How to vet an untrusted open-source project?

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Openconnect GUI Qt5 Linux VPN

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • GlobalProtect-openconnect

    A GlobalProtect VPN client for Linux, written in Rust, based on OpenConnect and Tauri, supports SSO with MFA, Yubikey, etc.

    • Sometimes you may want to use some software in your project, but the maintainer(s) may have some functional affiliation(s) that makes it difficult to use without significant security assessment effort.

    Example here: GlobalProtect is VPN software from Palo Alto Networks, but the maintainer of this open source client is based in China. He may be a fine, upstanding person, the code may be pristine, but there's systemic risk that needs to be bought down.

    What are your tools of choice to assess something like this?

    https://github.com/yuezk/GlobalProtect-openconnect

  • openconnect

    • Be careful you're not using an illicit fork. https://gitlab.com/openconnect/openconnect

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • GlobalProtect VPN and browser configuration

    1 project | /r/ManjaroLinux | 15 Sep 2023

  • Looking for GlobalProtect VPN Client from Palo Alto Networks

    1 project | /r/Ubuntu | 21 Apr 2023

  • Anyone have a download link for the Global Protect VPN for Linux?

    1 project | /r/linuxmasterrace | 31 Jan 2023

  • University VPN on Linux

    1 project | /r/UPenn | 6 Nov 2022

  • RavynOS – Finesse of macOS. Freedom of FreeBSD

    6 projects | news.ycombinator.com | 17 Aug 2022