As a (mostly former) OSS maintainer, I don't want to be suspicious of any contributors. I want welcome contributors as co-maintainers.
I don't want to gate-keep specific tasks (such as releasing and updating the website) so that I'm the single point of failure.
It's already hard to enough to get people to contribute more than a README typo fix or maybe a single feature that they need themselves, and get them invested into the project as whole.
Somebody please create an alternative for keeping projects secure that's not based on suspicion and gatekeeping.
I don't want to gate-keep specific tasks (such as releasing and updating the website) so that I'm the single point of failure.
It's already hard to enough to get people to contribute more than a README typo fix or maybe a single feature that they need themselves, and get them invested into the project as whole.
Somebody please create an alternative for keeping projects secure that's not based on suspicion and gatekeeping.