This is as useless as the circular view that releasing dependencies for others to test makes you a free-rider on them using your stuff.
Which, honestly, I think it is fair to say that a lot of supply chains are lulling people into a false sense of what they do. Your supply chain for groceries puts a lot of effort into making itself safe. Your supply chain for software dependencies is run more like a playground.
Which, honestly, I think it is fair to say that a lot of supply chains are lulling people into a false sense of what they do. Your supply chain for groceries puts a lot of effort into making itself safe. Your supply chain for software dependencies is run more like a playground.