Requiring a sandwich bill of materials for sandwiches will likely end up with not getting many sandwiches, but this was a fun (to me) link. Thanks for sharing.
Requiring a sandwich bill of materials for sandwiches will likely end up with not getting many sandwiches, but this was a fun (to me) link. Thanks for sharing.
I want to inspect these 6% of sandwiches with a lockfile This was my favourite bit:
Post-incident analysis revealed that 94% of affected sandwiches had no lockfile and were resolving eggs to latest at assembly time.
I want to eat inspect these 6% of sandwiches with a lockfile
This was my favourite bit:
CVE-2019-SPROUT: Alfalfa sprouts were found to be executing arbitrary bacteria in an unsandboxed environment. Severity: High. The vendor disputes this classification.
Ugh, sandwich licenses. Why do I need to open up the sandwich and check third party sources so I can put Sriracha sauce on myself when I can just pay for a sandwich that has brand name Sriracha at...
Ugh, sandwich licenses. Why do I need to open up the sandwich and check third party sources so I can put Sriracha sauce on myself when I can just pay for a sandwich that has brand name Sriracha at the proprietary shop down the road? And I know about OpenHot and Yet Another Spicy Sauce, they just don't fit my use case. /j
I love this! SBOMs are such a great idea, but always felt hopeless to me because of dependency chains. Add that to vulnerability scanners that complain about everything right down to the language...
I love this!
SBOMs are such a great idea, but always felt hopeless to me because of dependency chains.
Add that to vulnerability scanners that complain about everything right down to the language you're using and defenestration seems like the best option.
Requiring a sandwich bill of materials for sandwiches will likely end up with not getting many sandwiches, but this was a fun (to me) link. Thanks for sharing.
I laughed. I thought you might, too!
I want to
eatinspect these 6% of sandwiches with a lockfileThis was my favourite bit:
Ugh, sandwich licenses. Why do I need to open up the sandwich and check third party sources so I can put Sriracha sauce on myself when I can just pay for a sandwich that has brand name Sriracha at the proprietary shop down the road? And I know about OpenHot and Yet Another Spicy Sauce, they just don't fit my use case. /j
YASS would probably do well on brand recognition alone
Stupid things broke - I tried to compile a hotdog and it crashed despite meeting spec requirements.
Works on my end, try a previously unused kitchen?
This is great, thanks for sharing!
I love this!
SBOMs are such a great idea, but always felt hopeless to me because of dependency chains.
Add that to vulnerability scanners that complain about everything right down to the language you're using and defenestration seems like the best option.