Merge pull request #8 from shiftleftcyber/jason

j28smith · web-flow · commit 90afada8fd95 · 2025-08-24T20:57:55.000-04:00
Adding another blog post from LinkedIn
diff --git a/marketing/content/blog/made_in_canada_in_groceries_and_in_software.md b/marketing/content/blog/made_in_canada_in_groceries_and_in_software.md
@@ -0,0 +1,55 @@
++++
+author = "Jason Smith"
+title = "'Made in Canada' - in Groceries and in Software 🛒🍁💻"
+date = "2025-04-27"
+tags = [
+    "markdown",
+    "css",
+    "html",
+]
+linkedin = "https://www.linkedin.com/posts/j28smith_product-of-canada-vs-made-in-canada-activity-7315682416231096320-vusd"
+image = "img/thirdparty/made-in-vs-product-of-canada.png"
+youtube = "pApbYrNuAg4"
++++
+
+With 🇺🇸 U.S.-imposed tariffs back in the news, many Canadians 🇨🇦 are shifting their focus to buy local and support Canadian-made products. But here's the catch: what does "Made in Canada" actually mean? 🤔
+
+Flip over any grocery item and you’ll see all kinds of labels:
+
+* 🇨🇦 Product of Canada
+* 🛠️ Made in Canada
+* 📦 Packaged in Canada
+* 🌍 Made with domestic and imported ingredients
+* 👨‍🍳 Prepared in Canada
+
+The reality? Even with a "Made in Canada" label, ingredients often come from around the world 🌍.
+
+Sound familiar? It should - and software is no different. 💻
+
+Modern software is assembled, not handcrafted 🛠️ - just like hardware. When you manufacture a physical product, you need a Bill of Materials (BOM) to track every screw, chip, and wire 🔩⚙️🔌.
+
+Software is no different. You need to track:
+
+* 🏛️ Third-party libraries
+* 🌎 Open-source packages
+* 👩🏻‍💻 Proprietary code
+* ⚙️ Software build tools
+
+Even if your team "built it", much of it came from a global supply chain 🌎.
+
+And just like with food, we need transparency in what we are consuming 🍲 - or shipping 🚢.
+
+Knowing what's in your software helps you manage:
+
+* 🔐 Security
+* 💎 Quality
+* 📈 Performance
+* ⚠️ Risk
+
+That's where a Software Bill of Materials (SBOM) comes in - your blueprint for understanding what's inside your software. 📝
+
+SBOMs are a great start to gain transparency. However, visibility alone isn’t enough. Can you trust what you see? 🕵
+
+Have you checked the ingredients in your software lately? Do you know where they came from?
+
+hashtag#SBOM hashtag#SoftwareSupplyChain hashtag#CyberSecurity hashtag#SoftwareTransparency hashtag#MadeInCanada hashtag#DigitalSupplyChain hashtag#SoftwareRisk hashtag#TrustButVerify hashtag#DigitalTrust hashtag#OpenSourceSecurity hashtag#SecureDevelopment hashtag#DevSecOps hashtag#SoftwareIntegrity hashtag#CanadianTech hashtag#TechMadeInCanada 🍁💻🔐
diff --git a/marketing/layouts/blog/single.html b/marketing/layouts/blog/single.html
@@ -31,7 +31,18 @@ <h4 class="flex flex-row items-center"><span class="fa-solid fa-user text-2xl mr
             </div>
             {{ end }}
         </section>
-        {{ if .Params.image }}
+        {{ if .Params.youtube }}
+        <div class="my-4 aspect-video">
+            <iframe
+                src="https://www.youtube.com/embed/{{ .Params.youtube }}"
+                title="YouTube video"
+                allowfullscreen
+                class="w-full h-full rounded-md border"
+                frameborder="0"
+                allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share"
+            ></iframe>
+        </div>
+        {{ else if .Params.image }}
         <img class="my-4" src="{{ .Params.image | absURL }}">
         {{ end }}
         <div class="content prose md:prose-lg lg:prose-xl max-w-none py-1">{{.Content}}</div>
diff --git a/marketing/static/img/thirdparty/made-in-vs-product-of-canada.png b/marketing/static/img/thirdparty/made-in-vs-product-of-canada.png
