Open source strikes again

Question

Open source strikes again

Gabriel Taylor

Attached: pp.png (1030x802, 140.58K)

May 25, 2022 - 16:54

Other urls found in this thread:

theregister.com/2022/05/24/pypi_ctx_package_compromised/
drewdevault.com/2022/05/12/Supply-chain-when-will-we-learn.html
twitter.com/NSFWRedditVideo

Ryder Clark

>php ass
don't say you weren't warned

May 25, 2022 - 16:56

Jeremiah Hall

here's something better than the twitter shit
theregister.com/2022/05/24/pypi_ctx_package_compromised/

Attached: 1631399826506.png (1032x2249, 468.37K)

May 25, 2022 - 16:59

Jacob Hill

this is why i write my own libraries

May 25, 2022 - 17:00

Angel Brooks

LOL

May 25, 2022 - 17:00

Jonathan Howard

>trusting python
Doesn't this keep happening?

May 25, 2022 - 17:01

Hudson Walker

>Doesn't this keep happening?
with npm, yes. its not as common with pip

May 25, 2022 - 17:03

Zachary Ramirez

Debian solved the packaging issue some 30 years ago
creating a different package manager for each tech stack and having devs also be maintainers was a terrible idea
we're stuck with more security issues and killed the LTS model by design simple people just keep pushing shiny new stuff (tm) instead of making a stable release and pushing security patches to it

May 25, 2022 - 17:03

Noah Phillips

I see
Still people need to do research I've always had a fear of these third party package mangers because by design they make it easy to fuck people over

May 25, 2022 - 17:05

Parker Taylor

Add it to the list
drewdevault.com/2022/05/12/Supply-chain-when-will-we-learn.html

May 25, 2022 - 17:06

1 2 3 Next

Open source strikes again

Last threads