?
Solved

How do I tell if code in a GitHub library is safe?

Posted on 2016-09-09
2
Medium Priority
?
128 Views
Last Modified: 2016-09-12
While looking for a way to tell if 2 fields match for password verification, I found this Bootstrap framework on Github.

https://github.com/1000hz/bootstrap-validator

It's working well when I link to it, except that it runs slow.  I'd like to copy the source code to my webhost, and run it from there, but how do I tell if it's safe?  I don't want to compromise my server.

If anyone is using a bootstrap framework for password matches, that they know is safe, that might help, too.

Thanks,

Steve
0
Comment
Question by:stkoontz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 2

Accepted Solution

by:
Dillyn Barber earned 2000 total points
ID: 41792020
Best way is to analyze the code yourself and look for any back doors. Also check how many stars it has, how active it is, what issues are reported, etc. The best thing about github is you and millions of other people can view the entire source code to see what it's all about. In my opinion this looks safe, especially since it's only JS and from what I tell it only does what it says it does, I don't see any XSS attempts. If it seems slow it might be the CDN, or your connection to the CDN.
0
 
LVL 2

Author Closing Comment

by:stkoontz
ID: 41795030
Thanks for the help!

Steve
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article you will learn how to create a free basic website on Bitbucket, a git service provider. Polymer creates dynamic HTML components, which allow more flexibility than static HTML. This tutorial uses Ubuntu Linux but can also be done on W…
The article shows the basic steps of integrating an HTML theme template into an ASP.NET MVC project
How to reset a branch to a previous commit, and how to squash multiple commits into a single commit using the EGit plugin for Eclipse.
Explains the Git Index and the differences between a Remote, a Remote Tracking Branch, and a Local (or Tracking) branch.
Suggested Courses
Course of the Month8 days, 23 hours left to enroll

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question