jeffw384,000 sites pull code from sketchy code library recently bought by Chinese firm
abacabAnd that’s why you don’t use cdns
CDNs are extremely helpful for sites being accessible and for load times worldwide.
I’m not sure what this comment is trying to get at.
The issue isn’t CDNs. The issue is code that pulls the latest version of a library, opening it up to supply chain attacks like this. The solution would be to specify exact versions of a library to use.