£5M Funding for supply chain security innovation in UK
9 points
1/21/1970
18 hours ago
by anonhaven
Comments
[deleted]
17 hours ago
Imustaskforhelp
I do believe that for governments, 5 million pounds etc. might be a comparatively small amount and putting that within open source / (supply-chain security innovation in this case) might be the right way to go.
I also believe that in a similar fashion, Open source, say libreoffice devs etc should also be funded by govt's.
A bit of the reason behind supply chain attacks can be that the developers/maintainers are underfunded too.
17 hours ago
anonhaven
Agree, and we saw this play out with Trivy/TeamPCP recently. One misconfigured workflow, underfunded maintainers, and it spread across five ecosystems in days. £5M split between projects is a start but pretty thin. Hope it sets a precedent though.
17 hours ago
mergeshield
[dead]
14 hours ago