Have you ever found a GitHub project or anything that seemed nice and tempting to install until you dug a bit deeper?
What are some red flags that should detur anyone from installing and running something?
You must log in or # to comment.
Runs on Windows CE
Venture capital funding. The plan is always to do a rug pull. Though if it properly freely licensed and the code is reasonable enough to be forked, it’s less worrying but still risky. It’s better to work with honest people.
This is why I avoid Bluesky
https://bsky.social/about/blog/03-19-2026-series-b
I didn’t know this about bluesky D:, but it makes sense. Thanks for the heads up. The atproto ecosystem seems to have cool features for user empowerment and it seems to work well on the few occasions I’ve visited atproto sites. I hope they can find an ethical way to persevere, but I can’t imagine that being easy.
-
It’s not already in my distro’s package manager
-
A github project with 1000 open issues and no commits for 3 years.
Ubuntus package repo is so out of date though. It’s such a pain in the ass.
You clearly haven’t seen Debian stable.
-
A rule of thumb I use is how desperate the software is to tell you the weather even when you never asked for it or even set it up to report it.
Only Linux install option is .deb
do we not like Debian packages here?
If there is no Flatpak or AppImage it is not a serious project.
I like them because I’m old, and tired of distro-specific packages like rpm and deb. I want a thing that works no matter my distro of choice this week. The linux ecosystem is much larger than Debian.
you sound like an Ubuntu user.
Arch btw.
Ubuntu is debian-based.
Ubuntu is debian-based.
I know, that’s why it was funny.
Arch btw.
🚩 - here’s one
This comment scares me
Web browsers are software, they can render a red flag
No stars (although easily manipulated)
No commit history
No issue history
No pr requests (soft no)
No contributions from people with a active history
Something I do is if a project has way too many stars, click on a few of the names randomly.
If those profiles have 0-1 projects, my yellow flag (not red flag) goes up. Because yeah, it’s really easy to buy GitHub stars now.
When installing if I see a pre-checked check mark I will be more likely to read what the software is trying to install. What are you trying to install now?
GitHub repo that has “pm me on telegram” instead of code
join our discord
The repo does not actually contain the source code, instead a link to download from a different site.
Unless that different site is Codeberg.
Or git.gay or Bitbucket.com
“Ask me later” instead of “no”
Something I ran into just now was AI generated Imagery in Docs or as an Icon.
I am not even that Anti AI as many on here I feel like. But this is a sure fire way to show how much you don’t give a shit about your project. Just use emojis or some shit which is ironically even less work but somehow makes it seem more deliberate.Bun seems cool, but it’s icon looks too much like slop
I don’t think it is. IIRC they had that before Image Generation was a thing. You really can’t tell though with the simple cute art style AI can very easily recreate.
Had a conversation with someone recently about exactly this. Usage of AI generated assets gives me exactly the same feelings as a local business using a gmail or personal ISP email account on their advertising.
It doesn’t automatically mean it’s bad, but it’s an indication that whoever is running things just can’t be bothered to put in effort.
I tried to explain that to my manager but he didn’t believe me
Goes without saying, but no activity for a very long time makes me skeptic. Also annoying when then aren’t any releases, or only available as source.
Whenever they start with “I built XXX”. People who write their own code say “I wrote”.
Eh, disagree on that one. Even if I write every bit of the code myself, producing good working software involves a lot more than just writing code. Just makes “building” feel like a better descriptor.
You may be the exception to the rule :)
- New post about a promising selfhosted app
- looks inside
- em dashes, emojis, release in last 24h with 35 commits since.
I fucking swear, if only vibe coders would ACTUALLY write up their own posts about THEIR OWN SOFTWARE, many would not act harsh towards them as much as it happens.
What’s wrong with em dashes? I use it wherever English syntax requires it.
