Post AxpDuweJHDef8ZaSgK by fossdd@chaos.social
 (DIR) More posts by fossdd@chaos.social
 (DIR) Post #AximVYjXC7cC0twSau by ncopa@fosstodon.org
       2025-08-31T06:41:06Z
       
       0 likes, 0 repeats
       
       @mirabilos Would you prefer we’d allow completely anonymous people make changes to the software millions run?
       
 (DIR) Post #AximVa0ETWZ9wylJGC by lanodan@queer.hacktivis.me
       2025-08-31T07:07:20.936224Z
       
       0 likes, 0 repeats
       
       @ncopa @mirabilos Isn't that already covered by having been active in FOSS circles for 2 years? Which changes it from purely anonymous to well established pseudonyms.Plus it would make more sense to check say previous maintainer roles for bad faith kind of concerns, personal details seems quite irrelevant to this kind of stuff.
       
 (DIR) Post #AxpDuweJHDef8ZaSgK by fossdd@chaos.social
       2025-09-03T09:26:46Z
       
       0 likes, 0 repeats
       
       @lanodan @ncopa @mirabilos@toot.mirbsd.org the problem is we have to prevent the 2nd xz attack and yet respect the privacy of the contributors. compmetely anonymoys contributors can stiml do everything, just merging requires further information. somewhere the line has to be drawn, i we're fine. especially since you can do everything also anonymously in contrary to debian/arch/...
       
 (DIR) Post #AxpDuxlR8CwwaxvfQe by lanodan@queer.hacktivis.me
       2025-09-03T09:41:58.099333Z
       
       0 likes, 0 repeats
       
       @fossdd @ncopa Well a Jia Tan probably could produce some more or less bogus personal details, after all Alpine can't really verify the authenticity of those.Meanwhile having been involved in other projects is quite harder to produce, and can allow to check on past behavior.