[Git][reproducible-builds/reproducible-website][master] 2022 01: +=...

Holger Levsen (@holger) gitlab at salsa.debian.org
Mon Jan 24 17:35:44 UTC 2022



Holger Levsen pushed to branch master at Reproducible Builds / reproducible-website


Commits:
4e330126 by Holger Levsen at 2022-01-24T18:35:37+01:00
2022 01: += https://paragonie.com/blog/2022/01/solving-open-source-supply-chain-security-for-php-ecosystem

Signed-off-by: Holger Levsen <holger at layer-acht.org>

- - - - -


1 changed file:

- _reports/2022-01.md


Changes:

=====================================
_reports/2022-01.md
=====================================
@@ -13,3 +13,5 @@ draft: true
 * FIXME: https://vulns.xyz/2022/01/debian-missing-version-string/ kpcyrd about binNMUs and .buildinfo files..
 
 * FIXME: Roland Clobus work on reproducible Debian live-build images was merged into https://salsa.debian.org/live-team/live-build/-/commit/a599f50e480e8755d61f515c4351ee2dd33d89a3 so soon we can remove this from jenkins.debian.net.git.
+
+* FIXME: php ecosystem now requires reproducible builds to make supply chain attacks harder:  https://paragonie.com/blog/2022/01/solving-open-source-supply-chain-security-for-php-ecosystem



View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/4e330126dcc1a7544287ef7c22fda1da8f124d52

-- 
View it on GitLab: https://salsa.debian.org/reproducible-builds/reproducible-website/-/commit/4e330126dcc1a7544287ef7c22fda1da8f124d52
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.reproducible-builds.org/pipermail/rb-commits/attachments/20220124/5e55ee43/attachment.htm>


More information about the rb-commits mailing list