Hacker News new | ask | show | jobs
by pjmlp 3336 days ago
Not in the presence of binary dependencies.

Also the amount of CVEs in FOSS projects show that even the process of code review for patches isn't enough.
1 comments
mixedCase 3336 days ago
You mean, in projects written in languages that are unsafe from beginning to end rather than in small blocks?
link
pjmlp 3336 days ago
I agree, just stating that plain code review isn't enough.

Those patches also come in small blocks.

link