Isn't the whole purpose of publishing open source so people can "rip it off"? Just publish it with an an easy license (I like MIT). Anyone who strips the MIT license headers off your source isn't really likely to be somebody who's going to do something worthwhile with it. Grown-up programmers don't do that. And, I don't think I have EVER heard of a grown-up programmer claiming that somebody "stole their code". Is this something that actually really happens? I don't think so.

tbh, as someone who hires programmers, "here's a link to the code u can request independently of github" would be a dead giveaway that you are a junior programmer. It seems decidedly weird to me. Grown-up programmers don't really do that. If you want to share the code, then share it. If you don't, then don't. There's so much freely available source code available already that it seems vanishingly improbable that anyone is ever going to "request the code"; but if you just post it on github, there is a vanishing probability that somebody might actually find it useful, and.. well.. use it!

And if you are expecting potential employers to "request the code", don't. If you are a junior, it's a given that your code will be awful. Perfectly expected, and perfectly normal. Once you're hired, that will be fixed. Not a problem.

My vote: just publish it. Do it with purity of intent. You want to make code available that other people might find useful. And don't sweat the details.

I fear sharing code for a different reason. I'm a perfectionist with tendency toward procrastination and anxiety, and sometimes I overestimate my abilities. So when I submit a PR, I want to make sure the code is clean, well organized, and covers all corner cases and hidden feature details. This works well most of the time. I put effort to think about design, structure, and implementation more than coworkers. And after a decade of experience I can code quickly for tedious tasks.

But sometimes, when implementing non-trivial features, I struggle to come up with good implementation. This prevents submitting working code early. And when I feel I'm delayed, my anxiety kicks in, and I have this urge to implement cleaner code and more features than expected even though all of my coworkers just want working code. And I feel more pressure, more urge to implement well, more anxiety, but it makes me procrastinate (I'm working from home so I can just lie down on the bed when I'm depressed). Sometimes I manage to implement, sometimes I give up and the feature is not implemented or assigned to a coworker. But in few cases I end up with severe depression, stop functioning, and finally quit the job.

I can handle this better than before after making same mistakes again and again, but still happens sometimes.

Truth: no-one really cares about your code

We publish code so others can see it, the lazy and the productive.

Lazy people do not prosper, so don't waste your energy thinking about them.

Why do you want to publish yours, just as a portfolio? Then make a portfolio.

Most code is throwaway, even to you.

Most code will quickly be obsolete anyways, even for you.

Most code you write will be torn apart by often the harshest critic: yourself.

People who chase others' code just to copy it and not to understand it will not get anywhere, especially today.

Share for your benefit first, and share often. That's how I have found my gems, even for code I've written.

One of the things you learn as you get older is other people don't think about you (or at all) as much you think they do/will.

We are often our own worst critics - put your stuff out there, there is little to lose and some upside, if someone likes your demo and clicks through to see the code and can see it then that's a low friction path, by having to request access most people won't or will - but forget all about it etc.

As an instructor, I think you should have your stuff private while you're a student in a particular class. Just share the repo with the instructor. The reasoning is that if someone steals your stuff, it's often hard for an instructor to tell who stole from whom. And that's just trouble you don't need. Yes, you can argue commit histories and all that, but why bother?

Once you're out of the class, there's no reason to keep it private in my humble opinion. The answers to everything every instructor gives in school is out there somewhere. And AI can solve most of them.

I’m 20 years in. I don’t publish that much code because I’ve traditionally been in roles that discourage open source, but after 20 years in I’ve accrued a portfolio on GitHub of personal projects. No one has ever commented on any of it.

On internal projects it’s different- my code is the teams code. It’s never actually been mine. My colleagues comment on it, provide feedback and help me improve. After all, we are all supporting it. I’ve had almost exclusively positive experiences doing this, even if sometimes I had to change some of my priorities or opinions on things.

At this point I have a fancy enough title that, in the rare cases I get to write code or docs, people lower in level are willing to give me feedback and everyone higher in level is too busy. I miss it- it’s hard to improve without feedback and genuine collaboration is fun.

