[tfrancisl]

2 questions. First, how does a vibe coded / generated fork or derivation pose security risks to the original work? Second, what is a "more appropriate channel" to express his opinions than the platform he has as a maintainer of a massively popular project?

I would argue that we don't see enough open source developers presenting their political or social views in the context of their works.

[fragmede]

The security risk is I Google for "notepad++ Mac", because I have a Mac, and get malware served up to me.

The appropriate channel for other people to voice their politics is anywhere else, so that ASalazarMX doesn't have interact with it and gets to pretend everything's okay.

[ASalazarMX]

Since you answered the first question, I'll answer the second according to my original intent.

The appropriate channel for voicing politics and ideology would be my personal accounts, not a software utility. Would you enjoy if your generous neighbor offered to mow your lawn for free, but left political messages on it?

I've rarely contributed to, or released something open source, but I know it's unprofessional to mix personal and work subjects, and open source is work, even if you do it for free.

And to counter the visibility argument, I followed Don Ho on Twitter, now on BlueSky, and actually enjoy his publications even when they aren't strictly work related.