|
|
|
|
|
|
by _pmf_
3613 days ago
|
|
|
> Why don't companies feel comfortably "code dumping"? Just throw everything online as a tarball, and say "we aren't supporting this and we don't want to have anything to do wit h this, but here's the source." - It may contain configuration information.
- It may contain private keys or passwords.
- It may contain customer specific code (if you maintain customer specific features either via feature toggles or branches), which may leak information of your paying customers.
- It may have unintended copyright violations.
- It may contain software that is licensed in a way that makes it a copyright violation to distribute your software outside or your company (publishing it is distributing it). This may also apply if you distribute your sources without any (source or binary) parts of the proprietary dependency.
- It may fall under the export restrictions for cryptographic software (these have been mainly dropped, but not completely).
- It may directly or indirectly make your patent violations public (oh, you have them already, but nobody knows about them).
- It's of embarrassing quality.
- It may make it public that your company has defrauded its customers / and or users.
- It may make it public that your company has supported its customers to commit fraud and/or other crimes (the RICO act makes this more easier to follow up on for law enforcement).
I have never worked on any non-trivial project where not almost all issues were present. |
|
|