[vips7L]

> the software would just get pulled as a supply-chain risk and b) the developer would likely be blacklisted. Again, accomplishing nothing.

Oh no the people I don’t want using my software aren’t going to use it. The horror.

[minimaxir]

Being pulled from the supply chain means no one is able to use the software, both intentional users (no one is going to build from source after such an action) and unintentional, and they'll just use a competitor/fork instead as the open-source software ecosystem encourages. Nothing is won.

[g-b-r]

Is there a universal "supply chain" now?