|
|
|
|
|
|
by remram
1576 days ago
|
|
|
I plug this every time, but here goes: https://github.com/crev-dev/crev solves this by providing code reviews, scales via a web-of-trust model, and relies on cryptographic identities. That way, you can depend on a package without having to trust its maintainers and all future versions. |
|
|