why does EVERY embedded project have to fork every.
Uncategorized
1
Posts
1
Posters
0
Views
-
why does EVERY embedded project have to fork every. single. repository. they depend on?? the amount of times I've seen "mirror of" or "<ourProjectName> repository tracking <upstreamProjectName>" where the 'mirror' has 39 commits and upstream has 3.2k and if you're extra lucky upstream has been archived 2 months ago
also makes me wonder how this (doesn't?) work security-wise... who's keeping track of security fixes or patching all of these downstream mirrors? why not submit patches upstream?
maintaining downstream mirrors like this is literally the same as creating unmaintained forks, no?
-
R relay@relay.infosec.exchange shared this topic
