all InfoSec news
How bulk pull requests help scale open source bug fixes
ReversingLabs Blog blog.reversinglabs.com
The complicated tangle of dependencies in modern software development processes make it tricky to identify dangerous flaws hidden in open-source software (OSS) projects. But the bigger bugaboo has been how to issue fixes to vulnerable projects at a scale that can reduce the attack surface across the entire software supply chain.
attack attack surface bug dependencies dev & devsecops development fixes flaws hidden identify issue open source open-source software oss processes projects pull requests requests scale software software development software supply chain software supply chain security supply supply chain vulnerable