So I say publish it. Most likely no one will say anything. Maybe you’ll get some feedback and you’ll normalize managing it. Maybe you’ll find a collaborator. Maybe you’ll get flamed by a troll and you’ll learn there are idiots on the Internet. But most likely a few people will just look and say nothing.

An aside, this assumes you are not in some toxic subculture. Your mention other students- if you are in some form of university environment where there is a culture of belittling others you might want to wait. I promise that’s abnormal.

Reminds of the thought experiment, "if a tree falls in a forest and no one is around to hear it, does it make a sound?"...

People you never heard of are open-sourcing projects you'll never find every day, there are hundreds of millions of repositories on GitHub and very few of them will ever be seen by humans who didn't write them, let alone humans looking to pretend they did.

Presumably someone looking at your portfolio will be reviewing CVs to hire? I think throwing up a barrier on them evaluating your code will hurt you much more than the rest of the world being able to see it.

Don't worry, far worse than students using your code is the people who find it and attempt to demand that you write stuff for them for free. I'm not even joking at all.

Contrarily, I've chatted with plenty of folks who found some hobby project I wrote up and thank me for writing it and saving them time and/or frustration.

Open your source or don't, people may use it without asking, if this upsets you, then don't. Do what you want with your own work. A buddy of mine sent me a screen shot of google's AI citing some crap that I wrote, I replied, "Wow, I hope no one actually use that!"

When I'm looking for developers I kind of expect to see something on github aside from the standard git tutorial. I'd much rather read someone's code than force them to do some coding test.

I wouldn’t worry about students. They won’t be hurting you, only themselves. If the goal is to learn, they aren’t learning. This will either mean programming is a random class they’re taking, not their career, so who cares… or they’ll have a really hard time later in life when they will need to sink or swim in a real job, having not first developed the skills. That’s not a problem for you.

It’s also much more likely they will go to AI these days; the odds of them searching and landing on your repo to use are almost 0. If they do, I imagine most schools would scan for direct copies of existing code.

With LLM’s now, odds are, they’ll just copy pasta that code. Yours may be similar but if you slap a license on it, most people respect that and will adhere to it.

That said, fear of someone stealing your code is completely unfounded as there isn’t really anything novel we produce anymore. If you are on the bleeding edge, you welcome input and PR’s from others to make it better. Only wise men know they know nothing. Collectively, we can build some amazing software.

Now, if you’re trying to build a business off of your software, you may want to keep that to yourself and not share it. If your business isn’t the software but your service, there’s no harm.

In 2025, why would they “steal” your code instead of just using an LLM to generate it?

> I worry about other students being lazy and just ripping my hard work and claiming it as their own. That really pisses me off when I hear some horror stories like that.

Make the code part of your professional marketing. It’s not code for code sake but to enable you to blog, speak, etc about something interesting. Then there’s little chance some theoretical thief is also communicating those ideas. And if you’re good at evangelizing yourself it SHOULD happen that someone steals your code. If anyone looks up the ideas, they’ll be inundated by content you created. The code is secondary.

It's a valid concern. Lazy idiots who take your work and then claim it as their own exist in the real world too. It's a social issue that requires a social solution. We need to actually enforce reciprocality, otherwise the incentives favor the zero-sum takers, who will take your work, reap the benefits, never give anything back in return, or worse, claim your work as their own and accuse you of copying them, and never face any consequences. When there are enough takers, people become demotivated and reluctant to collaborate.

In your specific case, if you spot a student claiming your work as their own, you can confront them directly, mock them and shame them in front of others, or report them to the faculty, or all of the above. Don't feel bad taking retaliatory measures against those who have already fired the first shot by claiming your work as their own.

It's fine if they copied your code and then gave appropriate credit, though. There's nothing wrong with someone else integrating your work in their projects as long as they gave credit, and even better, publically released their code so you may use what they built, too. Win-win.

I’ve had several people steal my open-source code for different projects before. I’m talking copying (not cloning) the whole thing, changing the credit to their name, making no other modifications, and then republishing on their account.

