Software supply chain security is all the rage these days, and for good reason. A steady increase in attacks over the past decade culminated in the “big one” (so far) in which the Russian SVR penetrated U.S. government networks, a cybersecurity company, and thousands of other targets via the IT company SolarWinds. Some estimates suggest this breach will eventually cost $100 billion. Thus, it makes sense that people talk about the topic a lot. With that said, though, I have recently heard some...