From d8465d01b77365312becd1e43bdf8f48def7dc3d Mon Sep 17 00:00:00 2001 From: Anton Livaja Date: Fri, 13 Jun 2025 05:07:47 -0700 Subject: [PATCH] add cheeky comment --- _posts/2025-06-07-package-managers.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/_posts/2025-06-07-package-managers.md b/_posts/2025-06-07-package-managers.md index 16f2464..ff4e80e 100644 --- a/_posts/2025-06-07-package-managers.md +++ b/_posts/2025-06-07-package-managers.md @@ -116,6 +116,8 @@ even a full audit of code may not surface all code issues and there are other risks stemming, for example, from the way the code is built, or the runtime environment. The idea is to layer all defense mechanisms available, but admit that not reviewing third party code is a bad idea and that this needs to change. +If you believe SAST/monitoring will save you, I challenge you to give our team +access to add code to your codebase and see what happens. ## Summary