logoalt Hacker News

maxericksontoday at 2:46 PM1 replyview on HN

Wouldn't open source enable review from people with access to the scanners prior to release?

Seems like there is a fair chance that it will mostly be an actual spike, where's a bunch of existing vulnerabilities get cleaned up and then published software mostly has less vulnerabilities going forward.


Replies

RetroTechietoday at 6:57 PM

Agreed. But this depends on (at least) 1 condition: that no new bugs are introduced.

FLOSS projects keep moving forward, and it seems some project's maintainers are being swamped by PRs (some good, some bad).

Whatever allows random 3rd party to 'strip-mine' existing codebases for bugs, should also be applied to new code.