|
|
|
|
|
|
by raesene9
2639 days ago
|
|
|
gems don't, NPM doesn't, PyPI doesn't, NuGet doesn't.... you get the picture. Basically all apps using package repo's (i.e. all of them) are relying on massive piles of unaudited 3rd party code with usually no idea of provenance. |
|
|