Open Source Insights Into The Software Supply Chain

 Open Source Insights is a new project by Google that helps developers understand and visualize their applications' dependencies and therefore the vulnerabilities that come with them.

Supply chain security is all the rage right now. We've taken a look at the implications as well as the ways of mitigation in "Does Sigstore Really Secure The Supply Chain?" the Linux Foundation's answer to supply chain attacks:

full article on i-programmer.info