[chc]

I don't see how a binary that you can't inspect is meaningfully less secure than source code that you don't inspect. I very much doubt most people vet, for example, the source code to Nginx before compiling and running it. If you're one of the few who does that, you still have that option here. I don't think this distribution model is giving up much.

[hvs]

The point is that someone can inspect that code, not that everyone needs to inspect every piece of source code they use. If the source isn't available, no one can inspect it. That is qualitative different than providing the source code.

[chc]

Huh? The link to the source is literally right under the link to the binary.

[vvpan]

But you don't know that the binary is compiled from _that_ source code.

[favadi]

Compile it yourself, problem solved.