|
|
|
|
|
|
by itsgrimetime
579 days ago
|
|
|
> Why invest so much time and money in a feature that prevents such a small percentage of data breaches ... Because it's a tractable problem that these devs can solve - and just because they're working on this doesn't meant they (or others) aren't also working on the other things. > It doesn't matter that you can cryptographically verify that a package came from a given commit if ... Sure, but just because it doesn't solve every single problem doesn't mean it's not worthwhile |
|
|