the lesson *I'm* choosing to take from xz, as an oss maintainer, is that anyone trying to pressure or guilt me into doing something should immediately be told no, for security reasons
That last sentence rings true of most software engineers. Everyone wants to work on a glamorous new feature that’s going to wow users or let them think about problems they want to think about. No-one wants to hunt down the difficult-to-repro bug in an old but critical section of someone else’s code.
That last sentence rings true of most software engineers. Everyone wants to work on a glamorous new feature that’s going to wow users or let them think about problems they want to think about. No-one wants to hunt down the difficult-to-repro bug in an old but critical section of someone else’s code.