Google has revealed the introduction of a new program known as OSS Rebuild, aimed at enhancing the security of open-source package ecosystems and thwarting software supply chain assaults.
“As supply chain assaults increasingly focus on commonly utilized dependencies, OSS Rebuild offers security teams robust data to evade compromises while alleviating the load on upstream maintainers,” stated Matthew Suozzo, Google Open Source Security.