A whitepaper from the Python Software Foundation’s (PSF) own Security Developer-in-Residence, Seth Larson, sounds the alarm on “phantom dependencies” and offers a solution with the PEP 770 proposal for a SBOM. This work, sponsored by the Alpha-Omega initiative, addresses an issue first brought to mainstream attention by Endor Labs in September 2023. They came up […]
The post Python targets phantom dependencies threat with SBOM proposal appeared first on Developer Tech News.