|
|
|
|
|
|
by bawolff
229 days ago
|
|
|
Morality and legality are not the same thing. Although perhaps my previous comment went a little too far. I think its fine to not fix issues as long as you publish them so that users can make an informed decision. Where i think it would be morally wrong is if a project pretends it fixes security issues but doesn't or if it tries to cover them up - insisting external reporters dont talk about them while also having no intention of fixing them. Basically i think open source projects (like everyone) have a moral duty to be honest and not try and decieve people, regardless of what the license says. |
|
|