the lesson *I'm* choosing to take from xz, as an oss maintainer, is that anyone trying to pressure or guilt me into doing something should immediately be told no, for security reasons
You have your gatekeepers like Linus Torvalds who will call you a fucking moron if you submit something that looks remotely off.
You have your committees that you can submit a MR, but it has to go through the council of experts before it gets merged.
But the vast majority, it’s a one or two person project and this was a side project because you had an issue you wanted solved. No financial reward, no acknowledgement. And so when someone gives it a iota of attention, you fall head over heels and hope they are like-minded and want to support this dream too.
Open source is such a wild west at times.
You have your gatekeepers like Linus Torvalds who will call you a fucking moron if you submit something that looks remotely off.
You have your committees that you can submit a MR, but it has to go through the council of experts before it gets merged.
But the vast majority, it’s a one or two person project and this was a side project because you had an issue you wanted solved. No financial reward, no acknowledgement. And so when someone gives it a iota of attention, you fall head over heels and hope they are like-minded and want to support this dream too.
Theo is even more strict than Linus.
Theo?
The OpenSSH and OpenBSD lead. https://en.wikipedia.org/wiki/Theo_de_Raadt