At the beginning of the project, I decided to put the entirety of my game under the MIT licence, so that anyone could study the code or even start their own server for the game.
However, with the increasing popularity of my project, I am starting to worry about security issues. Even though I consider myself decent at web development and am pretty sure I'm not making any classic mistakes (SQL injection, cross-site scripting, URL forgery, etc.) I am no web security expert. I didn't find any relevant examples to compare my game to, as most open source games are written in a compiled language, and no web server is at stake in those cases. Some web developers friends told me not to release the source code at all, others told me to release it only when the game will be shut down- naturally I'm not satisfied by either of these solutions.
What approach does Slashdot recommend ?