Filippo Valsorda 
Looks like the same poorly implemented Android CT library that broke a lot of apps a couple years ago... did it again 🤦♂️
https://github.com/appmattus/certificatetransparency/issues/143#issuecomment-2993688741
Juli Jane@filippo I don't like that you explicitly state "poorly implemented". Yes, maybe, but no reason to shit on the developer when they are unpaid and not the actual issue here. That's insensitive and uncalled for.
@julijane it’s not so black and white. If you are an unpaid maintainer you have no obligation to put in extra work, for sure. But if you do take down the banking system of a country once (still not your fault!) and people tell you your library is broken… I think you start having a responsibility to either deprecate it, fix it, or at least warn users. We live in a society.
Æ.@filippo no. None of that. Instead, banks should stop relying on random code they find online. It is exactly that black and white.
Vetting dependencies is an important part of software development and if you didn’t do your due diligence there, that’s your fault. Maybe hire an engineering manager, this is exactly what that role is for.
Tony@aesthr @filippo Agreed. Any mistake in code I wrote isn't my responsibility to fix, if you use it via a FOSS licence. Once you obtain any source code, it is your job to check it, port it, fix it, fork it and maintain it if you want to use it without error. This attitude of it's a "free for all buffet" of "zero consequences" for me because I forked or used your code is borderline derangement. Reading the licence agreement and taking ownership of what you use is how it's always worked