Supply chain compromise of the xz compression utilities that underscores risks in open source dependencies and the need for provenance, SLSA, and reproducible builds.
Supply chain compromise of the xz compression utilities that underscores risks in open source dependencies and the need for provenance, SLSA, and reproducible builds.
