zlacker

[parent] [thread] 2 comments
1. zumina+(OP)[view] [source] 2023-12-29 19:18:04
> most companies will choose to write their own code.

That might depend on the ubiquity of the OSS in question. If a company's option is to rely on a piece of open source software that has been used billions of times over without incident versus rolling their own solution that at best has only been tested in-house, could they say the latter is really the safer bet?

replies(2): >>rebecc+11 >>drewco+W1
2. rebecc+11[view] [source] 2023-12-29 19:23:20
>>zumina+(OP)
I'm not saying this will happen, just that it's the one of the concerns that people have. I can certainly see the argument that some companies will go this route. It might not be the most rational decision, but people aren't always rational. Having something in your control often _feels_ safer.
3. drewco+W1[view] [source] 2023-12-29 19:28:17
>>zumina+(OP)
Well let's say an incident happens. A big one. Lots of egg on C-level face.

Would those execs rather . . .

a) publicly berate and fire the internal developer who created the problem

or

b) have to point out that the opaque series of tests internally just wasn't up to snuff and promise to improve them?

When the bug's in OSS and the company is held responsible, there is no option a.

Unless the OSS projects themselves are staffed up and able to provide legal responsibility, why use them?

[go to top]