As per https://en.wikipedia.org/wiki/Bus_factor, "The "bus factor" is the minimum number of team members that have to suddenly disappear (e.g., get hit by a bus) from a project before the project stalls due to lack of knowledgeable or competent personnel." Software is built by people who have their own lives and priorities and who won't be around forever. This comic illustrates the problem.
If a package stops being maintained, then security problems will not be fixed and the package will not be updated as the world changes around it. At some point, the package will no longer work as expected in the required context.
- cURL is the de facto standard program used to make network requests in Linux environments and is maintained by one person: https://onezero.medium.com/the-internet-relies-on-people-working-for-free-a79104a68bcc
Note that these projects have multiple contributors, who have written code that has been incorporated into the projects. What is notable is that the projects have had a single maintainer, who owns the project, makes releases, and decides what gets incorporated into it and what does not. If the maintainer(s) stops working on the package, then progress on the package stops.
Updated 3 months ago