|
|
|
|
|
|
by some_furry
1910 days ago
|
|
|
> I think it's reasonable for an organization to think twice before taking a dependency on such projects, given the sort of anonymous attacks mentioned in the article. I'd argue that "thinking twice" should be the standard bar for all open source dependencies, not a discrimination levied towards anonymous or pseudonymous developers. (Though, to be fair, I doubt Google would ever use any of my code. I know your cryptographers; they don't need me to contribute lol.) |
|
|