Ask HN: Crucial question about trust in open source apps
how can users verify that the app they're downloading from app stores is built from the exact open source code they can see in github?
how can users verify that the app they're downloading from app stores is built from the exact open source code they can see in github?
They can't. The only way to be certain is to take that code and build the app yourself. If you're downloading prebuilt binary, you have to trust that the author is correctly representing what it was built from.
This is even more true with SaaS, because the binaries used there can and do change without warning.
If I am building an iOS app and decide to open source it to build trust with customers, it will not work.