Edit: This ad is sponsored by the National Shitposting Agency (NSA)

  • GregorTacTac@lemm.ee
    link
    fedilink
    arrow-up
    2
    ·
    8 months ago

    The server side code doesn’t matter I’d it’s open source or not. You can’t be sure they’re actually running the code they’re publishing.

    • Rustmilian@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      8 months ago

      It does matter, because you can’t self-host nore audit the code. What you say isn’t wrong, unless they were to use a public facing reproducible build system ofc. But at minimum, if their server side code isn’t open source at all then you can’t even verify if it’s completely vulnerable spaghetti code or not. Some transparency is always better than none at all.