Well, there's the rub...unless you go in and review the code yourself, you must end up trusting others... And when someone like @ hodlbod posts "hey, we have an issue" I automatically trust that developer even more. What I *really* worry about is dishonest projects / developers, and you see it all the time. Someone releases an app on the Play Store that does something nefarious...happens more often that most realize. And look at all the data breaches out there--those are code mistakes that ARE audited (heavily) and still they happen...