There’s very much a case being made that open source maintainers should have near-zero concerns because “they are codified best practices”; “we aren’t going to invent any new things”.
I want to be optimistic (yay, we’re already there!) but boy the decades-long, near-totally-failed push for SBOM adoption—which is being cited as a success!—does not fill me with optimism.
Luis Villa
npub1zr…ezzng
2025-01-30 10:01:51 UTC
in reply to nevent1q…wpfx
Author Public Key
npub1zr7al5mjf2kq7vpddk4wkegqnnpk79y3jvp6vtkqr6fkvrhlke7qaezzngSeen on
wss://relay.momostr.pinkPublished at
2025-01-30 10:01:51 UTCEvent JSON
{
"id": "0574f197d75fd5e769a97b6b52c74fa823dfed324370ddc410ed71572b9c813f",
"pubkey": "10fddfd3724aac0f302d6daaeb65009cc36f14919303a62ec01e93660effb67c",
"created_at": 1738231311,
"kind": 1,
"tags": [
[
"e",
"f21ca36583aabb05c095cc735ba1db410b3569d89108214257c993a2d2675a42",
"",
"reply",
"10fddfd3724aac0f302d6daaeb65009cc36f14919303a62ec01e93660effb67c"
],
[
"proxy",
"https://social.coop/@luis_in_brief/113916727250439740",
"web"
],
[
"p",
"2b91c37ecf5aac4ea7f923f5bcb7b3f7768cb0b288fcc394fd534c0b4216c56d"
],
[
"p",
"537ba211ddf49768a49a5f6bd95a130212df4accb5005c67fcf6d77962763ae8"
],
[
"e",
"3335dbc7179bcc35e2c8629cf8ac1d174ed65624b0a7997caacd39a45e988bfd",
"",
"root",
"10fddfd3724aac0f302d6daaeb65009cc36f14919303a62ec01e93660effb67c"
],
[
"p",
"10fddfd3724aac0f302d6daaeb65009cc36f14919303a62ec01e93660effb67c"
],
[
"proxy",
"https://social.coop/users/luis_in_brief/statuses/113916727250439740",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://social.coop/users/luis_in_brief/statuses/113916727250439740",
"pink.momostr"
],
[
"-"
]
],
"content": "There’s very much a case being made that open source maintainers should have near-zero concerns because “they are codified best practices”; “we aren’t going to invent any new things”. \n\nI want to be optimistic (yay, we’re already there!) but boy the decades-long, near-totally-failed push for SBOM adoption—which is being cited as a success!—does not fill me with optimism.",
"sig": "05488d6b1d6c353be2a1c17b49be7e2268e82a8d5ecdb55d9e7e694fedba6af0de3959950bc0ebc8eaac555aa66ceda5b37db90574419ad7ad8a50555a5a8e5b"
}