Ive been looking for something to help the navidrome server do its thing, and this looks awesome, but there is one issue that was just opened and closed yesterday, it looks a little sus?
how does one go about digging through and discovering if this is malicious or not?
This was posted here yesterday by the dev. Overall the reaction seems positive.
A quick look through the repo it looks pretty legit, it’s a lot of effort to create something that works, with all the documentation (including a lot of planning docs) just to collect data on you. Traffic to various IPs, foreign or otherwise, wouldn’t really be odd for an app like this either. You could try and run it through something like virustotal though to look for malicious code (there are more than a few docker scanning tools on GitHub that use virustotal).
damnit, i didn’t check! i was uhh, enjoying my plantlife yesterday and i thought i caught this on the selfh*st weekly newsletter thing
thanks for your info! virustotal sounds like something i should probably look into anyways!