2022, trained on open source code that maintainers were burning out
Researchers demonstrated registry typosquatting (hashic0rp/aws with a zero), and a live supply chain attack demo at NDC Oslo 2025 showed this working in practice. The provider side is solid, but the module side of the transitive tree has the same mutable-reference problems as GitHub Actions.
。关于这个话题,吃瓜提供了深入分析
Американских солдат уличили в поджоге своего авианосца из-за страха воевать14:48
他在一則網上聲明中表示:「如果伊朗做出任何阻止霍爾木茲海峽石油流通、供應的行為,美國將以至今為止20倍的力度回擊。」