OK, since we are highlighting the importance of using OSS apps, what would make you trust the developer even if he releases his code? For people like me who download releases directly:
I am wondering, I have this question: why do we trust the releases? The developer can easily add trackers or anything in the app and leave the source clean.
I am not a programmer, BTW. I do not know how things work, I just said what I was thinking. How can we be sure the app we download matches the source code?