Nice short (~16m) talk on build system security – trusting trust attacks, reproducible builds & bootstrappable builds.

invidio.us/watch?v=I2iShmUTEl8

An interesting issue where non-deterministic filesystem ordering resulted in a different README file being installed (found by in @debian)

Hello Fediverse!

This account will post announcements from the Reproducible Builds project (reproducible-builds.org) as found on the birdsite, but will also boost Mastodon content related to the topic.

Happy to meet you all!

Supply-chain attack hits RubyGems repository with 725 malicious packages arstechnica.com/information-te

📦📦📦📦📦💣📦📦
📦💣📦📦📦📦📦📦
📦📦📦📦📦📦📦📦
📦📦📦📦💣💣📦📦
📦💣📦📦📦📦💣📦
📦📦📦📦📦📦📦📦
📦💣📦📦📦📦📦📦

Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.