[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Do we want to talk about the value of Distribution Curating in the context of Open Source Supply Chain Issues

The latest is

Unfortunately, I've seen this  turning into generally negative stories
on open source supply chain reliability.

I think that Debian tends to have a great response to such supply chain
trust.  Namely we build a community, and typically multiple people are
involved in getting software into Debian.

As a consequence, we aren't able to package everything.
But I think we are much less likely to run into these sort of supply
chain attacks.
Mind, not impossible.
But I think it would be good to talk about the advantages of Debian in
this space.

Any thoughts/interest?


Reply to: