[Link] NixOS and the changing face of Linux operating systems

Read: 6/12/2021 www.theregister.com

For DevOps folk, this was tantamount to clickbait: Nix and Docker are different tools for different jobs, and anyway, it's possible to use Nix to build Docker images. The distro, which hit version 21.11 on the last day of November, was built around the purely functional Nix package manager.

automation canonical debian docker file formats file systems linux operating systems package managers

[Link] Supply Chain Attack: NPM Library Used By Facebook And Others Was Compromised

Read: 25/10/2021 hackaday.com

Here at Hackaday we love the good kinds of hacks, but now and then we need to bring up a less good kind. Today it was learned that the NPM package ua-parser-js was compromised, and any software using it as a library may have become victim of a supply chain attack.

attacks on infrastructure code cyber crime cyber hacks dependency attack hackaday hackers javascript nodejs npm package managers programming software software dependencies software development software libraries upstream attack