Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://hachyderm.io/users/raven667/statuses/111953790394974874">Raven667 (raven667@hachyderm.io)'s status on Monday, 19-Feb-2024 03:04:34 JST</a><a href="https://hachyderm.io/@raven667" title="raven667@hachyderm.io"><img src="https://gnusocial.jp/avatar/147649-48-20230710031402.webp" width="48" height="48" alt="Raven667" style="position: absolute; left: 0; top: 0;">Raven667</a><div><a href="https://hachyderm.io/@raven667/111953762008737670" rel="in-reply-to">in reply to</a><ul><li><li><a href="https://gnusocial.jp/user/190782" title="josh@infosec.exchange">Josh</a></li><li><a href="https://gnusocial.jp/user/213104" title="cy@chaos.social">Chris</a></li></ul></div></section><article><p><a href="https://infosec.exchange/@Josh">@Josh</a> <a href="https://chaos.social/@cy">@cy</a> <a href="https://cyberplace.social/@GossiTheDog">@GossiTheDog</a> And I'm not saying you aren't responsible for what you ship, or that performing due-diligence on your dependency tree isn't a reasonable standard, just that it's an unfunded mandate in most cases that isn't going to actually happen reliably/commonly/unexpectedly absent some government regulation or software engineering licensure to fundamentally change the culture and incentives for software development.</p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2732797#notice-5420537">In conversation</a><time datetime="2024-02-19T03:04:34+09:00" title="Monday, 19-Feb-2024 03:04:34 JST">about 9 months ago</time> <span>from <span><a href="https://hachyderm.io/@raven667/111953790394974874" rel="external" title="Sent from hachyderm.io via ActivityPub">hachyderm.io</a></span></span><a href="https://hachyderm.io/@raven667/111953790394974874">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Raven667 (raven667@hachyderm.io)'s status on Monday, 19-Feb-2024 03:04:34 JSTRaven667
in reply to
@Josh @cy @GossiTheDog And I'm not saying you aren't responsible for what you ship, or that performing due-diligence on your dependency tree isn't a reasonable standard, just that it's an unfunded mandate in most cases that isn't going to actually happen reliably/commonly/unexpectedly absent some government regulation or software engineering licensure to fundamentally change the culture and incentives for software development.
In conversationabout 9 months ago from hachyderm.iopermalink

Public

Embed Notice

HTML Code

Corresponding Notice