cts in the supply chain they are tracking are from
> > the ASF I wonder if we need to be on a receiving end
> > of it either via security@a.o or some other way?
> >
> >
> https://openssf.org/blog/2024/05/20/enhancing-open-source-security-introducing-siren
ls around disclosures and such. Given how many
> projects in the supply chain they are tracking are from
> the ASF I wonder if we need to be on a receiving end
> of it either via security@a.o or some other way?
>
> https://openssf.org/blog/2024/05/20/enhancing-open-source-securit
/2024/05/20/enhancing-open-source-security-introducing-siren-by-openssf/
Thoughts?
Thanks,
Roman.
-
To unsubscribe, e-mail: dev-unsubscr...@community.apache.org
For additional commands, e-mail: dev-h...@community.apache.org
