cross-posted from: https://lemmy.ml/post/30846701
The question is simple. I wanted to get a general consensus on if people actually audit the code that they use from FOSS or open source software or apps.
Do you blindly trust the FOSS community? I am trying to get a rough idea here. Sometimes audit the code? Only on mission critical apps? Not at all?
Let’s hear it!
I’ve glanced over a project or two before. It’s usually less an audit, and more of a ‘what is going on in there?’ curiosity.
Though it does have the side-effect of being a low-intensity audit as well. :)