OhVenus_Baby@lemmy.ml to

Cybersecurity@sh.itjust.worksEnglish · 1 month ago

Do you actually audit open source projects you download?

9

25

Do you actually audit open source projects you download?

OhVenus_Baby@lemmy.ml to

Cybersecurity@sh.itjust.worksEnglish · 1 month ago

9

cross-posted from: https://lemmy.ml/post/30846707

cross-posted from: https://lemmy.ml/post/30846701

The question is simple. I wanted to get a general consensus on if people actually audit the code that they use from FOSS or open source software or apps.

Do you blindly trust the FOSS community? I am trying to get a rough idea here. Sometimes audit the code? Only on mission critical apps? Not at all?

Let’s hear it!

Chat

sugar_in_your_tea@sh.itjust.works
link
fedilink
English
arrow-up
9·
1 month ago
I don’t do a full audit, but I certainly make sure the project is reasonably active before using it. I’ll look at:

recent commits

variety of contributors

activity on issues and pull requests from maintainers

That only takes a few min and I think catches the most important issues.

Cybersecurity@sh.itjust.works

cybersecurity@sh.itjust.works

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !cybersecurity@sh.itjust.works

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We’re all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your “friends” socials you’re just going to get banned so don’t do that.

Learn about hacking

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

42 users / day
322 users / week
1.3K users / month
4.74K users / 6 months
1 local subscriber
7.68K subscribers
2.31K Posts
3.57K Comments
Modlog