I'm not surprised at all. I bet there are plenty of multi-billion dollars companies using that project who never contributed a cent to its author yet sent their developers on GitHub to complain about the state of the project.
It happened to a few maintainers I know. These companies save millions in development cost on the back of a few developers in developed countries. This is open source, I get it, but this isn't fair either.
Look at that comment:
> ....yikes. Sounds like a fork needs to happen. And github should really look to provide a 'risk' rating to projects from a maintenance PoV... a project depended on by 4.5m users with 1 maintainer should visualise as a high-risk dependency.
It's not up to GitHub to do that, it's up to the individual or the company to audit a project and its dependencies and be prepared to be able to maintain it themselves. Or pay the only developer to do exactly that.
Another comment (quoted by another guy):
> Babel maintainer here
We are probably not going to fork core-js because we don't have enough resources to maintain it.
And people expect a single developer to have the resources to do exactly that? look at babel and the list of sponsors, yet they don't have the resources:
Another part of the loop is that many hiring groups also expect to see some public code out there. Maybe it's some library or widely popular project that helps your hiring chances or maybe it's just a toy project. None the less, you better have something sitting out there active for free.
Then, once you're hired and they're paying you, they certainly don't want you wasting their resources (paid time, IP) contributing free software.
The entire tech industry is morphing more and more into a dumpster fire itself.
It happened to a few maintainers I know. These companies save millions in development cost on the back of a few developers in developed countries. This is open source, I get it, but this isn't fair either.
Look at that comment:
> ....yikes. Sounds like a fork needs to happen. And github should really look to provide a 'risk' rating to projects from a maintenance PoV... a project depended on by 4.5m users with 1 maintainer should visualise as a high-risk dependency.
It's not up to GitHub to do that, it's up to the individual or the company to audit a project and its dependencies and be prepared to be able to maintain it themselves. Or pay the only developer to do exactly that.
Another comment (quoted by another guy):
> Babel maintainer here We are probably not going to fork core-js because we don't have enough resources to maintain it.
And people expect a single developer to have the resources to do exactly that? look at babel and the list of sponsors, yet they don't have the resources:
https://github.com/babel/babel