Frühere Suchanfragen
Suchoptionen
One worrying thing about the whole xz debacle is that maintainers are probably going to be even less inclined to trust people they don't know coming in to offer help (99.9% of whom are, one hopes, _not_ state-sponsored attackers ...), and thus it will be even harder to relieve the pressure on overworked maintainers.
@cjwatson it will amplify network effects, I think. We will be more likely to trust people we already know and less likely to trust newcomers with zero background. And I'm sure you can see how that's a problem...
@ehashman Yeah exactly. And we saw the racists coming out pretty quickly for this one, so I'd bet it will be particularly harder for newcomers with Chinese names for a while
@mirabilos @cjwatson @ehashman, And it wouldn't matter in any case. Most people in the OSS community never meet face-to-face; for some, there isn't even a single picture available publicly - and that's fine. "Trust, but verify" is the only thing we have. However, there should be a discussion about "clever" code. When people regularly contribute good, innocent, but needlessly complicated code, it becomes a problem.