But as open source projects have learned the hard way, the fact that anyone can audit your widely used, high-stakes code doesn't mean that anyone will.
The #Heartbleed vulnerability in #OpenSSL was a wake-up call for the open source movement - a bug that endangered every secure webserver connection in the world, which had hidden in plain sight for years.