Fortunately they never gained much traction. The ones I know about I blocked on GitHub with a note. No idea if they ever found out or if they tried workarounds, but I figured there’s not a lot more I could do about it and it’s not worth the headache.

I continue to share openly.

I just got off of a few years at a FAANG and perhaps my greatest learning is that code is just table stakes. That is, it hardly matters and for a well functioning business it is best for it to be malleable and to not get too attached. It’s just code, the product is what actually matters.

Really just a long winded way of saying no one cares. Anybody who is looking at your portfolio is going to care more about what you built than how you built it. Anyone trying to rip you off it’s just hurting themselves more than anything

Don’t worry about others. Just share your stuff. Here is who will look at your code:

1) unusually good interviewers. These will glance through your repo for 30-120 seconds, checking for a) clear code style, b) clear ideas, and c) good documentation. Nobody but influencers will do a DEEP code review of code they’re not being paid to review.

2) people on HN or Reddit if you write an interesting blog post and link the underlying code.

It’s usually true that we are our own worst critics. This is an order of magnitude truer for developer portfolios.

I definitely think it’s worth sharing, especially if it’s version controlled. By making small precise commits you’re proving your steps of how you got to the end result. Even if someone copied it you still have the receipts of how you got there.

In math, half the work is proving how you got the answer. When it comes to proving your worth as a programmer, I’m a firm believer the same principle applies.

Code is a means to creating an outcome. There are plenty of ways to achieve any given outcome. And an LLM can probably come up with a better solution than you anyway. So, get over it.

Unless you're doing something that's super unique and new (e.g., you've discovered some new compiler trick or technique that no one else has done, and you want to write a paper on it), then I really wouldn't worry about it. You'll know when you've written something like that.

> I worry about other students being lazy and just ripping my hard work and claiming it as their own.

Is the main concern that you have a class project you don't want other people taking credit for as their own? I wouldn't bother sharing standardized class projects that future classes may give again, and those projects don't mean much anyways. Your portfolio should ideally be projects that are something more uniquely created by you.

Also, what's specifically the issue with other students taking credit for your work as their own? In a school setting, it should be pretty clear who committed their code first. If it's for future employers, the most important thing is demonstrating full understanding of the project while being able to discuss it.

"What It Means To Be Open" by Lu Wilson is well worth watching:

https://youtu.be/MJzV0CX0q8o?si=aVmlJNuSlSyjomQa

I read all the comments. But I don't see anybody asking:

"Why do you think you need to share your code?"

"What benefit(s) do you expect to gain from sharing your code?"

You should be happy that anybody at all bothers looking at your code.

As someone how has spent several years in therapy in part related to anxiety, the answer to "how do you get over the fear of X" is "do things that incrementally approach X".

https://en.wikipedia.org/wiki/Exposure_therapy

There's really no other successful approach I've seen for curing anxiety. You have to just steel yourself and do the thing you're afraid of. It gets easier every time.

If someone else steals your work, you should be proud. They found it to be valuable. If they managed to sell it or build something with it, they’ve demonstrated that you can do the same. Use it as a learning experience.

Keep in mind that you are in control of what people are allowed to do with your software. By default, your code is unlicensed even if it is public, which means no one else can distribute it or change it or do much of anything with it. Thus, if someone uses it and claims it to be theirs, you can sue them if you want to.

However, instead of leaving your code unlicensed, I would recommend choosing an open source license and applying it to your code when you make it public. There are many to choose from!

By applying a license to your code, you are establishing a clear framework for what other people are and aren’t allowed to do with it. And it’s legally enforceable. In fact, there are organizations that may step in to help you if someone violates your license or challenges it in court. For example, my preferred license is the Mozilla Public License. If someone tried to challenge me on any part of that license, Mozilla would have a vested interest in defending it, since it’s their license and they use it, too. Their lawyer is even available to chat with over email. I once reached out to ask if I could make a small tweak to the license without causing headaches. They got back to me within a few days and said it would be fine. That gave me a lot of confidence to continue using it.

