I manage a (relatively small) gitea instance, the software that forgejo was recently hard forked from. The maintenance is incredibly simple, really no problem if you’ve ever run any sort of publicly facing web service.

In this case I meant the one packaged by your distro.

Running any binary that you can’t examine the source of (and confirm it was built from it without modification) is risky. It’s mostly a balance of trust and risk. Even developers have been known to insert what we could malware.

That said, if you get your cracked content from a trusted source, I’d say it’s generally safe. Otherwise, exercise extreme caution.

Is GMG an official reseller? Maybe I am out of the loop, but I thought they operated in the grey market.

I would use the native version. For something like this, it makes sense that it should have less restricted/sandboxed access to the underlying system.