{"id":3753,"date":"2025-07-16T07:39:17","date_gmt":"2025-07-16T11:39:17","guid":{"rendered":"https:\/\/canada.wordcamp.org\/2025\/?post_type=wcb_session&#038;p=3753"},"modified":"2025-10-27T12:21:20","modified_gmt":"2025-10-27T16:21:20","slug":"software-supply-chain-security-risk-management-why-the-future-will-be-federated","status":"publish","type":"wcb_session","link":"https:\/\/canada.wordcamp.org\/2025\/session\/software-supply-chain-security-risk-management-why-the-future-will-be-federated\/","title":{"rendered":"Software Supply Chain Security &amp; Risk Management: Why the Future will be Federated"},"content":{"rendered":"\n<p><a href=\"https:\/\/modernearth.net\/wp\/wp-content\/uploads\/2025\/10\/WCEH25_Toderash_Federated-Supply-Chain_Slides.pdf\">Slides<\/a> | Video<\/p>\n\n\n\n<p>This talk will cover a brief history of package management in WordPress, why centralized distribution was necessary, and why it\u2019s time to decentralize now to address risk management for the supply chain needed for enterprise WordPress to continue growing. I\u2019ll consider some security risks inherent in a federated repository model and some of the available mitigation strategies.<\/p>\n\n\n\n<p>Lastly, I\u2019ll provide an overview from inside of the approach being taken by AspirePress and FAIR to provide the community with decentralized, secure, and robust package management for WordPress, including some specific advantages for the enterprise, for the ecosystem, and for end users.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Explore why WordPress package management must decentralize, security risks of federated models, and how AspirePress and FAIR offer solutions.<\/p>\n","protected":false},"author":1415017,"featured_media":0,"template":"","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"jetpack_post_was_ever_published":false,"_wcpt_session_time":1760730300,"_wcpt_session_duration":2700,"_wcpt_session_type":"session","_wcpt_session_slides":"","_wcpt_session_video":"","_wcpt_speaker_id":[3750],"footnotes":""},"session_track":[126],"session_category":[113],"class_list":["post-3753","wcb_session","type-wcb_session","status-publish","hentry","wcb_track-track-2","wcb_session_category-federation"],"jetpack_sharing_enabled":true,"jetpack_likes_enabled":true,"session_date_time":{"date":"October 17, 2025","time":"3:45 pm"},"session_speakers":[{"id":"3750","slug":"brent-toderash","name":"Brent Toderash","link":"https:\/\/canada.wordcamp.org\/2025\/speaker\/brent-toderash\/"}],"session_cats_rendered":"Federation","_links":{"self":[{"href":"https:\/\/canada.wordcamp.org\/2025\/wp-json\/wp\/v2\/sessions\/3753","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/canada.wordcamp.org\/2025\/wp-json\/wp\/v2\/sessions"}],"about":[{"href":"https:\/\/canada.wordcamp.org\/2025\/wp-json\/wp\/v2\/types\/wcb_session"}],"version-history":[{"count":7,"href":"https:\/\/canada.wordcamp.org\/2025\/wp-json\/wp\/v2\/sessions\/3753\/revisions"}],"predecessor-version":[{"id":9146,"href":"https:\/\/canada.wordcamp.org\/2025\/wp-json\/wp\/v2\/sessions\/3753\/revisions\/9146"}],"speakers":[{"embeddable":true,"href":"https:\/\/canada.wordcamp.org\/2025\/wp-json\/wp\/v2\/speakers\/3750"}],"author":[{"embeddable":true,"href":"https:\/\/canada.wordcamp.org\/2025\/wp-json\/wporg\/v1\/users\/toderash"}],"wp:attachment":[{"href":"https:\/\/canada.wordcamp.org\/2025\/wp-json\/wp\/v2\/media?parent=3753"}],"wp:term":[{"taxonomy":"wcb_track","embeddable":true,"href":"https:\/\/canada.wordcamp.org\/2025\/wp-json\/wp\/v2\/session_track?post=3753"},{"taxonomy":"wcb_session_category","embeddable":true,"href":"https:\/\/canada.wordcamp.org\/2025\/wp-json\/wp\/v2\/session_category?post=3753"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}