[gnahckire]

Fair point. Although one shouldn't discount statistics altogether. Security experts lean on skepticism to help minimize exposure and discover new things.

Race and nationality aside, the transfer of ownership to an entity that has zero open source contributions in the js space does look very suspicious. I'm just surprised that an open source author didn't provide that disclosure to users of his work.

[chrischen]

In almost all cases, including this one, you will have better signals than to bucket a whole race or culture under a generalized stereotype.

For example i can see at least another Chinese contributor who is against this who works at Alibaba that commented.

The principle issue here is that the repo was put up for sale, and anyone paying for the opportunity to maintain a free library should be scrutinized. This would be true regardless of if they were Chinese, black, or a white guy from San Francisco.