I had no idea this issue had been identified. While I find this tool very useful, the project is seeming rather questionable to me now.

  • PowerCrazy@lemmy.ml
    link
    fedilink
    English
    arrow-up
    73
    arrow-down
    14
    ·
    2 months ago

    Hey guys open source is great you can look at all the code and therefore there are no security backdoors etc. Also here are a bunch of pre-compiled blobs in the repo, don’t worry about those, but they are required to run the program.

    • snooggums@lemmy.world
      link
      fedilink
      English
      arrow-up
      89
      ·
      2 months ago

      The fact that people know there are pre-compiled blobs in open source means they have an informed reason to avoid the software!

      • ulkesh@beehaw.org
        link
        fedilink
        English
        arrow-up
        3
        ·
        2 months ago

        Exactly. Acting like this is an “ah-ha, see?!!” moment when this is exactly what open source is designed for. That’s like saying global warming is a hoax because “oh look it’s snowing”.

        • delirious_owl@discuss.online
          link
          fedilink
          arrow-up
          1
          ·
          2 months ago

          Well, it is an “ah-ha, see!” moment, because it shows the benefit of open source.

          Its more like pointing at the absence of a glacier on a mountaintop and saying “yep, see, climate change does exist”

          • ulkesh@beehaw.org
            link
            fedilink
            English
            arrow-up
            1
            ·
            2 months ago

            I was referring to the commenter and how it read to me :) But agreed, what you said, too.

        • PowerCrazy@lemmy.ml
          link
          fedilink
          English
          arrow-up
          1
          ·
          2 months ago

          This isn’t a knock against opensource programming, but there shouldn’t ever be precompiled blobs in the repo unless they are the official builds for the various OS’s and if you want to build from source, the pre-compiled blobs shouldn’t be part of that, otherwise you can’t really claim you are opensource.

          • ulkesh@beehaw.org
            link
            fedilink
            English
            arrow-up
            1
            ·
            2 months ago

            Yes, and that’s what is being called out here. But your original comment makes it sound like you are advocating for closed source software and that somehow open source software is bad.

            This is the system working as intended. When potential issues arise, it’s openly discussed and ideally resolved. And if not, trust is lost and people will stop using it.

            • PowerCrazy@lemmy.ml
              link
              fedilink
              English
              arrow-up
              1
              ·
              edit-2
              2 months ago

              I don’t know about the history of the project, but it sounds like those blobs have been there for quite some time. When in reality, the PR that added the blobs in the first place shouldn’t ever have been approved.

              Actually just checked 3+ years.