It would be interesting to see how software supply chain infrastructure entities like package managers evolve in near future. i worry in order to increase the security and reliability we will make it difficult super difficult and prohibitive for people to publish stuff on these managers which would directly impact the same thing which made this whole OSS helping the world narrative possible as anyone could code and make it available.
I personally feel there has to be a mid ground, a place for people to be able to freely express their ingenuity and a place where we lets say force controls but also we then incentivise and encourage corporates and commercial users to pay for what they use.
But then again this is real world my thoughts would mostly look like fantasy to many.
#softwaresupplychainsecurity #sbom #packagemanagersecurity