| ▲ | fishpen0 4 hours ago | |
Not really comparable at any compliance or security oriented business. You can't just zip the thing up and sftp it over to the server. All the zany supply chain security stuff needs to happen in CI and not be done by a human or we fail our dozens of audits | ||
| ▲ | __MatrixMan__ 4 hours ago | parent [-] | |
Why is it that we trust those zany processes more than each other again? Seems like a good place to inject vulnerabilities to me... | ||