Open source maintainers underpaid, swamped by security, and going gray

AI-coded contributions? Most would rather skip the bot's work

The majority of open source project maintainers are not being paid for their work, spend three times as much time on security than they did three years ago, and have become less trusting of contributors following the xz backdoor, according to open source package security firm Tidelift....