Menu Impressum Privacy Policy
Commentary guidelines on external dependencies regarding the attack on the xz project

TODOS

  • [ ] https://blog.holz.nu/2024/03/29/0.html
  • [ ] https://www.danisch.de/blog/2024/04/01/die-xz-attacke/
  • [ ] https://research.swtch.com/xz-timeline
  • [ ] Remove Spring Boot dependency.
  • [ ] Create guidelines for dependencies.
  • [ ] The Open Source Software Supply Chain Isn't REAL!!
  • https://www.softwaremaxims.com/blog/not-a-supplier

Disclaimer no Linux expert

The attack on xz

That is the cause for this commentary.

Small vs big dependencies

Quality is a Myth

Everybody hates Systemd

Why UNO is so ineffective?

Any Real solution will be likely a badly perceived solution.

M2 repo inside git repositories

Consequences for Network Project

  • [ ] Custom adaptable and injectable API ar important. The absent makes dependency problems bigger.
  • [ ] There will not be a fix for such attacks for now, but a TODO regarding this in the dependency guidelines is required.
  • [ ] Limited backward compatibility
Meta
  1. splitcells.net
  2. network
  3. 's Guidelines
  1. guidelines
    1. backwards-compatibility.html
    2. complexity-management.html
    3. dependency.html
    4. documentation.html
    5. external-dependencies-commentary-2024-04-02.html
    6. gist
      1. git.html
      2. pgp.html
    7. index.html
    8. infrastructure.html
    9. licensing.html
    10. program-code.html
    11. project.html
    12. source-types.html
    13. standard-usage
      1. bash.html
      2. changelog.html
      3. chezmoi.html
      4. commonmark.html
      5. filesystem.html
      6. html.html
      7. java.html
      8. linking.html
      9. maven.html
      10. python.html
      11. shell.html
      12. xml.html
      13. xslt.html
    14. task-management.html
    15. technology-stack.html
    16. test.html
    17. web-design.html
Content Privacy Policy Impressum Licensing Main Menu

Messages

- Activate Javascript in order to enable all functions of this site.


About This Site Contact Licensing Main Page Privacy Policy Programs Projects Search

Metadata About This Document

Unless otherwise noted, the content of this html file is licensed under the EPL-2.0 OR MIT.

Files and other contents, which are linked to by this HTML file, have their own rulings.

Footer Functions

back to top