I like to think that, at the very least, open-source projects are less likely to contain malware. Only a single person needs to find something alarming and raise it to the community, and it can be immediately verified by others. To me, then, open-source software is more trustworthy than closed-source. Being able to look at the code myself is nice, but I rarely do. I assume that someone trustworthy is looking at the code, but “anyone who understands the code” of an open-source project is a lot bigger group of potentially-trustworthy people than “just the developers” of a closed-source project.

As for the quality of open-source code, it’s nice that open-source projects are generally hosted on platforms where you can submit bug reports. Whether or not someone has the time to devote to fixing it is another issue, given how underfunded many important open-source projects are, but it’s a category above closed-source projects where you’re lucky if you get an email address to send complaints to.

Seconding radicale, I’ve been using it for over a year and it’s been rock solid. I can’t say the same about NextCloud, it seemed to break every update and was slow as hell. I moved to SyncThing and never looked back.

I made some more tweaks to my Renovate bot which runs on a Woodpecker CI instance on my own hardware. Now it merges green PRs automatically. And I have it running every hour so all my software projects stay up-to-date and it responds quickly when I request a rebase.

I’ve also been cleaning up my Home Assistant automations and devices and trying to think up some useful things I can do for myself in an apartment where I can’t replace switches or the thermostat.