Unfortunely no, that is why SBOM (Software Bill Of Materials), and only allowing vetted software packages on in-house CI/CD is such a thing on many companies.
Unfortunely not yet spread wide enough, and anyway doesn't do anything for everyone else doing software outside big corporation virtual wall.
Most developers are too trigger happy to add software dependencies without thinking twice about them.
giveita•4mo ago
conartist6•4mo ago
palmfacehn•4mo ago