Boffins rate npm and PyPI package security and it’s not good

Guess what? Open source security still has gaps

The Open Source Security Foundation (OpenSSF), as its name plainly states, aims to help make open source software more secure, but improvements flowing from its efforts are hard to find.…

This article has been indexed from The Register – Security

Read the original article:

Liked it? Take a second to support IT Security News on Patreon!
Become a patron at Patreon!