I’m really worried stuff like this will make open source a “dark forest” scenario.
I’m having trouble envisioning how a dark forest open source software ecosystem behaves. Could you expand on that worry a bit more?
I’m thinking of the intelligence life in the universe being a dark forest. Would open source software stop accepting PRs at all except from those made through non-internet-channel trust agreements? Therefore stifling open source proliferation through loss of speed on the “anchor” software while also creating multiple forks that try to not be dark forest?
Yeah, that’s essentially it. If open repos become immediately inundated with unwanted and potentially (likely) malicious code contributions, each project has three choices:
- Accept all PRs with normal testing and deal with fallout
- Reject all PRs from unknown contributors (so code is open but not contributions)
- Perform laborious vetting of all new contributors.
My guess is 2 wins out. But then, you wonder how difficult it might be for agents to develop a rapport with a human maintainer, leading to trusted status. That is the Jia Tan problem, but now automated and at scale.
And so you wonder how many projects exit the public eye, choosing alternative development and distribution mechanisms instead.
Hot on the heels of the compromise from three weeks ago… here’s a full supply chain compromise of Trivy now complete with malicious secrets stealing: https://arstechnica.com/security/2026/03/widely-used-trivy-scanner-compromised-in-ongoing-supply-chain-attack/