Open abitrolly opened 4 years ago
/spent 30m
Zip bomb CVE https://www.cvedetails.com/cve/CVE-2019-9674/ doesn't seem to be fixed in zipfile
, because the fix is just a warning in documentation. This seems to be a blocker for merging https://github.com/pypa/warehouse/pull/9972
/spend 30m
Status
Updates
Intro
To avoid replacing them with bounty hunters, and erasing the spirit and culture of open collaboration. Think about how to preserve it.
Open source culture is definitely about socializing, collaboration and all emotions that fall aside from those pillars.
Dedicate one full time salary to spread among open source project you use, and make it both a gameplay and a social process. They say that giving helps to avoid the burnout. But the link should be "healthy" too whatever that means. Common sense and fun may not work for everyone, because people don't have time to maintain the balance.