I'm afraid the only way to help these packages is by having contributors that do not do this because they want it, but because they are paid to do it.
However, even if companies know their full supply chain, they can't possibly help maintaining all their dependencies up to this deep. It's a very hard problem to tackle...
Wouter de Jong /
npub14e…s77ga
2024-03-30 15:14:38
in reply to nevent1q…2v2x
Author Public Key
npub14ex2pmpnwar2vv3rr4dkfur5taf5gp6f38a6w8zujzsl0pq0xn5scs77gaPublished at
2024-03-30 15:14:38Event JSON
{
"id": "3fe5b7c345c84d779163e5f4eca9e285f771ab0ce9cf88afad00809945fbb1d6",
"pubkey": "ae4ca0ec337746a632231d5b64f0745f5344074989fba71c5c90a1f7840f34e9",
"created_at": 1711811678,
"kind": 1,
"tags": [
[
"e",
"db277c8aef140e1bfb85a76709fdfbce1e79a83cbbda3120cf2db0018bf8abc5",
"",
"reply"
],
[
"e",
"478eb6904802035dabe5195735cdf7f02a44478618b2ff78c9433402f8454211",
"",
"root"
],
[
"p",
"fbe09282758c50c2d9cc123bfb2bbae3231652165881d4c44e6750caac5486ad"
],
[
"p",
"ae4ca0ec337746a632231d5b64f0745f5344074989fba71c5c90a1f7840f34e9"
],
[
"p",
"8feb97794387365593dfab6a5888b3b3a4d386c5fccb9641395eaef0d8e41972"
],
[
"proxy",
"https://phpc.social/users/wouterj/statuses/112185290178925637",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://phpc.social/users/wouterj/statuses/112185290178925637",
"pink.momostr"
]
],
"content": "I'm afraid the only way to help these packages is by having contributors that do not do this because they want it, but because they are paid to do it.\n\nHowever, even if companies know their full supply chain, they can't possibly help maintaining all their dependencies up to this deep. It's a very hard problem to tackle...",
"sig": "24e7cd044b0e1c7ad1da04b9dc3e2ba4ff93ced5540fd4f41a49b9e0f6becc934657f7e7b13f70a990ff9f252328516a495606d6a4075fe32714ecb7e8d2fe38"
}