关键词:

Abstract: At present, open source has become one of the best organizing methods for human superlargescale intellectual collaboration, and has also become the "main battlefield" of technological innovation, ushering in great development worldwide. At the same time, open source software has also become a mature target for software supply chain attacks, facing security vulnerabilities, intellectual property rights, open source regulation and other risks. This paper analyzes the current security situation and risks of open source software supply chain, puts forward open source software development security solutions, and puts forward suggestions for the development of open source software supply chain.

Key words: open source, software supply chain, security vulnerability, property risk, open source regulation, security development solution