[jetti]

Where I am at now we can see all the repos for all projects in the company regardless of team. The only pre-req is to be added to the company's github organization. We have a lot of cross team work, though, and I have worked on a few services that aren't related to my team and it would be a pain to have to request access.

At my last job, however, everything was locked down and you had to request access to just about every repo. It was a pain in the ass and there was no real valid reason to do so.

[mytailorisrich]

Source code is important intellectual property and trade secret.

In general it is simply good practice to only make this sort of information available to employees who need it to carry out their jobs. It is not a problem because there is usually no reason to study the code of another product/module/team/whatever, and if there is a reason then access can be granted, and is granted.

If your side needs to interact with another team's code and you cannot see their source code it at least forces everyone to have properly documented APIs.

[imagiko]

Assuming your developers have malicious intent is a bit strange for me personally. But I get that some companies may have this structure in place.

[mytailorisrich]

This does not assume anything. That's the point.

[imagiko]

> no real valid reason to do so

I'm struggling to find a reason within my org as well.

[ironmagma]

IP theft would be one reason. If a computer is stolen which has source code that could be a problem. That said, most companies just deal with that risk or their business is not so dependent on source code but services and support instead.

[smt88]

> That said, most companies just deal with that risk

They actually don't, sadly. Most companies limit the risk using non-competes.

It's very hard to secure code. If someone wants to steal it, they can usually figure it out.

It's much easier to limit their legal ability to profit from stolen code. Most companies don't have IP that's very valuable on the black market. If you stole Zoom's compression algo, for example, it would be hard to profit without openly starting a new company and violating your non-compete.