Y
Hacker News
new
|
ask
|
show
|
jobs
by
tschellenbach
2764 days ago
Yeah this one is easy to spot, but what if someone makes valid contributions and for pull request #10 slips in a backdoor. Most open source projects are not able to check that anywhere near thoroughly enough.