It does matter, because you can’t self-host nore audit the code. What you say isn’t wrong, unless they were to use a public facing reproducible build system ofc. But at minimum, if their server side code isn’t open source at all then you can’t even verify if it’s completely vulnerable spaghetti code or not. Some transparency is always better than none at all.
It does matter, because you can’t self-host nore audit the code. What you say isn’t wrong, unless they were to use a public facing reproducible build system ofc. But at minimum, if their server side code isn’t open source at all then you can’t even verify if it’s completely vulnerable spaghetti code or not. Some transparency is always better than none at all.