Discover Security Projects News
Open source: Google wants new rules for developers working on 'critical' projects
If your open-source software project is deemed "critical", you could be facing a lot more work and responsibility in the future. Some of Google's top engineers have proposed new 'norms' that they feel could help secure "critical" open-source projects.
Open-source software should be more secure than closed source, but only if people are inspecting it and that's not an easy job, Google argues.
But to ensure future software supply chain attacks don't involve key open-source software projects, some of Google's top engineers have proposed new 'norms' that might cause problems with open-source contributors – if their project is considered "critical".