[gnahckire]

> Let's set the record straight... @ZijianHe offered to maintain it, and I agreed to let him maintain it. Our relationship is not anyone's business.

Why not be transparent about selling the package? Or attempting to do so?

> Chinese developers have contributed more to this repository than anyone from the Koa organization. This kind of racial scaremongering or guilt by association is not acceptable. Its offensive.

Nice rhetoric here. But you know the Country of origin of most cyber attacks is China right?

Source: https://www.csis.org/programs/cybersecurity-and-governance/t...

> I'm not going to say anything more on this issue. This is beyond ridiculous.

Suit yourself. But it really isn't. Sorry for all the harassment you're getting but, it's not exactly unwarranted...

[chrischen]

If you pulled up crime statics on black people vs white people, you'd have similar damning statistics. Rather than prejudicing this "unknown Chinese" guy why not treat him as a person first and find out who he is, and what he has to say?

[gnahckire]

Fair point. Although one shouldn't discount statistics altogether. Security experts lean on skepticism to help minimize exposure and discover new things.

Race and nationality aside, the transfer of ownership to an entity that has zero open source contributions in the js space does look very suspicious. I'm just surprised that an open source author didn't provide that disclosure to users of his work.

[chrischen]

In almost all cases, including this one, you will have better signals than to bucket a whole race or culture under a generalized stereotype.

For example i can see at least another Chinese contributor who is against this who works at Alibaba that commented.

The principle issue here is that the repo was put up for sale, and anyone paying for the opportunity to maintain a free library should be scrutinized. This would be true regardless of if they were Chinese, black, or a white guy from San Francisco.