Comment by donatj

Comment by donatj 2 months ago

0 replies

View on Hacker News

> and have become less trusting of contributors following the xz backdoor

That's almost certainly a good thing. Over the last decade plus of my using GitHub on three different occasions I have wandered into a project, submitted a pull request, and the author has simply given me full write access to the repo without my asking. I didn't want it. I didn't ask to be a maintainer of this project.

People can be really weirdly not unconcerned about security.