Some licenses are very permissive, such as MIT. Others are much more restrictive, such as GPL. The MPL, which I use, is somewhere in between.

What’s right for you really just depends on what you consider to be fair. And every project can be different. Maybe you build some small tools that you release under MIT, essentially donating them to all of humanity. Meanwhile, you create a startup and build a product where you keep some of it private and release parts of it publicly, licensed under the GPL, because you don’t want huge corporations stealing the work for your day job without reciprocating. That’s a relatively common approach.

Whatever you decide, just make some of your code public. The feedback and experience will be well worth it. Good luck!

People have already given you practical reasons why you're better off keeping it public. To answer your question as to how to get over your fear, you need to ask yourself what you're afraid of. You've mentioned you're worried about someone ripping off your hard work and claiming it as their own. If you can understand the root of why the idea of that pisses you off, you will probably find it's an artificial construct of ego. Understand the root and the fear will loosen it's grip.

How do you get over your fear of anything really? Build up your confidence.

If you know who you are, what you're capable of, you won't let other people's opinions hurt you.

It comes with age and experience. I don't mean programming experience either, life experience.

One can also focus on the end goal and drop that foolish pride. The goal is to have a working product, all help is welcome.

U put something out on the internet, likely no-one cares, sometimes people will point out a better way of doing it. You gain in that knowledge. I learnt a lot from public critique... it makes you better and more knowledgeable. Harness the crowd, let it out.

In the age of AI it will at the very least be laundered through various commercial interests into commercial for profit tools. Depending on the license you intended to release the code under (and you should read into the various licenses and what they intend to achieve and protect and what they don't) that may or may not matter to you, but it is happening.

Fundamentally most code goes no where, no one shows much interest unless you release a hit project. It can however be really impactful in interviews and recruitment, if your code is readable and well tested and such then it can be quite a positive for the right types of organisations. So at some point you may very well want to make it public for this purpose.

People can fork my code all they want but to anyone actually paying attention it's obvious mine is the real one. If theirs is actually better and they actually put in more work then so be it.

But in reality the original is often the best updated and the forks will fall behind because they have to merge your changes and you don't have to do that.

Unfounded I don't know.

But if you're taking the time to build out side projects I'd open them so you can put them on your resume. Doesn't make sense to me to hamstring your resume so some kid you don't know gets a slighter better score in some cs class.

Literally no one reads your code. No one! Not other engineers, not annoyed people on HN, not even people for whom it would probably be a pretty good idea. There is a common misconception that published code can build your portfolio; this is basically entirely false. I've had conversations like this:

Recruiter: "We want you to do a take home so we can get a sense of how well you can code."

Me: "I have a repo on Github with 10M downloads, 10k stars, and about 50k lines of my own code. Would that be useful to make an assessment?"

Recruiter: "Haha, no. Please do this take home that has you render a few divs in a tedious way."

So if people who are even financially incentivized to read your code don't do it, I'd say that the chances of anyone reading your code is virtually nil.

Haha I've had instructors noting with a smile that my code was "good enough for others to copy". In the end I learned a bunch, also about people. More than if I hadn't shared.

Older programmer: Nobody gives a shit about your code and nobody thinks about you as much you think they do :)

Practically it may be worth keeping code for a particular class private for the duration of the term, semester whatever so you dont get into a sticky situation where a classmate copies it and now youre defending against plagiarism and have to prove to the professor you wrote it first.

But really beyond that, nobody cares.

My recommendation is don’t internalize negative feedback from people who won’t make the time to work with you to improve. Absorb knowledge on people who invest in you.

If you're a junior now, and think your code is worth stealing, it's probably only a matter of time before you gain more experience, and instead feel sorry for everyone who copied your earlier code (please don't take it personally, this is not a diss. It's typical for programmers to grow, try more approaches, and see better solutions in hindsight).

The lazy cheaters only cheat themselves out of getting experience and learning by writing the code themselves. It doesn't even matter whether you publish your code or not, because they'll just steal from someone else, or more likely mindlessly copypaste AI slop instead. If someone can't write non-trivial code themselves to begin with, they won't be able to properly extend and maintain it either, so their ripoff project won't be successful.

Additionally, you'll find that most programmers don't want to even look at your code. It feels harder and less fun to understand someone else's code than to write one's own. Everyone thinks their own solution is the best: it's more clever and has more features than the primitive toys other people wrote, while at the same time it's simpler and more focused than the overcomplicated bloat other people wrote.

I recall in a college programming course in the late 80s where the professor would humiliate those who wrote terrible code riddled with mistakes. The other students didn't appreciate that but it didn't make them work harder. They just tried copying each other and everybody else eventually realizing I could program better than most. So they'd sit next to me and try to get me to help them in class. Needless to say I gave them incorrect advice and they got screamed at by the woman Prof. Made me realize people will take the easy way out.

You would be surprised how code you've published is in fact not read by anyone. You would equally surprised that many do read the README.

If it's not open source then don't make it public but if you want to lose your fear, just do it. It's not like it matters that much.

You're severely overthinking. The Code isn't important. It's what you build with it that people care about.

Fear of sharing ideas is one thing, but code? Well, that is a different beast altogether. In the end, it depends on how much YOU value the code. It might be a nothingburger but it took you hours or days to write because of some intricacies or you had to study some specification. That in itself has a lot of value and sharing it freely might not be the right move. It might even by a completely dumb code, the simplest thing imaginable, but it represents some internal logic that might disclose some inner-workings of some applications that might bare some risk. So...yeah, you have to figure out yourself which code is ok to share and which is not.

You can open source your code without explicitly sharing it. I started putting out the source code to my side projects and no one cares about it really. Is someone ripping it off and not respecting the license? Who knows… it’s a big internet and probably won’t negatively affect my life.

I mean this in the best possible way but your code is not special. Plagiarizers are gonna plagiarize and if not from you then from the other 1000 open-source student-friendly portfolio projects. Career wise you should be building up your GitHub ASAP, anyone can make a fancy looking frontend or whatever you do but I can’t know if someone is good without looking at the code (and I would probably never care enough to go out of my way to request it).

You are not your code.

Think about it for a moment, what do you lose from someone copying your stuff ? What do they lose ?

If people insist on staying ignorant, let them, it won't hurt you, but it will them.

Just put your stuff out there if you think someone might find it interesting or useful.

Just let them copy it? And if they fancy lying about being the author, so be it. You know the truth and everyone else doesn't need to care.

When you’re a junior it’s natural to overvalue your code, because you’re still learning this incredibly complex thing called programming, and that code took a lot of effort to produce!

But the actual truth is that the code itself is nearly worthless. The important thing is who you became when you wrote it. You learned interface abstraction, api design, how to debug, how to execute it in your head, the tooling, and most importantly you got that spark of pure joy when it finally worked.

If others copy your code they get none of that, they only get the little worthless bit, they might win a battle (cheat on an assignment) but they will loose the war (they don’t grow or experience joy) so don’t worry about it, they will flake out, while you grow and reach for even greater things!

The others students will get code from chatgpt way faster than from your code.

If you are afraid that people will think this code is not yours, sign your commits, it's unlikely they will take the time to clone your repo and remake it with new signatures.

But honestly, if it's such a source of stress for you, don't share it. It's ok to not share code. There is no rules that say you have to.

Just because most of us are into FOSS and open source doesn't mean we will less of you if you are not.

What do you fear?

> worry about other students being lazy and just ripping my hard work and claiming it as their own.

First of all, the cheaters will never read you, they'll just use AI.

Good news, your code is likely to never be read by anyone but you.

"There is only one thing in life worse than being talked about, and that is not being talked about." — Oscar Wilde

By being private, you're just not being talked about.

>I was thinking the alternative would be just linking my demo on my portfolio site as a proof of concept that yes I made it, yes it works, and if you're curious , here's a link to the code u can request independently of github.

I'll give you an even better path. Use AI to make something of size. Build in public. Who cares, if someone steals it, they are only stealing from AI and could have just gone to AI to begin with. If you get criticized, they arent criticizing you, they are criticizing some version of an AI model.

By sharing it.

Scott Hanselman have a good blog post about this suggesting you should detach yourself from your code: https://www.hanselman.com/blog/you-are-not-your-code

Especially true when working as an employee where you don't own your code.

Old head engineering serial founder here with a partial grey beard that from reading the comments herein sees myself and my security practices as an edge case, an experienced lonely outlier it appears.

First to the OP mentions about schooling experiences which struck a nerve with me, I would add that in my 4th year of College programming classes; Assembly and C, I too helped the other 6 people in my class while in the computer lab. This was the 1990s long before the dotcom boom and classes were very small in software development, folks even laughed at me for taking programming then however they do not laugh at me now. The point in this paragraph is that I too had my entire projects stolen and turned in verbatim by 3 others in my class and the professor, who was a systems programmer at Bank of America at the time, knew whose work they had turned in since I was the only person in class that understood it. She spoke to me in private and advised me to not share my code with anyone and dumbass me should have carried that forward into the real world then.

Code theft has been a thing since code was first written and this should be no surprise when most people have no idea how to formulate large sets of code into a unified function for business let alone the time it takes to write and prove that approach. I started writing software professionally in the 1990s and was the architect and sole developer of a payment processors gateway that had PayPal and several other Fortune 500 clients for many years. My company acquired another small entity within this time and unknown to us our action of interest proved to be the point of proof needed to set in motion a lawsuit from an outside third party. That third party claimed that the acquired owner and his business we bought stole their code which in time laid the interest for us to acquire that business. 10 years later and after many a court hearing that acquired owner lost the lawsuit after he was proven to have stolen the code and built a business making significant revenue from that stolen code. He was fined 5+ MM USD and had his wages garnished which he likely is still paying to this day. Yes, code theft is a real thing but many here likely have no idea.

Fast forward some time later after I had entirely rewrote my intellectual property from the ground up again into version 5 and I founded another payment processor with my intellectual property work, Yup, that code was then too stolen and used to build yet another competing business by a former business partner that felt he was entitled to my intellectual property. Yes, code theft is a real thing or maybe it is just me?

A few weeks back I attended a patent meeting discussion North of Washington DC that had several tens of people there, many younger than myself. The lawyers running the presentation were cracking jokes about the current and coming tsunami of lawsuits involving A.I. code theft and after the presentation over half the people there in discussion groups stated they were attending in an attempt to patent their A.I. solutions. The lawyers very clearly stated that they would most likely be wasting their time and money as the courts were now wise to the trolls that have no intention of applying the patent they seek to a use other than just blanket patenting mass ideas in a hope to cash in on a patent lawsuit down the line.

After nearly 30 years of doing this it has taken many scars to understand the correct approach to protect my intellectual property that is still powering past payments companies of which I founded and built. I am now applying those lessons in a way for my next venture that will ensure only I can execute my ideas with my code since the world is overrun with many liars and cheats that now exist only to claim others work as their own in hopes to get rich easily from all the big tech hysteria and FOMO. I will continue on doing what I do using my old school proven ways to build what I am building now that continues to excite me even more with each passing day as that idea manifests into my next business venture that everyone alive will need, energy storage.

Your mileage will vary greatly from my own but I leave everyone with this point to think on; why hasn't Coke published their recipe on a publicly open forum? Code is just a recipe after all but maybe it's really the chef that matters?

Stay Healthy!

Wait until every line you write has to be code reviewed when you get a job.

same way you get over a fear of anything: exposure

I think the thieves you worry about are actually going steal your code through LLM laundering, without even knowing who it was stolen from.

If you're not going to do a startup with your code, you probably need to focus on a mix of learning and self-promotion. With the market prioritizing self-promotion. Which probably means just trying to make sure that code that reflects well on you, does so.

Which probably means making it it open source, even if AI training data companies will steal it and give it away.