top | item 47193564 (no title) ZeroAurora | 3 days ago I personally treat it as a supply chain risk, as there are no longer any way to report any bugs and security problems. discuss order hn newest chrisjj|3 days ago Then why not provide one yourself? ZeroAurora|2 days ago Forking is a good option for companies, but not a good option for sole developers: one doesn't have that much energy.Switching to other libraries like requests and aiohttp and supporting them by contributing is clearly a better option. load replies (1) dchest|3 days ago How is _your_ supply chain a concern of this open source developer? ZeroAurora|2 days ago _My_ supply chain is not a big deal, lol. But this is HTTPX. A network library that has a considerable number of users.When I say _considerable_, I'm essentially saying _nearly every_ big tech. The one I can tell for sure is OpenAI (not a fan of them though).Remember xz attack? load replies (1)
chrisjj|3 days ago Then why not provide one yourself? ZeroAurora|2 days ago Forking is a good option for companies, but not a good option for sole developers: one doesn't have that much energy.Switching to other libraries like requests and aiohttp and supporting them by contributing is clearly a better option. load replies (1)
ZeroAurora|2 days ago Forking is a good option for companies, but not a good option for sole developers: one doesn't have that much energy.Switching to other libraries like requests and aiohttp and supporting them by contributing is clearly a better option. load replies (1)
dchest|3 days ago How is _your_ supply chain a concern of this open source developer? ZeroAurora|2 days ago _My_ supply chain is not a big deal, lol. But this is HTTPX. A network library that has a considerable number of users.When I say _considerable_, I'm essentially saying _nearly every_ big tech. The one I can tell for sure is OpenAI (not a fan of them though).Remember xz attack? load replies (1)
ZeroAurora|2 days ago _My_ supply chain is not a big deal, lol. But this is HTTPX. A network library that has a considerable number of users.When I say _considerable_, I'm essentially saying _nearly every_ big tech. The one I can tell for sure is OpenAI (not a fan of them though).Remember xz attack? load replies (1)
chrisjj|3 days ago
ZeroAurora|2 days ago
Switching to other libraries like requests and aiohttp and supporting them by contributing is clearly a better option.
dchest|3 days ago
ZeroAurora|2 days ago
When I say _considerable_, I'm essentially saying _nearly every_ big tech. The one I can tell for sure is OpenAI (not a fan of them though).
Remember xz attack?