Is FreeBSD style development organized in a more backdoor-resistant way?

From: Marcin Koziej <marcin_at_cahoots.pl>
Date: Fri, 05 Apr 2024 14:09:54 UTC
Hello,
In light of recent xz utils backdoor, I was wondering if FreeBSD way of organizing software development could be more resistant to this kind of a threat.
I always felt because the base system is built released by the same group of developers, its quality, consistency and security is better.
I do realize that in case of xz, it lives under contrib/ and was not rewritten into a BSD-licensed alternative by FreeBSD devs, but perhaps it was at least scrutinized.

To summarize:

- Do you think FreeBSD-style development is more resistant to a helpful rogue contributor?
- If yes, which social/technical processes exactly make it more resistant?
- If no, do you think something should changed (eg. in handling of contrib packages)?

Thanks for your thoughts,

--
Marcin Koziej
GPG key: https://go.cahoots.pl/gpg/ Ϟ Fediverse: https://chaos.social/@movonw