Coming from my background (DoD, don't laugh.), code review of anything other than in-house developed applications never occurs. In any instance open source is used, it is mandated that it come with a support contract (per DISA STIG) which provides the support and accountability the organization is looking for.
So, with regards to your assertion, the second clause (support contract)? Definitely. the first (code review), never.
That's the view from my side of the fence, anyways.
So, with regards to your assertion, the second clause (support contract)? Definitely. the first (code review), never.
That's the view from my side of the fence, anyways.