I recently wrote 2 essays on the subject of AI Native Automation over on the AINT blog. The gist of them is simple: AI Native platforms are about to disrupt - and maybe disembowel - what we know today as devops AI Native platforms are about to dramatically increase the scope of open source ecosystems… Continue reading AI Native and the Open Source Supply Chain
The evolution of software methodologies is evident in the shift from Linux distributions to reliance on freely available repositories. However, recent security incidents have exposed the weaknesses of this approach. As risk mitigation measures resemble those provided by Linux distributions, there is potential for their comeback in application development. This could reduce the risk of supply chain attacks.
https://youtu.be/jWccpP5844Q Shane Coughlan is the founder and manager of the Openchain Project, which "builds trust in open source by making open source license compliance simpler and more consistent." As any software asset management person can tell you, they get cross-eyed when it comes to open source license compliance. My opinion has always been that this… Continue reading Podcast: Shane Coughlan of Openchain
From EnterpriseTech: I came across a link today to a news commentary which asserts that open source software is "a supply chain rife with security vulnerabilities and clogged with outdated versions of widely used software components." I'm often reluctant to give these types of stories too much air time, because they're often rife with FUD,… Continue reading Open Source Supply Chain “Full of Bugs”
Depending on open source software introduces some challenges for those looking to create products or services derived from upstream open source components. There's a lot to consider regarding risk management, engineering efficiency, and how to influence the nebulous upstream open source world - and why you should. Original content was published at opensource.com: Open Source… Continue reading Managing Your Supply Chain
