jointhefediverse.net seems to be a commonly linked resource for directing people to join the Fediverse.
Curiously, it does not list Lemmy under the list of Reddit alternatives. Their GitHub README explains why.
Previous relevant discussion: https://lemmy.ml/post/78808
Have you read all the code though? Everyone assumes that somebody else will read every single file of the source code, and understand it all. Malicious code can be obfuscated.
Personally, no. However the technical lead of our instance has, and in fact wrote and debugged some of it.
Even a technical lead of an instance may not have read every single line of code because codebases these days are pretty large. Typically you might look at the code you’re working on, but not necessarily the entire codebase.
Hopefully Lemmy doesn’t have anything malicious in it, but it’s possible to sneak malware into open source projects. This sort of thing happened to XZ Utils last year.