The Xz story from [last month](https://simonwillison.net/2024/Apr/5/everything-i-know-about-the-xz-backdoor/), where a malicious contributor almost managed to ship a backdoor to a number of major Linux distributions, included a nasty detail where presumed collaborators …
Perhaps this speaks to a larger issue— how much bullying exists in the FOSS community, and what can the community - at large - do to address it, or even begin to bring awareness to it?
This argument that it’s a security vulnerability isn’t a terrible one (it’s certainly very logical and quite irrefutable), but I think there are others to be made for addressing this issue.
yeah, i think any project needs effective leadership. without it disagreements can fester into conflict and bullying becomes a bad way of resolving or beating those you are in conflict with