[cowsup]

Given what you wrote, it's hard to tell one way or another what they think about you personally. Was the code stored on your personal device, or a company-issued one? If it's company-issued, it's probably nothing to worry about, since, if they were to terminate you, they could immediately restrict your access to the codebase.

I view it vastly more likely that this isn't anything personal, it's just a new corporate decision to limit who has access to the code. If someone's job is a bit more complicated, but they can still do their work, while the company is far more protected, that is a good trade-off for lots of folks.

Also, your company "looking to reduce expenses" doesn't mean anything. Every company is. You will hear that, in some form or another, in almost any organization. If they have to increase spend for cybersecurity, they will.

[lovatsofa]

I see your points, and I genuinely hope you're correct—if this is merely a new policy aimed at limiting access to the code, then I can understand the broader motivations behind it. That said, given my concerns about cost and efficiency, the question becomes whether it's worth the effort to try and get leadership to reconsider. From a practical perspective, the restriction makes my job notably more difficult. The Inefficiencies introduced directly translate into lost time, hindering my ability to troubleshoot, test and debug efficiently. Over time, this could affect my productivity, or at least the appearance of it, which in turn could be detrimental when my output is closely scrutinized. The indirect, long-term impact on the product is another rabbit hole entirely.

TL;DR If due to policy changes and my concerns are valid, do I pursue raising my concerns to leadership?

[xwolfi]

Is it your first job ? If it is, don't worry, it's way worse everywhere else. Sometimes you have committees eating many man-hours, every day, to green light releases with non-technical people having the last word, asking no question, and always, always approving.

When I do a release as a dev, I don't do it myself: someone in another country presses the buttons I ask them to press, type the linux commands I ask them to type, and accept my answer when I say it looks good. Because I am, and all my colleagues are, considered a security risk, and it's better we dictate everything to someone who has no idea what we're releasing, for security reason. We call that segregation in duty, instead of "complete waste of time".