The outline appears too fragmented / disjoint.
Atleast 2 distinct themes involved:
- Corporate Interference (Embrace.Extend.Extinguish)
- Security in OSS.
Contains assertions without justification. Hard to separate facts from opinions.
Acquisitions of FOSS producers could lead to a crowding-out of volunteer contributors
Each case is unique and varies on a wide spectrum.
What are the tell-tale warning signs of a mismanaged/concerning sponsorship/acquisition?
“How to Protect” currently reads more like what to do and NOT how to actually do it.
Hopefully known pitfalls, best practices are elaborated upon in the slides/talk.
Not clear what concern this addresses?
Increase level of awareness of FOSS package to stay apprised of vulnerabilities
How does knowing about a package helps stay aware of vulnerabilities?
Possibly Rephrase/Elaborate to clarify.
What’s the “How to protect” to address the following concern raised?
Will it be less traction and engagement for FOSS projects built by individual companies?