|
|
|
|
|
|
by jcass8695
89 days ago
|
|
|
It is a bit of a leap. They are saying that if you are using uv, then you likely have a broad set of dependencies because you require a dependency management tool, therefore you are more susceptible to a supply chain attack by virtue of having a wider attack surface. |
|
|
To me personally this idea still sounds a bit off - but as a heuristic it might have some merit in certain circumstances.