A Microcosm of the interactions in Open Source projects
Originally a thread on Twitter about the xz/liblzma vulnerability, when I finished typing it, I realized I had a real world slice of Open Source interaction that deserved more attention.
Originally a thread on Twitter about the xz/liblzma vulnerability, when I finished typing it, I realized I had a real world slice of Open Source interaction that deserved more attention.
pmk, The article ends with “This is the way it works. It needs to change.” and the question then is, how? What can an ordinary user do? Or is it more about how large scale projects are run, in scope and ambition? Is it about money? More audits? What is the most pragmatic real world solution that would make a difference?
lobut, I remember seeing examples like this before. People attack maintainers with the same verve as a big corporation that they’re paying services for.
There are humans behind these projects and very few people want to fund them despite relying on them as well.
Add comment