But also without getting overly political: what we now see across the planet is worrying. In many ways, it is an attack on Free and Open Source Software (FOSS). It not always be direct. Indirectly, it makes our lives significantly more difficult and complicated. It gradually erodes some of the core ideas of the FOSS movement.
At the same time, the FOSS movement itself needs to critically review the way it operates. It can’t keep depending on contributors who are unpaid or minimally paid. Their work comes at the expense of their recovery time and mental health. That is a huge — HUGE — security risk.
Another important point is that FOSS projects need development systems.
These systems must guarantee that source code can be automatically verified. They also need to secure the supply chain against attacks.