alt Hacker NewsI guess we have very different takes on this; I wouldn't expect Slack or WhatsApp to publish security advisories if one of their users used them to spread malware among a tiny cohort of other users, which is about the right level of responsibility Arch places on itself (and it's very clear about this) w.r.t AUR.
I think you’re correct. I see a fundamental difference between services like slack and WhatsApp which provide messaging services and hosted platforms like the AUR where content is submitted and then republished on a site administered by the project.