The open source ecosystem has become increasingly mature. But it does not come without security risks. Here's...