Issue #141 new
Security concern - Stranger can take ownership of abandoned project
- Project x of a popular project removes their account.
- Mean Person re-registers the project using the same name.
- Mean Person uploads a new version with a new rm -rf / feature.
- People with dependencies on the project have a bad day.
I registered odfpy after it just disappeared. Luckily I'm not mean. Seems like a security issue.
See discussion about odfpy here. https://github.com/ldo/odfpy/issues/1#issuecomment-43021239