It’s probably far more common than most people realize. Open source software doesn’t automatically make it secure, and in many cases can be less secure than closed source as it’s just one or two people doing it for free.
Much easier to be tempted to do something wrong or to get others to help in and take the weight off.
I mean you can see the source code. You’ll know if anyone does something weird if you have two braincells.Edit: Clown here move along.
You’re manually reviewing the entire code of every open source product you use? Manually reviewing the code at every commit of every open source software you use?
Well, it’s fun that they mention F-Droid, because the maintainers are bullies who bully their contributors and generally act very unpleasant. They like to make new rules on the spot.
I abandoned using the project altogether, not someone I want to support.
What rules?
That apps published there can’t be wrappers around a web application.
What’s a wrapper in this context?
An app that’s just WebView?
Not WebView, but a so-called TWA, aka Trusted Web Activity, a features specifically designed to wrap PWAs and give them full-blown app capabilities.
