Sure, here’s the original investigation on its Russian origin: https://dou-ua.translate.goog/forums/topic/38748/?_x_tr_sl=uk&_x_tr_tl=en&_x_tr_hl=en-US (Dou is the ukrainian IT forum).

Note I didn’t claim anything about technical security. It’s more of an ethical issue. Even if it’s FOSS (which, as seen in the other subthread, its merely pretending to be), it’s helping russian government.

If you want to consider security — security starts with trust. And GRU/FSB will infiltrate and use any segment of supply chain it has in its reach, being less constrained with any laws than NSA. Are you sure that malicious code will be caught in time like with xz?

No love for russian sanction-bypass product

Shattered Pixel Dungeon is great, actively developed, and was only possible because the original Pixel Dungeon went OSS. !pixeldungeon@lemmy.world