What I don’t understand about this whole situation: why does it matter where commits originate from if you’re dealing with an open source project? Does the Linux kernel not peer review code? Can’t security researchers from around the world comb over the source code for vulnerabilities/malware? Or is this all just political theatrics?
They’re not allowed to be collaborating with people who work for certain Russian companies. It’s not a question of security, it’s a question of US law requiring US entities to punish through non-cooperation certain companies that are assisting in the war effort or whatever.
It might or might not be fair, but it isn’t up to the kernel developers, it’s a legal requirement for them.
What I don’t understand about this whole situation: why does it matter where commits originate from if you’re dealing with an open source project? Does the Linux kernel not peer review code? Can’t security researchers from around the world comb over the source code for vulnerabilities/malware? Or is this all just political theatrics?
They’re not allowed to be collaborating with people who work for certain Russian companies. It’s not a question of security, it’s a question of US law requiring US entities to punish through non-cooperation certain companies that are assisting in the war effort or whatever.
It might or might not be fair, but it isn’t up to the kernel developers, it’s a legal requirement for them.