this post was submitted on 17 Sep 2024
455 points (99.1% liked)

Open Source

31101 readers
349 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
 

I had no idea this issue had been identified. While I find this tool very useful, the project is seeming rather questionable to me now.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 60 points 1 month ago (9 children)

Hey guys open source is great you can look at all the code and therefore there are no security backdoors etc. Also here are a bunch of pre-compiled blobs in the repo, don't worry about those, but they are required to run the program.

[–] [email protected] 19 points 1 month ago (6 children)

Right, the fact that it's open is the reason this came to light, and we're having this discussion

[–] [email protected] 3 points 1 month ago (5 children)

Exactly. Acting like this is an “ah-ha, see?!!” moment when this is exactly what open source is designed for. That’s like saying global warming is a hoax because “oh look it’s snowing”.

[–] [email protected] 1 points 1 month ago (1 children)

This isn't a knock against opensource programming, but there shouldn't ever be precompiled blobs in the repo unless they are the official builds for the various OS's and if you want to build from source, the pre-compiled blobs shouldn't be part of that, otherwise you can't really claim you are opensource.

[–] [email protected] 1 points 1 month ago (1 children)

Yes, and that’s what is being called out here. But your original comment makes it sound like you are advocating for closed source software and that somehow open source software is bad.

This is the system working as intended. When potential issues arise, it’s openly discussed and ideally resolved. And if not, trust is lost and people will stop using it.

[–] [email protected] 1 points 1 month ago* (last edited 1 month ago)

I don't know about the history of the project, but it sounds like those blobs have been there for quite some time. When in reality, the PR that added the blobs in the first place shouldn't ever have been approved.

Actually just checked 3+ years.

load more comments (3 replies)
load more comments (3 replies)
load more comments (5 replies)