alt Hacker NewsPoor analogy. Nobody is saying that there is a legal obligation for the Rust community to improve supply chain security, but this post is saying it's already fine; we don't need to improve things - just do your own auditing! which is the kind of "just don't make mistakes" bullshit that led people to create Rust in the first place.
> just do your own auditing!
Then feel fucking free to pay the Rust community to audit the software.
Oh, that's too much for you. I see how it is.
I sound a bit pissy, but the amount of entitlement that occurs when things are free is off the charts in this thread.