

I’ve reviewed code, in particular I’ve looked over merge requests on occasion but mostly out of academic interest than being very concerned over security. Just want to see how people accomplish a task. Learning.
I’ve monitored network traffic just because sometimes I just want to do that rather than paranoia. Practice and learning.
I’ve run code through a local sonarqube instance and whatever other scanning software I feel like trying along with building applications from source but again it’s not from paranoia but for personal interest that’s mostly just making sure I’m in practice of being able to do so.
I’m not a security professional so I don’t have the background and experience to really notice things that can be problematic like people I know who have a career directly cyber-net-etc-security related rather than my tangential
So really I don’t audit code. At least not huge codebases. When it’s just a few 100 line files of python to accomplish something, I’ll read them. There’s usually a requirements.txt in there though pulling in pip packages and I know I haven’t audited up the dependencies. At work there’s standards handled by people where it’s their job to determine whether the code you’ve written and dependencies pass the minimum to be deployable to computers on the network and that too is mostly handled by security scanning software both open source and closed commercial software
Good to see. LibreOffice is solid today. Was passable back in like 2012. Now it’s pretty excellent, at least for most people. Ribbon interface like 5 years ago was pretty rough. Now I think it’s pretty close to great. I thought OnlyOffice and WPS Office had a substantial visual edge but that was me comparing it to like 2020 LibreOffice. 2025 LibreOffice looks pretty good now that I wouldn’t feel worries about newcomers looking at it as a relic of 2003 visual design