[mcherm]

Yes, I someone who lived through that period I can confirm: I used SourceForge regularly until The point where it was proven to my satisfaction that the malware being added to downloads was not a fluke or a hack, but an intentional choice by management.

Then, I instantly flipped to having a very strong commitment to never again trust SourceForge. You've probably heard about how a reputation is built over years but can be destroyed in an instant... that's exactly what happened here.

Part of the reason is that from the point of view of the person downloading (binary executable) software, the most important feature the site provided was my trust that they would give me the same binary I was asking for. In a similar vein, if I discovered that a bank had been intentionally lying about account balances and adjusting them in the bank's favor to make a profit, I would immediately and permanently sever my relationship with that bank.