We Are Flying Blind: Why I Built a Dependency Graph Visualizer in Rust
Recently, I watched a Veritasium video called “The Internet Was Weeks Away From Disaster and No One Knew.” It dives deep into the history of the XZ Utils backdoor—a highly sophisticated, multi-year social engineering campaign that almost compromised OpenSSH and the entire open-source ecosystem. A malicious actor spent years gaining trust, slowly pushing malicious commits into a deeply buried compression library that everything else depends on. ...