(Open Source) Software Supply Chain

https://www.linuxfoundation.org/resources/publications/open-source-software-supply-chain-security

https://annex.softwareheritage.org/public/talks/2018/2018-12-05-POSS.pdf