[pjmlp]

Attack vectors and supply chain, every piece of the puzzle matters.

There is no accident that folks like Oxide go through the trouble to control the whole stack, hardware, software, programming language toolchains they are using, only working with vendors that provide them every single documentation and customisation points they need.

Unfortunely we lack an European Oxide.

[jeffrallen]

They use Go and Rust. If Oxide thinks they can keep the supply chain risks of their langiage ecosystems under control, I think the rest of us can too.

[pjmlp]

Yes, and are in the position of maintaining their own forks if needed, or doing reviews when updating them.

Is everyone else?