|
|
|
|
|
|
by infinite8s
3518 days ago
|
|
|
I think the concern here is that the maintainer could subsequently merge a malicious PR knowing who was using the library from GitHub. That wouldn't be an issue if that group was hosting a version themselves (before the maintainer might find out who was using it). |
|
|