{"href":"https://api.simplecast.com/oembed?url=https%3A%2F%2Ftrailofbits.audio%2Fepisodes%2Fit-depends-efdpE9ib","width":444,"version":"1.0","type":"rich","title":"It Depends","thumbnail_width":300,"thumbnail_url":"https://image.simplecastcdn.com/images/30a2d041-1318-4f6d-b79a-d9facb77b603/df78f1c6-61b4-4003-9998-3c1a5c867142/161227-tob-logo-white.jpg","thumbnail_height":300,"provider_url":"https://simplecast.com","provider_name":"Simplecast","html":"<iframe src=\"https://player.simplecast.com/74d183b4-3548-4025-ac26-21b99a173a0a\" height=\"200\" width=\"100%\" title=\"It Depends\" frameborder=\"0\" scrolling=\"no\"></iframe>","height":200,"description":"Most people imagine software engineers tapping keyboards in a kombucha-keg filled room. But modern software isn’t written... It’s assembled. Developers write code, but they don't start from scratch - They use open-source code and libraries, developed by a community. Those building blocks are themselves dependent on other pieces of open-source software, which are built atop yet others, and so on. The dependencies of this software supply chain are therefore recursive - ‘nested,’ like a Russian Matryoshka doll. So you ask whether your software is safe, the answer is, \"It Depends.\""}