certain projects like Fedora and Bitwarden are considering it, so I’m not too pleased about that

while I relate to this take and it could even work out for offline systems, online systems need constant updates to protect yourself against software vulnerabilities. i don’t think we’ve reached the point where FOSS software is so infiltrated that a Trojan would be less malicious than slop code