[Lewisham]

I was really excited, then very disappointed to see the code I type is sent to your servers. This immediately prevents it from being used by many businesses, including my employers.

Super bummer :(

Please get the on-prem sorted out pronto!

[adamsmith]

We want you to be able to use it just as much! : )

There will be an adoption curve from early -> late adopters. Working through this is something we're committed to, and we know it will take time.

We're committed because we think it will be incredibly valuable to our field. We just can't imagine a future 50 years from now where programmers don't benefit from a smart backend helping them work.

So we start with step one today, and here we go : )

[matchu]

I'm not clear on why we need to upload the full codebase.

The Privacy Policy indicates that this is because their index of public code is too large to copy to the client machine. So why can't my machine just send queries as needed, or, even better, download the subset of the index relevant to my project?

Maybe it was easier to ship the "local code" search features by building on top of the existing public code indexing, which is server-side. But, despite the extra engineering work, client-side indexing for local code would definitely make a lot more sense for most customers.

[alexflint]

We really did think a lot about this. It turns out that there is no clean separation between "index code" and "query for results". E.g. In Python if you see x.foo() you may need to know a _lot_ about the universe of Python libraries to do the type inference required to figure out what foo is in that particular expression.

[scrumper]

I'm not sure that addresses the question; likely I'm missing something. Why does it need to send the user's entire codebase over? If it's a question of needing to analyze a given source file to infer types so query results are relevant, then why not do that inference work client side and ship back just the type information to the server where the query is run?

Even if that is a step too far, you could strip out string literals (e.g. API keys), and obfuscate variable, method, type, and file names while retaining a map on the client side so results line up.

[odbol_]

That seems possible with a strongly-typed language, but for something like Python, they'd basically have to recompile the code on every keystroke, right?

[aeorgnoieang]

Wouldn't they basically need to do this (compile the code) even if they have all of it?

[noobie]

From the privacy page:

Does Kite offer an on-premise option?

Kite does not have any plans to add an on-premise offering at the moment. If you are interested in an on-premise or AWS co-managed installation of Kite servers, please email onprem@kite.com.

[ninjakeyboard]

nooooo! why does it do this?? It's a cool tool but it'll never fly in industry.

[hathym]

seriously, I don't think anyone is after your code.

[xanderstrike]

I'm not concerned about people stealing my code. I'm concerned about losing my job, which is the consequence of transmitting proprietary code over the network to an unknown 3rd party.

[gutnor]

Also plain legal implication. Our code could contain some protected information (transient debugging code mostly) and it is illegal to transmit it to a third party first because of DNA our company has signed, and then with regards to data protection act (credit card information, name, address).

At the very least, the service would need to be validated quite extensively.

[mattnewton]

Tell that to a tech Fortune 500's legal department.

[capote]

Not even. I work for a 30 person company and I can't even share my own personal code with third parties.

[qz_]

Wait what

[capote]

Yep... I'm exaggerating but I did trade some freedom to post whatever code I want wherever for a better salary. It's not uncommon for contracts to give employers ownership of any ideas/code an employee comes up with, or to specifically prohibit freelancing or contribution to open source.

[btown]

For others reading this thread - there are only 8 states that provide restrictions on what these contracts can say regarding what ideas/code are owned by the company. In the other 42, most contracts won't care if you used company resources, or if your work is in an entirely different industry - the employer will own what you make if they're paying you for the month in which you made it. It's not very nice, but it's not like you're being cheated when you choose to take a salary.

http://www.intellectualpropertylawfirms.com/resources/intell...

[britPaul]

I'm in a similar situation - had to have a detailed discussion with the our local legal counsel about what I can/cannot opensource. Long story short, for personal projects: a) I cannot use my company provided laptop. b) It cannot overlap with my employer's current or future business interests.

[chrisfosterelli]

That sounds absolutely terrible... but to each their own I suppose.

[georgebashi]

That doesn't change the fact that sending code to a third party is explicitly disallowed by many employers.

[gutnor]

The problem is that it is not his code to begin with. So somebody cares: the employer, the owner of the code.