You’re spot on with the latter, I’ve come across a few projects over the years where the ownership is transferred and it’s then loaded up with malware or even just instantly abandoned again because the new owner just wants it on their GitHub to get a job or something.
I’ve come across a few projects over the years where the ownership is transferred and it’s then loaded up with malware
See: The Great Suspender
The original developer sold the repo to a new, anonymous maintainer. The new maintainer abandoned the repo but continued updating the Chrome Web Store version of the addon. That version eventually got delisted by Google for including malware.
You’re spot on with the latter, I’ve come across a few projects over the years where the ownership is transferred and it’s then loaded up with malware or even just instantly abandoned again because the new owner just wants it on their GitHub to get a job or something.
See: The Great Suspender
The original developer sold the repo to a new, anonymous maintainer. The new maintainer abandoned the repo but continued updating the Chrome Web Store version of the addon. That version eventually got delisted by Google for including malware.