‘Try telling leaders of libpng, libjpeg-turbo, openssl, ffmpeg etc they can’t make “unilateral” changes to their own projects’

Google has proposed a framework for discussing and addressing open-source security based on factors like verified identity, code review, and trusted builds, but its approach may be at odds with open-source culture.…

…read more

Source:: Register