Y
Hacker News
new
|
ask
|
show
|
jobs
by
enigmo
149 days ago
you pull packages from a trusted package repository, not from the internet. this is not rare in my experience (financial services, security) and will become increasingly common due to software supply chain issues.