Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://queer.hacktivis.me/objects/713e091d-ed49-42a1-85dc-a00730b71f08">Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 07:44:55 JST</a><a href="https://queer.hacktivis.me/users/lanodan" title="lanodan@queer.hacktivis.me"><img src="https://gnusocial.jp/avatar/792-48-20230912093141.webp" width="48" height="48" alt="Haelwenn /элвэн/ :triskell:" style="position: absolute; left: 0; top: 0;">Haelwenn /элвэн/ :triskell:</a><div><a href="https://shitposter.world/objects/d09dd3d4-108e-4def-a4eb-75719eefbf60" rel="in-reply-to">in reply to</a><ul><li></ul></div></section><article><a href="https://shitposter.world/users/sun">@sun</a> Which is a dead argument because good luck quantifying software risks in such a broad manner, there's barely even have proper infra for communicating security issues to downstreams (like CVEs do) so stats would be seriously off.<br><br>Although I think you could say that not all software benefits from memory safety (like when there's little to no external input) and that all software benefits from taking dependency issues seriously.</article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/4117748#notice-8046714">In conversation</a><time datetime="2024-12-04T07:44:55+09:00" title="Wednesday, 04-Dec-2024 07:44:55 JST">about 5 months ago</time> <span>from <span><a href="https://queer.hacktivis.me/objects/713e091d-ed49-42a1-85dc-a00730b71f08" rel="external" title="Sent from queer.hacktivis.me via ActivityPub">queer.hacktivis.me</a></span></span><a href="https://queer.hacktivis.me/objects/713e091d-ed49-42a1-85dc-a00730b71f08">permalink</a></footer></blockquote>

Corresponding Notice

Embed this notice
Haelwenn /элвэн/ :triskell: (lanodan@queer.hacktivis.me)'s status on Wednesday, 04-Dec-2024 07:44:55 JSTHaelwenn /элвэн/ :triskell:
in reply to
- Fish of Rage
@sun Which is a dead argument because good luck quantifying software risks in such a broad manner, there's barely even have proper infra for communicating security issues to downstreams (like CVEs do) so stats would be seriously off.

Although I think you could say that not all software benefits from memory safety (like when there's little to no external input) and that all software benefits from taking dependency issues seriously.
In conversationabout 5 months ago from queer.hacktivis.mepermalink

Public

Embed Notice

HTML Code

Corresponding Notice