The application systems of an organization using open-source software have no single recognized developer producing patches. Which of the following would be the MOST secure way of updating open-source software?
A、Rewrite the patches and apply them
B、Code review and application of available patches
C、Develop in-house patches
D、Identify and test suitable patches before applying them