There are oodles of neat and singular programs on github and similar. Curious what steps people take to vet for malware before downloading and trying stuff, especially if you’re not very familiar with the coding language it’s written in.
There are oodles of neat and singular programs on github and similar. Curious what steps people take to vet for malware before downloading and trying stuff, especially if you’re not very familiar with the coding language it’s written in.
There’s not a ton you can do, but you can look out for indicators of a healthy project.
A good sign is if the repo has a lot of different contributors. If something has hundreds or thousands of contributors, there’s more eyes on it to catch something malicious. Also other activity as well, like bug reports demonstrates a strong user base, which is like crowdsourcing trust.
Another thing is, if your distro packages it in one of their main repos that’s a reasonable indicator that you can trust it. Def not 100% but when you don’t have a lot to go on, it’s something.
Any other tips I think I have are more technical.