jwildeboer, (edited ) A voluntary peer review system, but for pull requests. Instead of throwing money around, having meta discussions on how to run FOSS better, keep it simple. A group of people, including some real experts for the truly weird cases. Let’s call it the s-express (security express, and yes, when you remember the song, all the better). When you as maintainer receive a pull request that looks dodgy, you can forward it to s-express, who will take a look and report back with a first assessment in 24 hours
Add comment