What do you check for open-source software? What are the inherent risks that needs to be addressed in using an open-source software?
Some things to consider: