me.dm is part of the decentralized social network powered by Mastodon.
Ideas and information to deepen your understanding of the world. Run by the folks at Medium.

Administered by:

Server stats:

1.4K
active users

Learn more

#HugOps to unpkg and to everyone in #OpenSource who goes through similar stresses — outages like this demonstrate modern digital infrastructure's fundamental fragility: theverge.com/2024/4/12/2412827

The Verge · A popular open-source content delivery network went down for hoursBy Emma Roth

Behind your browser, the #internet is people.

Repeatedly, we see what happens when the humanity and fatigue of people maintaining critical infrastructure are exploited.

Most recently, with the discovery of the #XZ hack.

@devs @anildash sorry, but going to have to call BS on this one.

xz is like a seven times removed transitive dependency. What is the actual thing you’re proposing here’s in relation to xz. That everyone should “show up” and contribute back to the Debian and Redhat build processes?

Anil Dash

@joshhunt @devs I’m proposing direct structural support in terms of resources and infrastructure from major for-profit tech companies to support open source projects and maintainers. Absolutely the big players could evaluate open source build chains just as they do their own code.

@joshhunt @devs a maintainer having a community he can reach out to before he burns out would change things like this massively.