@jwildeboer I'm sorry that this needs to be said, but the problem here is that the xz maintainer had mental health issues and nobody cared, then a malicious actor took over and nobody noticed, because the eyes are all on CI, git tags, stack traces and all that shit. Fixing the backdoor is a tiny effort. The FOSS community should be ashamed, particularly all companies who make huge profits.