|
|
|
|
|
|
by KolmogorovComp
775 days ago
|
|
|
This is not a ‘xz moment’, as a sibling comment said, it is norm in open-source. Someone with more time forked the repo, included the changes that were necessary, build up trust and then this eventually get merged. Now obviously there is no guarantee they will never act up in the future, but this is not different than for the original owner. Trust is a necessity to open-source reliably functionning, because it in parts makes up for the lack of money, and allow to move fast. XZ is the exception. And frankly there is not much to do against it. |
|
|