My current boss would rather die and take us all with him before letting code out of our network. But he is actually slowly killing me and the other devs each time the svn webserver takes a dive, by having me maintain the ACLs, and by preventing us from using git until we build out our own infrastructure.
We're not in the business of SCM. If I was in charge, I'd pay the experts to do SCM, especially the ones like github that make tools that make developers very happy. Furthermore, I have more faith in github's security team and model than the network and servers the junior sysad that was let go 6 months ago put together.
As far as protecting intellectual property...
I know it seems like the world to a software company or a developer, but your raw code is actually worthless. Your team, and how the use, integrate, improve and sell the code is where the value is. Not `server.py`.
Any employee can walk out any day with a copy of the repo and knowledge of how it can be put to use. But the chance of him putting this to work for himself, putting you out of business, is practically zero.
In short, I would do what's easiest for everybody and relax.
Presumably, if you're security conscious, someone reviews all patches before they make it anywhere near shipping. But obviously that is not foolproof.
But then, what would happen if, say, someone went through the backdoor on github and patched a binary and modified the commit log to cover his tracks.
Hopefully git would fail loudly when you pull?
As an owner of code, I would never put the code in the cloud. I don't even put binaries in the cloud without obfuscating them. Every little bit helps.
And I also disagree that the code is worthless. Imagine the value of your company if all the code suddenly disappears! Not only do you have to rewrite everything from scratch, but you can't support your existing customers while you are doing it.
Final point, doing what is easy for everyone else is exactly the kind of thing that limits your competitive advantage. If all your competitors are using Github and github loses all their data, you win!
But I'm not sure what "owning code" means these days.
Almost all the software I get paid to write is based on open source software. I assume competitors are constantly looking at the same OSS projects I am, and do know about the features (and flaws) within.
Perhaps this puts us at a competitive disadvantage, but if we had to write everything from scratch in secret so we could "own it" and make sure nobody ever saw it, we wouldn't have a product yet. Actually we wouldn't be in business at all.
Also, there's almost zero possibility with git of not having a recent copy of the code somewhere, whether github is accessible or not, as a few other posts have noted.
Taking the other side for a moment: Really, no code in hosted environments (which is what I presume you meant by "the cloud")? In a production environment, user data is way more important than deployed code (compromise that and you may be looking at jail time in some jurisdictions, nevermind ruinous consequences to the business' reputation)...is that encrypted before it hits the disk or something? Or, do you think that any code or data not stored on machines located on premise is tempting fate?
They're equally likely to suffer the kind of failure that would directly expose your code.
(Just trying to continue to run the skeptic's argument, here. I agree with the point quite a bit.)
Just because you can play a CD does not mean you can make a fortune on covers without permission.
For security, it depends on just how much security you think you need for your source code. What's the attack model? Do you have competitors who have so much to gain from reading your code that they'd risk industrial espionage? Is there sensitive data checked into your source control that would put you at risk if there were an accidental leak?
Personally, I don't think anyone has much to gain from reading my company's source code. GitHub has much more to lose from a privacy breach than most individual customers, so they have the best incentive to secure their systems. They also probably know more than I do about keeping the repositories secure. On the other hand, if I had an exceptional need for security, I'd want to hire an expert myself and keep full control over the servers and processes.
I'm not sure I can even properly enumerate the risks -- if I could, I'd be able to make a calculation pretty easily. Espionage seems absurd, but who am I to say that that's not a possibility?
That said, we're getting by by cutting back on our extraneous costs, which means exactly the opposite of "hire someone ourselves and keep full control".
There are the occasional downtimes, but as its dvcs thats not really a problem, just push using ssh to your sites instead (wait 5 minutes, make a cup of tea, etc)
Like other posters in the thread I agree the real value is the people writing the code, not the code itself.
I would say if you're that paranoid about code leaks setup a gitorious server (http://gitorious.org/gitorious) on your network and save the monthly fee (and the worry).
You will, however, miss out on the other useful things github has to offer. Every repo now gets its own wiki & issue tracker, so no need for trac.
My current favourite feature is gh-pages (http://pages.github.com). You can make a named branch on your repo and it will be hosted as a website. If you have an API that can be your public documentation branch; you can also use it for simple sites (my blog is a github page). All pages are hosted free of charge on their shiny new rackspace servers. These days they also support cnames mapping.
Edited for typos...
You don't know for sure that you haven't had any security problems. All you know is that you haven't noticed the results of any security compromise.
- as you said git is relatively easy to maintain locally (at least compared to the standard customer-facing stuff)
- there's no difference in reliability / backup security really imho - unless you trust your local hardware less than "some random host in the cloud"
- not sure what your code does / is, but if you don't publish it, you don't even have to think about information leak (apart from standard host security)
- does the hardware cost play that big role for you? you didn't mention any other gain
- tbh, I'd be more worried about someone discovering that you host your public services' code online and starting to look for security holes just for fun - normally you don't need to think about the security of some one-off utility that you commit, but when it's online, it can tell more about your internal arch. than you want to show
So if you have a dedicated host for git and want to get rid of it, sure - even the private hosting will be cheaper. But is it more important than the other issues.
Our real aim is to eliminate all in-house hardware. Sysadmin is definitely not our core competency, as they say.
edit: http://fi.github.com/
http://fi.github.com/pricing.html
I'm not trying to have my cake and eat it too -- I recognize that there's a different risk profile to outsourcing hosting of any service compared with doing everything in-house. I just want to make sure I'm not veering too far off the tracks in this case.
How about $999.99 (same as Adobe Photoshop so it should only require middle management approval)? What if you got a box like the yellow google search box (it could be called that the "premium version")?
An unknown factor in all this is how many companies would be even interested in buying a github server in the first place. If it isn't that many the costs might be too low to sustain development. I am betting that for the GitHub guys it makes a ton of sense for them to sell the private small accounts on github (and only manage/fix 1 github version). and for the big guys sell them a big package.
If your and/or your partners need some help putting your mind at ease about hosting your code with us, feel free to email me directly at pj@github.com and I'll do my best to help.
