Jerry 🦙💝🦙Mar 30, 2024

I can’t tell you how angry this makes me feel for this maintainer.

I don’t know who Jigar Kumar is, or what the motivation was behind the emails that the author is referencing, but I can tell you if I was trying to get a bad actor in as a trusted developer, this is how I would approach it.

Good post.

https://robmensching.com/blog/posts/2024/03/30/a-microcosm-of-the-interactions-in-open-source-projects/

A Microcosm of the interactions in Open Source projects | RobMensching.com

Originally a thread on Twitter about the xz/liblzma vulnerability, when I finished typing it, I realized I had a real world slice of Open Source interaction that deserved more attention.

Show threadcircafuturum
@jerry Eye opening, thanks for sharing!
Mar 30, 2024 at 10:24pmWeb