"An observatory could help measure software compromises, provide the underlying data that enable detection, and quantitatively compare the effectiveness of different solutions. provides the seeds of such an observatory."

@zacchiro I would say that distributions are that observatory, they've always been.

It's just that some ecosystems (Go, NPM, Rust, …) just destroyed their ability to act as a group of third-party maintainers and I think a large group of people stopped caring about why distributions and ports tree were created in the first place.
Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!