My point is that it had an overworked maintainer who was easily persuaded into giving the project to someone else. I highly doubt it has gotten a solid team behind it now.
It wasn’t “easy” at all, they had to put in over 2 years of useful contributions before there was chance to insert the malware. If you’re worried just stay on an older version, it should still open new files perfectly fine.
Yes, use the format that was almost backdoored a few months ago! I’m sure it has a very strong development team behind it! /s
I would call it the format that has the most eyes on it now.
My point is that it had an overworked maintainer who was easily persuaded into giving the project to someone else. I highly doubt it has gotten a solid team behind it now.
It wasn’t “easy” at all, they had to put in over 2 years of useful contributions before there was chance to insert the malware. If you’re worried just stay on an older version, it should still open new files perfectly fine.
It was easier than taking over zstd for sure
Yes, projects backed by multi-billion dollar companies do tend to be more resistant to that kind of attack.