https://tonybai.com/tags/packagemanagement/Recent content in Packagemanagement on Tony BaiHugozh-cn2004-2026 Tony Bai. 版权所有.Sat, 14 Mar 2026 00:00:00 +0800https://tonybai.com/2026/03/14/go-sumdb-transparent-logs-supply-chain-trust/Sat, 14 Mar 2026 00:00:00 +0800https://tonybai.com/2026/03/14/go-sumdb-transparent-logs-supply-chain-trust/本文永久链接 – https://tonybai.com/2026/03/14/go-sumdb-transparent-logs-supply-chain-trust 大家好，我是Tony Bai。 在 Go 语言的日常开发中，go get 是我们最熟悉的命令之一。我们理所当然地认为，只要指定了版本号，从 GitHub 或其他代码托管平台拉取下来的代码就是安全、一致的。然而，现实却远比这脆弱——...https://tonybai.com/2026/03/04/package-management-unsolvable-problem-programming-languages/Wed, 04 Mar 2026 00:00:00 +0800https://tonybai.com/2026/03/04/package-management-unsolvable-problem-programming-languages/本文永久链接 – https://tonybai.com/2026/03/04/package-management-unsolvable-problem-programming-languages 大家好，我是Tony Bai。 每天，全世界的开发者敲击下数以亿计的 npm install、go get、cargo build 或是 pip install。我们将这些包管理器视作理所当然的基础设...https://tonybai.com/2025/03/16/gemini-deep-research-experience/Sun, 16 Mar 2025 00:00:00 +0800https://tonybai.com/2025/03/16/gemini-deep-research-experience/本文永久链接 – https://tonybai.com/2025/03/16/gemini-deep-research-experience 基于大模型的AI已进入深度思考时代，以DeepSeek R1模型为代表的开源模型给主流AI厂商带来了巨大压力。其实早在2024年12月份，Google就在一篇名为“Try Deep Research and our new experimental mod...