ThinlyArmed

I agree. It's unfortunate that as projects grow larger and attract followers, people's natural disposition is to reflexively "defend" (not really, but that's what they think they're doing, it's more like enabling) whenever someone points out a flaw, especially when they don't understand the severity of it. If you don't understand why this was (is?) such a big issue, and why BennTech was justified in addressing it the way he did, it might be best to refrain from commenting altogether. You're not "defending" anyone because there was no attack to begin with; he rightfully brought attention to a BIG ISSUE. He did so respectfully, yet he encountered not only a dismissive attitude but one that betrayed a lack of understanding of BASIC cybersecurity hygiene (which was both informative and unfortunate). I'm glad that in the end it looks like the project lead's better angels emerged victorious in this situation. I'm not thrilled that this is my first post here but I wanted to add my 0.2 cents so, hopefully, when another cybersecurity issue is brought up again in the future it won't be met with the same dismissive treatment from prominent members of this community. This wasn't a niche issue; it should never have occurred in the first place so I empathize with BennTech's frustration when all he got was dismissal when he brought it up. Thank you @BennTech for bringing it up when you did and the way you did it, clearly delineating why it was a big issue. And thank you devs for addressing the issue despite it seeming like you disagreed lol.