His code contributions have always been high quality, and they’re audited by his peers. Its very unlikely malicious code would come from him, and even more unlikely it would make it through on to your phone.
While he’s certainly unhinged, it’s clear that he cares deeply for the project. I can’t see him doing anything intentionally malicious.
I really wish him the best, and I’m glad he stepped down. Much better for optics with him out of the way.
His code contributions have always been high quality, and they’re audited by his peers. Its very unlikely malicious code would come from him, and even more unlikely it would make it through on to your phone.
While he’s certainly unhinged, it’s clear that he cares deeply for the project. I can’t see him doing anything intentionally malicious.
I really wish him the best, and I’m glad he stepped down. Much better for optics with him out of the way.
deleted by creator
The risk is definitely not higher than the risk of some closed sorce dev smuggling something dodgy into a high profile project like e.g. Windows.
That said, I would trust an unknown git repo about as much as I would trust some exe I found on a random website.