@wbamberg wrote a great new article on supply chain attacks [1]. Should we derive some guidelines for [2] and [3] from it? [1] https://developer.mozilla.org/en-US/docs/Web/Security/Attacks/Supply_chain_attacks [2] https://github.com/w3c-cg/swag/blob/main/docs/guidelines_for_libraries.md [3] https://github.com/w3c-cg/swag/blob/main/docs/security_guidelines.md
@wbamberg wrote a great new article on supply chain attacks [1].
Should we derive some guidelines for [2] and [3] from it?
[1] https://developer.mozilla.org/en-US/docs/Web/Security/Attacks/Supply_chain_attacks
[2] https://github.com/w3c-cg/swag/blob/main/docs/guidelines_for_libraries.md
[3] https://github.com/w3c-cg/swag/blob/main/docs/security_guidelines.md