Dear Paul,
I missed your blog entry before, so thanks for your summary!
* Paul Boddie [2017-06-16 13:55 +0200]:
The report does make valid points about the burden of security-related feedback on Free Software projects. Unfortunate, then, that it states this: "People are volunteers." While Free Software projects are typically open to volunteer participation, the likes of the Apache Software Foundation should be looking to promote and develop ways through which "people" will not be (unpaid) volunteers but can instead dedicate their "work time" to maintaining and improving Free Software.
Actually I would be very interested in the percentage of Apache developers who do their work on a paid basis. My impression always was that the percentage of paid developers is quite high in that area. Does anyone of you have any insights there? Else I would ask the author.
Regards, Matthias