For the past few years, we have seen a lot of discussions around the concept of the Software Supply Chain. These discussions started around the time of LeftPad and escalated with multiple incidents in the past few years. The problem of all the work in this domain is that it forgets a fundamental point.

The European Commission has plans to make sure every open source developer is classified as a supplier though, in the Cyber Resilience Act - see

That stinks.

Open Source
Create a post

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links


  • Posts must be relevant to the open source ideology
  • No NSFW content
  • No hate speech, bigotry, etc

Related Communities

Community icon from, but we are not affiliated with them.

  • 0 users online
  • 1 user / day
  • 15 users / week
  • 46 users / month
  • 281 users / 6 months
  • 6.04K subscribers
  • 1.61K Posts
  • Modlog