Debian has had a better "software supply chain" posture than any other player in the ecosy...

rlpb • today at 6:23 AM • 2 replies • view on HN

Debian has had a better "software supply chain" posture than any other player in the ecosystem since before the turn of the century. While we all face the risk of malware from upstream, Debian is the least at risk of being affected by it. See for example the stream of issues from npm et al. None of it has affected Debian.

Replies

suprjami • today at 11:32 AM

You do remember the xz-utils backdoor was found in Sid right?

https://en.wikipedia.org/wiki/XZ_Utils_backdoor

alkindiffie • today at 6:26 AM

> for example the stream of issues from npm et al.

Curious, what distros where affected by npm supply chain attacks?

➕ show 1 reply

alt Hacker News

Replies