What can be done to protect open source devs from next xz backdoor drama?

What happened, how it was found, and what your vultures have made of it all
Kettle It's been about a week since the shock discovery of a hidden and truly sophisticated backdoor in the xz software library that ordinarily is used by countless systems.…