Agreed. And now that Windows has stagnated, they really can have a chance at catching up and becoming a great solution for the digital preservation of Win32 apps.

However my negative guess is that they are going to lose focus if they aren't careful and end up putting all resources on the GUI trying to make it look as similar to Windows 10 as possible, this will end up never becoming useful.

It it impressive that someone decided to create a Windows clone. But on the other hand I don't believe they have written it completely from scratch without disassembling Windows and without using the leaked source code. First of all, read what Axel Rietschin, the Windows kernel developer said about it. Then read this 2 part article:

Making ReactOS Great Again*, Part 1 - KernelMode.info

https://www.kernelmode.info/forum/viewtopic6f46.html?t=5302

Is ReactOS Great Again (2019)?

https://swapcontext.blogspot.com/2019/12/is-reactos-great-again-2019.html

ReactOS fanboys warning   Prologue About year ago I’ve published “Making ReactOS great again, part 1” (brief MRGA, posted at ke...

You will learn from it, how many bugs affect ReactOS and what they do to fix them. From this article, you can learn that "when something more complicated pop ups ReactOS devs gives up." or that "This service (NtUnloadDriver) is a best example of a failed fix. Initial problem with this service was absence of input parameter validation, so code was dereferencing invalid pointer resulting in Blue Screen Of Death. They tried to apply fix to that by checking input parameter and then capturing it into safe buffer allocated on service side. Unfortunately the logic of this function is screwed up so this bugfix is only partial.".

Do someone like that really created a Windows clone? Maybe without disassembling or decompiling it? And managed to implement non-documented Windows internals? I don't think so! Alex Ionescu - ReactOS ex-developer was talking at some conference about reversing without reversing. At some slide he mentioned leaked source as an example how to get some level of understanding. Indeed, with leaked source you can do some reversing without reversing.

They obviously say about the audit they done several years ago. However I don't believe in audit done by themself. What could they say? Agree that they ripped Windows? Of course not! They never did and never will agree to that statement. This is obvious! I wonder how did they do it. They never told us. Instead they added some clause that they never seen leaked code. How could they compare ReactOS to leaked code and guess if it was incorporated or not, then? Can they explain that?

Finally, after reading mentioned articles, as 3rd person, I have decided to try to audit their code on my own. You don't have to be skilled developer to notice some similarities. I was trying to put some random values (functions, variables, constants) into google and in some cases this led me to the leaked Windows code. I have discovered functions that are almost duplicate. The differences were merely seen to some conditions: "if(Blah)" vs "if(Blah != NULL)" or some inverted conditions like "if(Blah) A() else B()" vs "if(!Blah) B() else A()" or some loops where while was replaced with for or vice-versa. Some functions are not fully implemented what can give a feeling that it is not copied, but comparing implemented part give different feeling. I was able to find some variables for which google showed me only several results pointing only to ReactOS and leaked code.

Maybe I am wrong, maybe not. But you can be sure that I don't believe in everything these guys are telling us. In other words, I agree with both Axel Rietschin and hfiref0x - whose name I don't know, that ReactOS can not necessarily be that clean. This look suspicious for me.

Disclaimer: I'm not a ReactOS fan (at least not at this stage). My understanding of leaked is when someone recovers drives or breaks into systems then take stolen data and publishes/sells that.

I have heard claims that windbg assisted in confirming functions/definitions, but I'm not sure if that's a valid claim? I would like to know what you think about that.

There have been some claims that Microsoft published part(s) of it's code/symbols as part of a sdk. Have you tried to contact the devs to ask about proof for that? If this is true then the code wasn't "leaked" and it's a matter of being unethical opposed to being unlawful. If Microsoft really published the code auditing could be challenging.

I would really like to know, up till now I have taken reactos dev's word. I have not looked into it myself and I have very little knowledge about Windows internals or Windows leaked data.

There are leaked NT4 sources, as well as partial code of Windows 2000 and almost full 2003 kernel. Browsing ReactOS code and trying to find some keywords over the net leads to some of them. In several cases, google leads ONLY to them. Single click provides you the leaked Windows code and you can easily compare it to ReactOS. In many, I repeat, many cases, the code is almost identical, meaning that even some variable names are shared. I don't know if they are a part of SDK, or were accidentally attached to SDK. Even so, the SDK is covered by copyright as well and you can't just take and incorporate this code.

Microsoft share their PDB files that include debugging information. You can find there many interesting things, like function definitions, but even they are loaded together with binaries in IDA, they will not give you local variable names, at least not all of them, at least not what I found in google.