This report offers recommendations to help creators and consumers of open source software manage it responsibly, especially in the context of securing the software supply chain. Whether a consumer or provider of software, you are part of the software supply chain, and need to safeguard the applications you use from upstream as well as downstream risk. In the following pages, we e...
» read more