Supply Chain Security - Part 2 - JSJ 525
JavaScript Jabber
00:00
Typescript and Reproducible Builds
The idea of reproducible builds is gotten really big in certain parts of the linnox ecosystem. You want to be ableto prove that the source code for a programme has rather the other way round, you're tring to prove that the binary code, the compiled code, is produced from the source. And so one of the things that we want to do is get to a place where we can detect when the the build is reproducible. Hopefully it would avoid a supply chain attack on your supply chain right? What if the person inserting extra stuff into typescript transpiler wouldn't match up with what's being published by gedhup or n p m? Then you
Transcript
Play full episode
