Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://mastodon.social/users/webology/statuses/112199418584152533">Jeff Triplett (webology@mastodon.social)'s status on Saturday, 06-Apr-2024 20:14:37 JST</a><a href="https://mastodon.social/@webology" title="webology@mastodon.social"><img src="https://gnusocial.jp/avatar/178841-48-20231207082918.webp" width="48" height="48" alt="Jeff Triplett" style="position: absolute; left: 0; top: 0;">Jeff Triplett</a></section><article><p>🔥 An update on OpenSSF's XZ fumble: <a href="https://micro.webology.dev/2024/04/01/an-update-on.html" rel="nofollow noreferrer">https://micro.webology.dev/2024/04/01/an-update-on.html</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2904914#notice-5777004">In conversation</a><time datetime="2024-04-06T20:14:37+09:00" title="Saturday, 06-Apr-2024 20:14:37 JST">about a year ago</time> <span>from <span><a href="https://mastodon.social/@webology/112199418584152533" rel="external" title="Sent from mastodon.social via ActivityPub">mastodon.social</a></span></span><a href="https://mastodon.social/@webology/112199418584152533">permalink</a><h4>Attachments</h4><ol><li><article><header><div>No result found on File_thumbnail lookup.</div><h5><a href="https://micro.webology.dev/2024/04/01/an-update-on.html">🔥 An update on OpenSSF's XZ fumble</a></h5><div> from <span>Jeff Triplett</span></div></header><div>OpenSSF’s Scorecards is Going Just Great 🔥 While I’m happy that OpenSSF updated their blog post to remove all mentions of their scorecards, they forgot to mention why, apologize, or publicly acknowledge that they messed up.
Since they rushed their first blog post and spent so little time on it, I wanted to point out the changes and equally spend very little time on why their scorecard is actively harmful to projects that handle security well.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Jeff Triplett (webology@mastodon.social)'s status on Saturday, 06-Apr-2024 20:14:37 JST Jeff Triplett
🔥 An update on OpenSSF's XZ fumble: https://micro.webology.dev/2024/04/01/an-update-on.html
In conversationabout a year ago from mastodon.socialpermalink
Attachments
1. No result found on File_thumbnail lookup.
  🔥 An update on OpenSSF's XZ fumble
  from Jeff Triplett
  OpenSSF’s Scorecards is Going Just Great 🔥 While I’m happy that OpenSSF updated their blog post to remove all mentions of their scorecards, they forgot to mention why, apologize, or publicly acknowledge that they messed up. Since they rushed their first blog post and spent so little time on it, I wanted to point out the changes and equally spend very little time on why their scorecard is actively harmful to projects that handle security well.

Public

Embed Notice

HTML Code

Corresponding Notice