Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
richbell
on Jan 15, 2023
|
parent
|
context
|
favorite
| on:
Supply Chain Attack Using PyPI Packages “Colorslib...
Vendors like Sonatype already offer this for enterprises. I feel we're a long way from it being available in core OSS repositories though.
https://help.sonatype.com/fw/best-practices/release-integrit...
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
https://help.sonatype.com/fw/best-practices/release-integrit...