[superuser2]

If you can come into my place of work and find out that we don't have backups, we're not hashing customer passwords, everyone is sharing a single user account, or we don't lock the doors at night, please do criticize.

Rejecting widely accepted good/necessary practice like that for no apparent reason other than "it's working for us so far" is stupid, arrogant, irresponsible, and wrong.

In this case, however, the criticism is unfounded because Postfix is using source control internally. Whether the system is exposed to the public is inconsequential as long as it's being used.

There is no way you can spin it as anything even remotely close to okay if there was no change tracking in the Postfix project at all.