Tootfinder

More on the crisis in open-source maintenance as exemplified by libxml2: https://lwn.net/SubscriberLink/1025971/73f269ad3695186d/
Some money *has* to start flowing into this community or the foundations we all rely on will start rotting away. Given the many-bi…

The libxml2 maintainer is basically shrugging his shoulders and saying "deal with your own fucking security issues; libxml was never meant to be used in your projects" to google and the rest of the giant corporations that are using his labor without contributing back. I'm totally on board with that.
https://

Triaging security issues reported by third parties (#913) · Issues · GNOME / libxml2 · GitLab
I have to spend several hours each week dealing with security issues reported by third parties. Most of these issues aren't critical but it's still a lot of...

"Libxml2’s solo maintainer drops embargoed security fixes, highlighting the burden on unpaid volunteers who keep critical open source software secure."
https://socket.dev/blog/libxml2-maintainer-ends-embargoed-vulnerability-reports