Ask HN: Why don't we create checksum for source code?
Suppose a developer puts the source code of an App in Github, so that we can review the source code to ensure it is securely safe for users. I know we create checksum for the binaries. But how can we know the App in App store is built from the source code in Github?
3 comments
[ 3.3 ms ] story [ 14.2 ms ] threadIf you trust the source code, it's usually easy enough to build a mature FOSS app yourself.