Many software projects I use are hosted on SourceForge. While SF has been using some nasty techniques with binary installers, the source code is, as far as I know, untouched.
And, as soon as it's touched, the project maintainers can shut down the SourceForge repos and move on to someplace else.
It's not a guarantee of security, privacy or anonymity, but open source is still your best chance to get any (or all) of the three.
And, as soon as it's touched, the project maintainers can shut down the SourceForge repos and move on to someplace else.
It's not a guarantee of security, privacy or anonymity, but open source is still your best chance to get any (or all) of the three.