Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The biggest issue, is that the whole stack keeps being dependent on external nations, as per the companies that actually contribute to FOSS with big money.

https://insights.linuxfoundation.org/project/korg/contributo...

Then it is Go (Google), Java (Oracle, IBM, Red-Hat), .NET (Microsoft), Rust (Amazon, Microsoft, Google), Typescript (Microsoft), C and C++ (Red-Hat, IBM, Microsoft, Apple Google, ...), and so on.



Using a programming language is not the same as using a service.

I can't seen any reason for this to be "the biggest issue".


Attack vectors and supply chain, every piece of the puzzle matters.

There is no accident that folks like Oxide go through the trouble to control the whole stack, hardware, software, programming language toolchains they are using, only working with vendors that provide them every single documentation and customisation points they need.

Unfortunely we lack an European Oxide.


They use Go and Rust. If Oxide thinks they can keep the supply chain risks of their langiage ecosystems under control, I think the rest of us can too.


Yes, and are in the position of maintaining their own forks if needed, or doing reviews when updating them.

Is everyone else?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: