Open Source Asked by laimison on August 28, 2021
When a developer creates a binary from the code and puts it in the releases section, does it match the code in a restrictive way so there is no chance that malicious code is compiled into it? How does GitHub ensure this? Is there a validation mechanism or compiling pipeline applied by GitHub?
There are no guarantees that the uploaded artefacts match the source code in the repository. That something is on GitHub does not mean that it can be trusted. You need to also trust the maintainers of that repository.
Correct answer by amon on August 28, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP