|
|
|
|
|
|
by humtum
2468 days ago
|
|
|
People care. Developers have limited registry options due to lock-in. Creating effective security processes across a massive ecosystem of open source developers is a difficult problem. Registries can't easily create security practices that fit into a heterogenous pool of oss governance and development models. Especially when implementing more rigorous security has the potential to diminish their network effects and developer productivity. Curious to see how npm, GitHub Package Manager, and others address these issues. |
|
|