8·
19 days agoI believe that as a FOSS developer, in order for your code to be implemented and widely adopted, you’ll have first reached a certain level of trust in the community. That, and yes your open source code can be picked through. Malicious code isn’t always immediately found, but it does ruin the hard earned reputation of the developer.
Source: just speculation from being a FOSS fan for many years
Understanding the risks is half the battle, but we can only do what we can do.