Hacker News new | past | comments | ask | show | jobs | submit login

I don't even want to know how many mission critical systems automatically deploy open source software downloaded from github or (effectively random) public repositories.



Unlike Windows, there is at least the option to use curated software distributions such as Debian or RH that won't apply random stuff from upstream repositories.


I'm talking about all sorts of software projects implemented using especially Python, Ruby, node.js etc.


I like Debian but it's not like they need random upstream repositories when they can make random patches themselves e.g. the OpenSSL Purify issue.


These risks must be carefully managed that's it I think




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: