ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Episode 343 - Stop trying to fix the open source software supply chain"
Episode Synopsis
Josh and Kurt talk about a blog post that explains there isn't really an open source software supply chain. The whole idea of open source being one thing is incorrect, open source is really a lot of little things put together. A lot of companies and organizations get this wrong. Show Notes Iliana's Twitter There is no "software supply chain" Google supply chain blog GitHub ansi_term advisory PyPI 2FA Dashboard tarfile issue rediscovered in 2022
More episodes of the podcast Open Source Security
Iocaine poisons bots with Gergely Nagy
12/01/2026
Anubis with Xe Iaso
05/01/2026
Rustls with Dirkjan and Joe
29/12/2025
TARmageddon with Alex Zenla
01/12/2025
Python Security with Seth Larson
24/11/2025
In God we trust