The state of the software supply chain post-Log4Shell
In recent times the phrase “supply chain disruption” is on everyone’s lips, mostly related to the goods we want and depend on. Likewise, in the software world we’ve had major incidents like log4shell and color.js impacting the software we want and depend on – both malice and negligence can threaten it. We throw around terms like “software supply chain” and “Bill of Materials” pretty casually. But what is the software supply chain? Where does it start, where does it end?
In recent times the phrase “supply chain disruption” is on everyone’s lips, mostly related to the goods we want and depend on. Likewise, in the software world we’ve had major incidents like log4shell...