On Tue, Jan 31, 2023 at 7:24 AM '[email protected]' via Jenkins Developers <[email protected]> wrote: > As it's about reducing the risk and not eliminating it
I do not see a reason why we should accept continued exposure. Software supply chain attacks have been increasing in recent years, highlighting the need for a thorough response. As industry leaders in this space, we ought to be role models rather than doing the bare minimum. > from my PoV it's another topic with harder consensus to find. I see no evidence that consensus would be hard to find. It would be one thing if concrete objections had been raised in this discussion, but so far nobody has provided a cogent counterargument to the points made in my last post. -- You received this message because you are subscribed to the Google Groups "Jenkins Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-dev/CAFwNDjqQDRBwq8QRTVDj7UTr%2BfEOvOnfn73Oiq9L48xmHkUm_w%40mail.gmail.com.
