I’ve received a few pings/questions regarding my involvement in the xz stuff. I’ve posted a statement on the original PR. https://github.com/jamespfennell/xz/pull/2#issuecomment-2027836356
Kudos to people who managed to find me here despite me not using my real name on this 
The views expressed here in this post are not representative of my employer, 1Password except where explicitly called out. Last week, I made a PR to an open-source repository. It was a seemingly innocuous change. One that only upgraded a submodule in the repository to ensure the underlying C code
dwari