GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Jens Bannmann (tynstar@nerdculture.de)'s status on Wednesday, 03-Apr-2024 19:35:08 JST Jens Bannmann Jens Bannmann
    • Tim Bray

    Any experienced C developers among my followers? #BoostsWelcome.

    Expat, arguably the world's most popular #XML parser, is understaffed and without funding. As #xz has shown, situations like this are dangerous.

    Last month, maintainer Sebastian Pipping put up a plea for help at https://github.com/libexpat/libexpat/blob/R_2_6_2/expat/Changes

    (I would help myself, but my C skills barely surpass "Hello, World".)

    Found via @timbray - https://cosocial.ca/@timbray/112203547801373427

    #libexpat
    #SoftwareSupplyChainSecurity #OpenSource #OpenSourceMaintainer
    #C

    In conversation about 8 months ago from nerdculture.de permalink

    Attachments


    2. No result found on File_thumbnail lookup.
      Tim Bray (@timbray@cosocial.ca)
      from Tim Bray
      I think the #xz incident is teaching us that our infrastructure is dangerously fragile in the face of well-organized/funded attackers. The response isn’t “try harder” or “donate to your OSS project”, it needs to be institutional, professional, and at scale. So, here’s my proposal, called “OSQI”, aimed at starting a how-to discussion: https://www.tbray.org/ongoing/When/202x/2024/04/01/OSQI

    Feeds

    • Activity Streams
    • RSS 2.0
    • Atom
    • Help
    • About
    • FAQ
    • TOS
    • Privacy
    • Source
    • Version
    • Contact

    GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

    Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.