Securing open source software: Whose job is it, anyway?
CISA announces more help, and calls on app makers to step up The US government and some of the largest open source foundations and package repositories have announced a series of initiatives intended to improve software supply-chain security, while also repeating calls for developers to increase support for such efforts....