My hunch is that when push comes to shove, they will try to play the game of not having a repository for the machine code, or worse, having a repository but actually running with unreleased / undocumented builds.
If I was running the operation, I would demand periodic pulls of the machine program before/after making any changes, and save them as backups to a protected, master archive. That way, even if they were doing unscrupulous shit with changes to the machine code, you could always revert back and reproduce the issues, as well as demonstrate how the changed code fixed the issue, all without needing to dig into the proprietary code itself.
No clue here, but also demanding answers.
My hunch is that when push comes to shove, they will try to play the game of not having a repository for the machine code, or worse, having a repository but actually running with unreleased / undocumented builds.
If I was running the operation, I would demand periodic pulls of the machine program before/after making any changes, and save them as backups to a protected, master archive. That way, even if they were doing unscrupulous shit with changes to the machine code, you could always revert back and reproduce the issues, as well as demonstrate how the changed code fixed the issue, all without needing to dig into the proprietary code itself.
https://www.youtube.com/watch?v=ficae6x1Q5A&feature=youtu.be&t=145