To clarify: This is about a possible supply chain attack. The possibility of it. Not about unsafe code in the app or anywhere else. It means that an attacker could have gained access to the ios repo and possibly any other repo. It is fixed now.
I imagine that hostile commits would have been caught by now, as would compromised releases. But the main issue for me is that we are pretty much left in the dark about this. Maybe the team checked everything well and came to the conclusion that this was nothing worry about and was catched before it could do any harm. Which is the most probable scenario I think. Still leaves a bit of a sour taste.
To clarify: This is about a possible supply chain attack. The possibility of it. Not about unsafe code in the app or anywhere else. It means that an attacker could have gained access to the ios repo and possibly any other repo. It is fixed now.
I imagine that hostile commits would have been caught by now, as would compromised releases. But the main issue for me is that we are pretty much left in the dark about this. Maybe the team checked everything well and came to the conclusion that this was nothing worry about and was catched before it could do any harm. Which is the most probable scenario I think. Still leaves a bit of a sour taste.