Setting aside everything racial, do you know @ZijianHe personally, or was he simply the highest bidder? That's what this all comes down to. Thousands of people (apparently) put trust in you not to backdoor their codebases, and if you simply sold that vector to a random person, that's at best a hugely irresponsible decision.
It may even be completely innocent and valid for a developer to do this, but :
1. there seems to be -intentionally- very little transparency about it,
2. the second most prominent contributor - who was also the most prominent contributor for the last two years - was, we are told, locked out without notice
3. the original developer has repeatedly declined to acknowledge that the community has (or could have) any concerns worth even discussing.
4. the Github history indicates a strong possibility the package was bought.
If someone wants to sell their package, perhaps they have every right to, but the author's repeated dismissal that anyone might be legitimately concerned or legitimately want to know more about this process is bizarre and alarming.
