Where's the source code?

[Zulu-Inuoe]

This is an interesting venture, but my concern is that I don't see any source provided for SponsorLink.
Where does the dll on NuGet come from?

Thanks.

[kzu]

Hi @Zulu-Inuoe! Thanks for your interest in SponsorLink.

Given that the goal of SponsorLink is to provide a way to ensure users get notified about their sponsorship status, I considered that making the source available of how the check is implemented, would only serve to illuminate those wanting to skip the check.

The details of how it works are explained on my blog, just to get a sense of how it ties in with the build and the IDE experience.

[Zulu-Inuoe]

I encourage you to reconsider this position, as security by obscurity is a well known trope.
That said, as it stands for me, this makes projects using this software unusable as I don't want to be running unknown and untrusted software on my developer's machines.

[ripvannwinkler]

How to kill a project in 1 easy step...

[sbergot]

This project collects the email addresses of every user compiling this library without their consent. How do you make this compliant with GDPR?

[lucas-zimerman]

How to kill a project in 1 easy step...

I dont think he's killing the project, but more likely other projects who decide to include SponsorLink are shooting themselves by adding it without even noticing or even opening a Pull Request.
It gives the impression someone got access to their accounts and just shipped a fast spyware to production.

[kzu]

It's all OSS on this same repo now. Closing and locking. Thanks!