- cross-posted to:
- linux@lemmy.world
- cross-posted to:
- linux@lemmy.world
A video by SavvyNik that covers some of the highlights from the following recently published scientific article - Wolves in the Repository: A Software Engineering Analysis of the XZ Utils Supply Chain Attack
Thanks for posting. I was literally l looking for updates on this recently and couldn’t find anything. I was worried that it might have been forgotten about
It has been my pleasure!
The XZ utils supply chain attack has actually made the community more wary of blobs. Some projects were even prompted to come clean on this matter.
Fedora has also recently made a push towards reproducible builds. In the lwn.net article that discussed that push, one of Fedora’s spokespeople explicitly said that it would help combat supply chain attacks.
So, all in all, I can confidently say that it did leave a mark on the Linux landscape. Hopefully, this specific attack vector will not be as viable in the foreseeable future.