1 comment

[ 2.8 ms ] story [ 15.8 ms ] thread
They are revealing to the public if a package maintainer used Tor or 2FA. I do not think that information should be made public.