"It's opensource, so people would likely have caught this issue." Lol, practically every CVE is on code you can read.
"It's opensource, so it is going to be a better engine in the long run." Citation needed.
"It's opensource, so people would likely have caught this issue." Lol, practically every CVE is on code you can read.
"It's opensource, so it is going to be a better engine in the long run." Citation needed.
> "practically every CVE is on code you can read."
This is probably true due to a sort of survivorship bias. code you can read is much easier to analyze and test and report. Closed source internal code has a lot of security by obscurity built into it. Not to dismiss security by obscurity, I am sure it keeps an absolute frightening amount of code safe.