[bisq-network/bisq] What's the risk of a supply chain attack on Bisq? (#5188)

[Christoph Atteneder]

This isn't an immediate issue for us as we are first not auto-updating dependencies and all dependencies that are resolved are compared to a hash to prevent any changes when they are resolved. It would be something to look for when we update libraries and update hashes for new versions.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/bisq-network/bisq/discussions/5188#discussioncomment-362009
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bisq.network/pipermail/bisq-github/attachments/20210212/4b0af6ec/attachment.htm>