Developers are tracking what components are used in software, but most of them don’t sign-off on code changes, suggesting a long road ahead for protecting the software supply chain.
This article has been indexed from Latest stories for ZDNET in Security
Read the original article: