Maybe the open source apps could be lying about their source code? For an example, put a version without trackers while the one they use have trackers?
Maybe the open source apps could be lying about their source code? For an example, put a version without trackers while the one they use have trackers?
You could always examine the code and compile from source as seen.
You could also use a hash to verify the content of the code does not differ from the source.
Using precompiled binaries should be able to use a hash to verify as well.
You can also run a scan on the app/code.
It’s good to take the principle of “question everything” seriously and to have the tools to do it right