To be fair, every single time I install an emacs or vim plugin, npm lib, ruby gem, pip package, or anything close, so do I.
Really the only code I audit is a 2 page script on HN because I feel someone might judge me if I don't. But even then, I sort of gave up after the first page.
Computer security is so fubar, it's not even funny.
I used to teach people not to pipe curl to bash. Now I just add sudo -n tests to my scripts and see if they have passwordless sudo. It turns out, a lot of people have passwordless sudo.
Really the only code I audit is a 2 page script on HN because I feel someone might judge me if I don't. But even then, I sort of gave up after the first page.
Computer security is so fubar, it's not even funny.