rob, The interesting thing about the xz attack is that as humans we tend to trust after time has passed.
A senior dev starts working for a company in 2021 is a trusted senior dev by 2024.
Someone starts regularly contributing to an OSS project in 2021 is a maintainer by 2024.
Add comment