When you’re talking to an open source dev, just remember that they are literally giving you their time for free, and they are people who don’t like to be treated poorly.
When you’re talking to an open source dev, just remember that they are literally giving you their time for free, and they are people who don’t like to be treated poorly.
You’re right to an extent, but there is nuance. No end user goes through the Debian repositories and checking the source code for each package by hand. You would be well within your rights to be annoyed if a
rm -rf /
got added into a script in the repos somehow. A level of trust somewhere is unavoidable for things to work smoothly.Of course the difference in level of responsibility between core repos and random code pulled of github is vast.