<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@dymaxion" class="u-url mention">@<span>dymaxion</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@whitequark" class="u-url mention">@<span>whitequark</span></a></span> <span class="h-card" translate="no"><a href="https://nixos.paris/@raito" class="u-url mention">@<span>raito</span></a></span> <span class="h-card" translate="no"><a href="https://hachyderm.io/@Di4na" class="u-url mention">@<span>Di4na</span></a></span> People aren't (by and large) saying 'I don't care about supply chain security' in the sense of 'the technical process of making good stuff' that you mention in the above post, they are saying that they don't care about supply chain security in the meaning you were using further above where it means taking on all liability for third party usage as if you were the vendor in a vendor contract with them all.</p>
