Google today revealed it has been working with GitHub to create a forgery-proof method for signing source code as part of an ongoing effort to better secure software supply chains. Bob Callaway, technology lead for open source software supply chain security at Google, said a prototype of this method, written in the Go programming language, […]
