GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE

  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Embed Notice

HTML Code

Corresponding Notice

  1. Embed this notice
    Gordon Messmer (gordonmessmer@fosstodon.org)'s status on Saturday, 30-Mar-2024 12:57:19 JSTGordon MessmerGordon Messmer

    The least surprising thing about the xz vulnerability is that it happened to a widely used project after a maintainer hand-off. We've seen exactly the same thing repeatedly in npm, pypi, browser extensions, and other code marketplaces.

    Humans don't last forever. Hand-off is inevitable. And I've long held that because that is true, the size of the group of maintainers is an important security characteristic.

    Small projects create big risks.

    Sustainability is a security concern.

    In conversationabout a year ago from fosstodon.orgpermalink
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.