
Ask HN: How dangerous is source code access? - fredrikfornwall
For a small startup whose product requires source code access (think static analysis as a CI service), how dangerous is it having access to the (non-open) source code of commercial customers?<p>How do we protect ourselves from the risk of a &quot;IP troll&quot; trying to earn money by claiming that we have used their source code, looking for similarities between their code and ours if it comes to a court?<p>We are planning to have a free tier where anyone can sign up, and without any protective measure it seems that we are opening up ourselves to risk.<p>At the same time I realise that the situation of having source code access is common (GitHub, GitLab, Travis, Netlify, ...) - how do the big players protect against the same risk, besides having a formidable legal department?
======
yellow_lead
It sounds like you could benefit from a lawyer, some well written terms of
use, etc.

Though, I have used a third party tool like this in the past where it did the
static analysis locally. Is it out of the question you could do this? Could
provide a Jenkins plugin or self-hosted option.

