this post was submitted on 07 Jul 2023

1819 points (99.7% liked)

Memes

45158 readers

3178 users here now

Rules:

Be civil and nice.
Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago

MODERATORS

gary_host_laptop@lemmy.ml

sexy_peach@feddit.de

cyclohexane@lemmy.ml

cypherpunks@lemmy.ml

1819

It's Open Source! (lemmy.dbzer0.com)

submitted 1 year ago* (last edited 1 year ago) by 001100010010@lemmy.dbzer0.com to c/memes@lemmy.ml

224 comments fedilink hide all child comments

Not discrediting Open Source Software, but nothing is 100% safe.

you are viewing a single comment's thread
view the rest of the comments

[–] nous@programming.dev 1 points 1 year ago

What about the various NPM packages written by one guy. Who then moved on to other things then gave control of that package to someone else that seemed legit. Only for them to slowly add melicious code to that once trusted package that is used by a large number of other packages?

Or someone raising a pull request for a new feature or something that on the surface looks legit on its own. But when combined with other PRs or existing code ends up in a vulnerability that can be exploited.