Commit 7a95cce0 authored by Vagrant Cascadian's avatar Vagrant Cascadian

2019-05: Fix spelling of "bitcoins"

parent c5f1a31e
Pipeline #49143 passed with stage
in 2 minutes and 18 seconds
......@@ -31,7 +31,7 @@ In this months's report, we will cover:
* The work of Chris Lamb in/around Debian's Reproducible Builds effort [won a Google Open Source Peer Bonus award](https://opensource.googleblog.com/2019/04/google-open-source-peer-bonus-winners.html), a program with the goal of recognising and supporting the ecosystem and sustainability of free software by rewarding and recognising developers for their contributions to open source projects
* Kushal Das presented at [PyCon](https://us.pycon.org/2019/about/) 2019 on [building reproducible Python applications for secured environments](https://www.youtube.com/watch?v=wRHi8Ui5vWA). In the talk, Kushal argues that validating the dependencies of project is very critical along with the actual project source code, referring to incidents where people were [able to steal bticoins using a popular library](https://www.theregister.co.uk/2018/11/26/npm_repo_bitcoin_stealer/). His talk uses the [SecureDrop client application](https://github.com/freedomofpress/securedrop-client) for journalists as an example project and see how he tried to tackle the similar problem.
* Kushal Das presented at [PyCon](https://us.pycon.org/2019/about/) 2019 on [building reproducible Python applications for secured environments](https://www.youtube.com/watch?v=wRHi8Ui5vWA). In the talk, Kushal argues that validating the dependencies of project is very critical along with the actual project source code, referring to incidents where people were [able to steal bitcoins using a popular library](https://www.theregister.co.uk/2018/11/26/npm_repo_bitcoin_stealer/). His talk uses the [SecureDrop client application](https://github.com/freedomofpress/securedrop-client) for journalists as an example project and see how he tried to tackle the similar problem.
* [GitHub](https://github.com/) announced [adding a package registry feature](https://github.com/features/package-registry) which [suggest but alas not guarantee](https://github.com/ipfs/package-managers/issues/55) a strong link between the Git repository and the published packages, highlighting the need for Reproducible Builds.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment