I just joined a new team (very small: four developers in total, with two of those leaving soon). The two original developers set up the git repo on a folder in a Windows network share.
Am I taking crazy pills, or is that a bad idea? Our organization does have github/gitlab/bitbucket available, so is there any good reason not to use those hosted solutions?
Our organization does have github/gitlab/bitbucket available
Do you mean “cloud services”? Maybe your colleagues don’t want them there.
For PCI-DSS relevant code, we only use internal systems.
That may be the case, but the original engineers have made other highly questionable decisions: the backend service was written in Java 8…just last year!
I would have to agree on this, it seems rather odd if the code repo is confidential or classified to be shared on a Windows Share. The reason why we would use Git services (self-hosted) is so that we have multitude of security services/layers maintained by dedicated team of system administrators such as firewall, service update, data redundancy, backup, active directory and so forth.
I can see a scenario where people accidentally put classified repos or information that aren’t supposed to be shared on Windows Share where unauthorized users could view that repos.