|
|
|
|
|
|
by trimethylpurine
74 days ago
|
|
|
I'm not sure I follow. How does an integrity check help when the source is compromised? The developer doesn't know that their repo is compromised. They continue posting legitimate hashes because the repo is legitimately compromised. |
|
|