Have you ever found a GitHub project or anything that seemed nice and tempting to install until you dug a bit deeper?
What are some red flags that should detur anyone from installing and running something?
Have you ever found a GitHub project or anything that seemed nice and tempting to install until you dug a bit deeper?
What are some red flags that should detur anyone from installing and running something?
No stars (although easily manipulated)
No commit history
No issue history
No pr requests (soft no)
No contributions from people with a active history
Something I do is if a project has way too many stars, click on a few of the names randomly.
If those profiles have 0-1 projects, my yellow flag (not red flag) goes up. Because yeah, it’s really easy to buy GitHub stars now.