Y
Hacker News
new
|
ask
|
show
|
jobs
by
p932
2107 days ago
How this pattern/toolset protect against supply chain compromises of the dependencies used to build the "Datadog Agent" itself?
1 comments
trishankdatadog
2107 days ago
Apply pattern/toolset recursively. Software supply chain problems largely eventually solved this way.
link
p932
2107 days ago
Is there any initiative in this direction towards applying this pattern on big dependency management tools (e.g maven, pip, npm)?
link
trishankdatadog
2105 days ago
Yes, please see PEP 458:
https://www.python.org/dev/peps/pep-0458/
link