Following CSRB log4j report, Google supports call to improve open source security