Thoughts?

  • Sam@lemmy.ca
    link
    fedilink
    arrow-up
    28
    arrow-down
    1
    ·
    1 year ago

    His code contributions have always been high quality, and they’re audited by his peers. Its very unlikely malicious code would come from him, and even more unlikely it would make it through on to your phone.

    While he’s certainly unhinged, it’s clear that he cares deeply for the project. I can’t see him doing anything intentionally malicious.

    I really wish him the best, and I’m glad he stepped down. Much better for optics with him out of the way.

      • Square Singer@feddit.de
        link
        fedilink
        arrow-up
        11
        ·
        1 year ago

        The risk is definitely not higher than the risk of some closed sorce dev smuggling something dodgy into a high profile project like e.g. Windows.

        That said, I would trust an unknown git repo about as much as I would trust some exe I found on a random website.