Thought this was a good read exploring some how the “how and why” including several apparent sock puppet accounts that convinced the original dev (Lasse Collin) to hand over the baton.

  • taladar@sh.itjust.works
    link
    fedilink
    arrow-up
    6
    ·
    9 months ago

    Maybe, before a library or any software gets accepted into a distro, that distro does more due diligence to ensure it’s a sustainable project and meets requirements like a solid ownership?

    And who is supposed to do that work? How do you know you can trust them?

    • DigitalDilemma@lemmy.ml
      link
      fedilink
      arrow-up
      2
      ·
      9 months ago

      Fair point.

      If the distro team is compromised, then that leaves all their users open too. I’d hope that didn’t happen, but you’re right, it’s possible.