[jake-low]

Are you referencing the ESLint backdoor? From my recollection, the two incidents seem really similar. Both were noticed and unpublished quickly. Both could have been prevented by 2FA. Can you elaborate on why you think this incident was handled better?

[gedy]

For some reason, a subset of Rails community feels compelled to boost it by knocking whatever is more popular, e.g. Java in the old days, JavaScript these days. Rails is fine, but that aspect of the community is unnecessary and immature.

[uponcoffee]

It's not fair characterize a whole community by the actions of individuals; it's just throwing around more mud.

Aside from the root comment, there is no evidence here to support the broad strokes you're making.

[gedy]

I specified subset, and it's from my experiences over the years.