Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
p932
on Sept 4, 2020
|
parent
|
context
|
favorite
| on:
Software supply chain security
How this pattern/toolset protect against supply chain compromises of the dependencies used to build the "Datadog Agent" itself?
trishankdatadog
on Sept 4, 2020
[–]
Apply pattern/toolset recursively. Software supply chain problems largely eventually solved this way.
p932
on Sept 4, 2020
|
parent
[–]
Is there any initiative in this direction towards applying this pattern on big dependency management tools (e.g maven, pip, npm)?
trishankdatadog
on Sept 6, 2020
|
root
|
parent
[–]
Yes, please see PEP 458:
https://www.python.org/dev/peps/pep-0458/
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
