[tpoacher]

> combined with a good faith enforcement

which, of course, is the elephant in the room, isn't it.

Good faith contributors don't need the code, because it was not written for them. It was written for the pathological cases.

And systems designed around pathological cases are themselves pathological.

[bitwize]

Good faith users don't need security policies because the security policies weren't written for them. They were written for the pathological cases.

Good faith citizens don't need laws because the laws weren't written for them, etc.

Systems designed around the pathological cases help keep those pathological cases at bay. They are a framework for allowing the good-faith people to continue to act in good faith without having to constantly worry about the pathological cases themselves. I'd love to go back to the days when people left their doors unlocked and no one had a password to get into their account, but those days are gone. So are the days of not having a code of conduct on your open source project.

[tpoacher]

Having safeguards, let alone against criminals, is a very different conversation to having a code of ethics.

Perhaps the fact that we as a society are so ready to associate codes of ethics with policing should be raising some red flags in how we think about this issue.