When software isn’t a “supply”
3y agoen
Source
SnykWhen software isn’t a “supply”snyk.ioThe following think piece, written by Snyk’s Open Source and Open Standards Strategy Director, Daniel Appelquist, examines the origin of the term “supply chain security” and whether it’s a good fit for today’s open source software development process.
You might also wanna read
Supply Chain Attacks on Open-Source Software: Case Study of Malicious Pull Request Attempts
The article discusses recent supply chain attacks on open-source software projects like LiteLLM and axios, with a specific case study of att
A brief (irreverent) history of software supply chain security from the 1990s to the AI era
A humorous, irreverent historical retrospective on software supply chain security, tracing the evolution from the late 1990s (when the autho
AWS well-architected best practices for software supply chain security
This article discusses software supply chain security best practices in the context of recent npm Registry attacks (Shai-Hulud, Chalk/Debug,
What Changes When Your Software Supply Chain Includes AI Writing Your Code?
BackBox.org·1d ago
What Changes When Your Software Supply Chain Includes AI Writing Your Code?
thehackernews.com·1d ago
Microsoft's Role in NPM Supply Chain Security Risks and Historical Parallels
The article criticizes Microsoft as a "bad actor" and threat to software development companies, drawing parallels between current NPM supply
tane.dev·9mo ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.