• sep@lemmy.world
    link
    fedilink
    arrow-up
    52
    ·
    9 months ago

    Like the exact same thing can not happen in a closed source codebase. It probably does daily. Since closed codebases the due dilligence and reviews cost money, and nobody can see the state. They are intentionally neglected.
    Open source nor closed source is immune to the 5$ wrench hack

    • bier@feddit.nl
      link
      fedilink
      arrow-up
      8
      ·
      9 months ago

      Exactly, if you are as big a Microsoft, you can’t tell 100% if one of your developer’s is actually being paid by a foreign government. Even if you say completely check the commits other devs make, there will still be deadlines when a code review is just “looks fine, next”.