logoalt Hacker News

hamburglartoday at 5:46 PM0 repliesview on HN

If you get an open source app from the App Store, is there any assurance it actually reflects the code in the repo? I’d think the signing step happening in isolation opens the door to tomfoolery.