[shp0ngle]

The actual maintainers of the repo seem to take the position that all "Jia Tan" commits are backdoor-free unless proven otherwise, so most of his commits still stay (as they* did a LOT of actual, real work on the repo).

I am curious what people think about that. It's still around 30k lines of code made by a known malicious entity, looking at git blame. However it seems mostly fine?

* plural "they" ;)

[Dalewyn]

>I am curious what people think about that.

If someone wants something done right, FSVO right, they can do it themselves.

[bennyhill]

Wanting to do something right is permission to do so in a world of standards but not in a world of free reference implementation in lieu of a standard.

[cedws]

I'm surprised that this implementation of xz written by... well... random people has been adopted so widely. I would've expected a more 'industrial' implementation managed by Google or Meta or something, but there isn't one.

[treffer]

Compression algorithm implementations are not for everyone.

The math and algorithms behind it are fun to learn but hard. And then you need to implement it both performant and correct.

Only a few people build up the algorithmic background to do this. And the gains once an implementation is there are marginal (optimizations).

The only larger one seems to be zstd, and I haven't wrapped my head around ANS/tANS...

[BuildTheRobots]

I'm still baffled xz took off so massively in the first place. The USP seems to be existing LZMA compression but made significantly more fragile and prone to never decompressing again.

[cqqxo4zV46cp]

This is very much the well-known reality.