• the_strange@feddit.org
    link
    fedilink
    arrow-up
    5
    ·
    1 month ago

    Your words, not mine. If they were afraid of malicious code coming from these sources they would’ve removed them earlier and not only after their legal department recommend these maintainers be removed.

    Open source doesn’t mean that malicious code isn’t impossible though. For a project as large as the Linux kernel it is unlikely, but see the xz-utils incident earlier this year for example. https://en.wikipedia.org/wiki/XZ_Utils_backdoor

    • GolfNovemberUniform@lemmy.ml
      link
      fedilink
      arrow-up
      1
      arrow-down
      3
      ·
      1 month ago

      Yes I expected that argument. My point was there was no valid reason to remove them. The xz case didn’t convince any other projects to get rid of maintainers based on their nationality after all.

      It’s obviously my own opinion that what Linus did was an nonnegotiable red flag but I’d prefer to stick with it for now. I guess making this discussion political was a pretty harmful decision so I’ll remove some of my replies in order to avoid creating more drama.