There are oodles of neat and singular programs on github and similar. Curious what steps people take to vet for malware before downloading and trying stuff, especially if you’re not very familiar with the coding language it’s written in.
There are oodles of neat and singular programs on github and similar. Curious what steps people take to vet for malware before downloading and trying stuff, especially if you’re not very familiar with the coding language it’s written in.
Even if you do know code, nobody reads all the source code when trying something out.
We still rely largely on trust, and herd protection. Lots of stars on github? Been around for a while? Keeps showing up in “Top lists” and on those posts on social media where people list the foss software they use? Issues get solved reasonably quickly and there’s no ancient and ignored posts on there? It hasn’t changed hands recently to somebody with a new account and no history? It’s probably a good project.
It is still a risk, but a managed one.