hacknsplat@aussie.zonetoRust@programming.dev•Thoughts on the xz backdoor: an lzma-rs perspective | Blog
2·
7 months agoI think this article has a more thoughtful take than most I have read on the subject. In particular, I agree that we need to move away from the bazaar model and back towards the cathedral model, at least for critical software (he suggests smaller projects being adopted into larger, better funded and maintained consolidations). Another key observation is that a lack of activity does not mean a project is abandoned - it may just be feature complete. The flip side of that is, I think, that it is okay for projects to say “this is done” and resist the urge to expand into new areas and add endless complexity and dubious features.
The real miracle here is that the browser can render the final result so quickly.