Opensource

4177 readers

196 users here now

A community for discussion about open source software! Ask questions, share knowledge, share news, or post interesting stuff related to it!

Credits

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

⠀

founded 2 years ago

MODERATORS

pylapp@programming.dev

GitHub provides feature for immutable releases (docs.github.com)

submitted 1 week ago by pylapp@programming.dev to c/opensource@programming.dev

3 comments fedilink hide all child comments

Immutable releases are releases where the assets and associated Git tag cannot be changed after publication. The use of this type of release increases security by blocking supply chain attacks.

Attackers cannot:

Inject vulnerabilities or malware into current project releases.
Make changes to assets and tags that may break developer workflows.

The releases tags and artefacts can be also cryptographically verified.

top 3 comments

sorted by: hot top controversial new old

[–] Novocirab@feddit.org 12 points 1 week ago (1 children)

Sounds nice for security. Also, let's leave GitHub, it's part of Microsoft monopoly strategy.

[–] vk6flab@lemmy.radio 4 points 1 week ago

Embrace, Extend, Extinguish (Exterminate)

https://en.wikipedia.org/wiki/Embrace,_extend,_and_extinguish

[–] markz@suppo.fi 3 points 1 week ago

That sounds good