Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
mcguire
on Jan 6, 2020
|
parent
|
context
|
favorite
| on:
Always Review Your Dependencies, AGPL Edition
Does Maven Central also require machine-checkable proofs of security?
lmm
on Jan 7, 2020
[–]
No (and I don't think any code repository does or could; what would a "proof of security" actually prove?). It does require machine-checkable signing of all releases.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search: