Why should I trust sources?

[Patrick Wiseman <pwiseman@mindspring.com>]

Being interested in setedit, recently recommended in another thread, I
went to

http://setedit.sourceforge.net/

and found the following advice:

An experimental Debian repository is maintained by Ivan, you can add the
following to your /etc/apt/sources.list:
 deb http://setedit.sourceforge.net/debian unstable main

I did that and then, duh, thought "why am I trusting this site to download
and install software?"  And then it occurred to me that the whole debian
philosophy turns on my being that trusting.  (Not that it's unique in
that.)

Then I went ahead with

apt-get install setedit

(what the heck, it's a replaceable machine!)

and got

Reading Package Lists... Done
Building Dependency Tree... Done
The following extra packages will be installed:
  rhtvision1.1.4 
The following NEW packages will be installed:
  rhtvision1.1.4 setedit 
0 packages upgraded, 2 newly installed, 0 to remove and 0  not upgraded.
Need to get 1115kB of archives. After unpacking 2556kB will be used.
Do you want to continue? [Y/n]

Now why should I trust this?

So can someone either explain here or point me to a source I can read to
persuade me I haven't been doing something really dumb the last few
months?

Patrick

-- 
Patrick Wiseman                               pwiseman@mindspring.com
Linux user #17943                             *Google First, Ask Later*
      With 41 left to play, and up 20 in the loss column,
                the Braves' Magic Number is 22!