I keep hearing that, and it is of course possible, but the point is that hardly anyone does it. That's what makes it meaningless that it can be done.
And it isn't insecure. If I trust the developer and get the software from them, it's just as good as trusting a repo maintained by random internets who have been known to not only not keep software in the repo up to date, but actually introduce vulnerabilities that weren't there before!
AnIdiotOnTheNet|7 years ago
And it isn't insecure. If I trust the developer and get the software from them, it's just as good as trusting a repo maintained by random internets who have been known to not only not keep software in the repo up to date, but actually introduce vulnerabilities that weren't there before!