Careful using GitHub

[truckerDave]

This is probably more of a concern to Windows users. But I would still use caution.

 

[bob466]

Isn't it owned by m$.

 

[truckerDave]

Isn't it owned by m$. View attachment 19899

I don't have a clue. But I wouldn't be at all surprised if that was the case.

 

[bob466]

I don't have a clue. But I wouldn't be at all surprised if that was the case.

https://news.microsoft.com/announcement/microsoft-acquires-github/

 

[kc1di]

https://news.microsoft.com/announcement/microsoft-acquires-github/

That's troubling news for a lot of open source. Thankfully there are alternatives.

Microsoft GitHub Alternatives to Host Your Open Source Projects

If you are looking to migrate from GitHub, here are some of the best alternatives to GitHub for hosting the source code of your open-source project.

itsfoss.com

 

[CaffeineAddict]

Another way how you could get infected from GitHub (or any other code sharing platform) is by downloading (or cloning) a repo that contains executable files or scripts etc. (I've seen several of such repos so far btw. nothing new)

Those executables are not always easy to spot and even in you do you might think, so what I'm not gonna run them, but problem is that the source which you compile, assemble, interpret (with scripting language interpreter) or otherwise run the source code the code might execute those files during build and basically infect your PC without you even knowing it.

That's one reason why when you open a repo with VSCode it will ask you if you trust it, if you say no, access to the source code is restricted to review only, ex. you can't run anything and not even compile\interpret\assemble or what ever.

I don't know how other code editors or IDE's protect users from this scenario but I'm pretty sure they don't.

So bottom line is you need to take care to review code before attempting to do anything with it, just because it's open source doesn't mean it's safe to run, compile, assemble etc.