Helge Heß
(replying to Saagar Jha)
@saagar @airspeedswift Aren’t both problems that Linux distri companies like RedHat and SuSE supposedly handle? (paying maintainers and also manage what exactly is packaged).
Noah Gibbs
(replying to Helge Heß)
In theory, yes. In practice there is far too much code for them to review, too.
Also, the difficulty with profit/paid solutions is that *not* reviewing all that code, or reviewing it badly, is *always* cheaper than reviewing it, let alone reviewing it all well -- which is certainly impossible under current conditions.