Hosting code with automated publishing into well known namespaces is looking more and more like a broken model. A better approach is human verification of package names like in #Debian, @fdroidorg, #MavenCentral. Then other pieces can be safely automated https://www.bleepingcomputer.com/news/security/critical-cloudflare-cdn-flaw-allowed-compromise-of-12-percent-of-all-sites/
Librem Social is an opt-in public network. Messages are shared under Creative Commons BY-SA 4.0 license terms. Policy.
Stay safe. Please abide by our code of conduct.