Automatically verify integrity of your dependencies, thru signature verification. This is trying to address the supply chain security attacks that have been happening. Just like the discussion on privacy reporting, it is ultimately each developer’s responsibility to ensure all your signatures are correct and you are not using maliciously modified code. Dependency Signatures App developers…