-timeline



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: