Y
Hacker News
new
|
ask
|
show
|
jobs
by
soneil
177 days ago
This was one of the "lessons learnt" from the XZ incident. One of the (many) steps they took to avoid scrutiny was modifications that existed in the real tarball but not the repo.