this post was submitted on 09 Jan 2025
288 points (96.8% liked)
Fediverse
28885 readers
1124 users here now
A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!
Rules
- Posts must be on topic.
- Be respectful of others.
- Cite the sources used for graphs and other statistics.
- Follow the general Lemmy.world rules.
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Personally, no. However the technical lead of our instance has, and in fact wrote and debugged some of it.
Even a technical lead of an instance may not have read every single line of code because codebases these days are pretty large. Typically you might look at the code you're working on, but not necessarily the entire codebase.
Hopefully Lemmy doesn't have anything malicious in it, but it's possible to sneak malware into open source projects. This sort of thing happened to XZ Utils last year.
If you are worried about the Lemmy codebase, there is https://piefed.social/
It's still another codebase you need to trust, but in this case the devs don't have specific political views
Yeah I've heard of that, maybe I should look at it more. Hopefully the Lemmy codebase is fine though. I'm just saying it's possible, even if perhaps unlikely, that something could be lurking in the code which nobody has discovered yet. The XZ Utils backdoor was well-hidden and happened to be discovered, but maybe malicious code isn't always discovered.