Development quote of the week
Development quote of the week
Posted Jan 8, 2022 20:09 UTC (Sat) by smurf (subscriber, #17840)In reply to: Development quote of the week by farnz
Parent article: Development quote of the week
Our customers, on the other hand … or the platform vendors (hello, VMware) …
Posted Jan 9, 2022 15:16 UTC (Sun)
by farnz (subscriber, #17727)
[Link]
Right, so you outsourced part of your security review to your customers or to your platform providers, and you've been bitten because they didn't do a good job of review.
Why is it OK for your customers and platform providers to not do a good job of reviewing their dependencies, but it's not OK for a pro-bono provider of free software to do a similarly imperfect job? After all, you actually have contracts and money flow when it comes to your platform providers and your customers, where a random giving away source code "for the public benefit" does not have any contract or money flow relationship with you.
Development quote of the week