I would very much like to use Meld in our organization, but we have security process for using 3rd party tools.
One way to clear the process is to have a SOC 2 or ISO 27001 certification reports. I’m guessing Meld doesn’t have this, but I said I’d ask anyway.
Alternatively I’ve been told an honest statement about security practices by the maintainer (Kai Willadsen) would do. The statement I’m asking for is that a concrete version of the software (primarily a Windows release) has been created in a way to not allow network access to the computer where it is installed, its files, to not allow remote code execution and to prevent such attacks though the software (for example through software libraries the software depends on). Additionally if the software does any network access, to disclose what type of access it is, with what type of data.
Would it be possible to get such statement?