惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Engineering at Meta
Engineering at Meta
T
Threatpost
P
Palo Alto Networks Blog
NISL@THU
NISL@THU
O
OpenAI News
Project Zero
Project Zero
G
GRAHAM CLULEY
P
Privacy International News Feed
A
Arctic Wolf
Microsoft Azure Blog
Microsoft Azure Blog
H
Help Net Security
M
MIT News - Artificial intelligence
T
Threat Research - Cisco Blogs
S
Security @ Cisco Blogs
Google DeepMind News
Google DeepMind News
B
Blog RSS Feed
D
Docker
aimingoo的专栏
aimingoo的专栏
博客园 - 【当耐特】
N
Netflix TechBlog - Medium
云风的 BLOG
云风的 BLOG
雷峰网
雷峰网
W
WeLiveSecurity
P
Proofpoint News Feed
腾讯CDC
Cloudbric
Cloudbric
S
Secure Thoughts
C
Check Point Blog
博客园 - Franky
T
The Exploit Database - CXSecurity.com
T
Troy Hunt's Blog
GbyAI
GbyAI
Security Archives - TechRepublic
Security Archives - TechRepublic
Application and Cybersecurity Blog
Application and Cybersecurity Blog
月光博客
月光博客
C
Cyber Attacks, Cyber Crime and Cyber Security
I
Intezer
TaoSecurity Blog
TaoSecurity Blog
L
Lohrmann on Cybersecurity
V
Visual Studio Blog
F
Fortinet All Blogs
博客园 - 叶小钗
C
CXSECURITY Database RSS Feed - CXSecurity.com
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
Recorded Future
Recorded Future
C
Cisco Blogs
博客园 - 司徒正美
Stack Overflow Blog
Stack Overflow Blog
Y
Y Combinator Blog
Apple Machine Learning Research
Apple Machine Learning Research

Hacker News - Newest: "AI"

AI can't read an investor deck AI as an attorney? Student uses ChatGPT, Gemini to sue UW over alleged racial discrimination Hacking MCP Servers in AI Systems – The Rug Pull: Tool Changes After Approval GitHub - MeepCastana/KubeezCut: Free Web based video editor GitHub - GenAI-Gurus/awesome-eu-ai-act: Curated tools, official sources, OSS, templates, and guides for EU AI Act compliance. Can AI judge journalism? A Thiel-backed startup says yes, even if it risks chilling whistleblowers Coming soon: 10 Things That Matter in AI Right Now DARPA built an AI to fact-check enemy weapons claims What explains heterogeneity in AI adoption? When AI Meets Muscle: Context-Aware Electrical Stimulation Promises a New Way to Guide Human Movements - Department of Computer Science AI Changed How We Build. It Did Not Change What Matters. Linux rules on using AI-generated code - Copilot is OK, but humans must take 'full responsibility for the… Meta spins up AI version of Mark Zuckerberg to engage with employees Code Mode: Let Your AI Write Programs, Not Just Call Tools | TanStack Blog GitHub - Delavalom/graft: Go framework for building AI agents. Type-safe tools, multi-provider (OpenAI, Anthropic, Gemini, Bedrock), zero vendor SDKs. India's TCS tops estimates, says new AI models did not dent services demand Gen Z's fading AI hype Strong feeling: we are in a folded AI reality GitHub - machinarii/total-recall-catalog: A reference catalog of latest knowledge retrieval, memory & RAG systems GitHub - mensfeld/code-on-incus: Give each AI agent its own isolated machine with root, Docker, and systemd. Active defense detects and stops threats automatically.. Quantization, LoRA, and the 8% Problem: Benchmarking Local LLMs for Production AI Iran war: We spoke to the man making Lego-style AI videos that experts say are powerful propaganda Powell, Bessent discussed Anthropic's Mythos AI cyber threat with major U.S. banks GitHub - immartian/bellamem: Persistent belief-graph memory for AI agents. Retrieves decisive context by importance — not recency, not RAG, not /compact. recursive-mode: The Repo-Native Operating System for AI Engineering After the attack on Sam Altman's home, will AI CEO's go on the offensive? The biggest advance in AI since the LLM Opus 4.6 vs GPT 5.4 One Prompt Unity World Generation Test “AI polls” are fake polls Client Challenge Can AI be a 'child of God'? Inside Anthropic's meeting with Christian leaders How to Switch AI Chatbots and Why You Might Want To GitHub - MattMessinger1/agentic_refund_guardrail: Safe refund policy layer for AI agents — Python + TypeScript. Same behavior, shared tests. Adam/papers/emergent_values_whitepaper.md at master · strangeadvancedmarketing/Adam Ask HN: How do you stop playing 20 questions with your AI coding tools How far can automation and AI support psychotherapy? - @theU GitHub - stagas/rtdiff: realtime git diff gui and AI-assisted commits A Mac Studio for Local AI — 6 Months Later A History of the Early Years of AI at the University of Edinburgh Why AI Coding Tools Still Feel Stuck on Localhost MSN AI Datacenters Are Becoming Strategic Targets twitter.com Penn Researchers Use AI to Surface Unreported GLP-1 Side Effects in Reddit Posts Show HN: MoodSense AI (ML and FastAPI and Gradio, Deployed on Hugging Face) Moodsense Ai - a Hugging Face Space by aman179102 AI models are terrible at betting on soccer—especially xAI Grok GitHub - xialeistudio/echoic GitHub - HimashaHerath/github-dev-wrapped: AI-powered weekly GitHub activity reports deployed to GitHub Pages GitHub - alejandrobalderas/claude-code-from-source: Architecture, patterns & internals of Anthropic's AI coding agent — reverse-engineered from source maps AI and Tech brief: Ireland ascendant GitHub - Titovilal/context0: Context0 - Never Surrender Training for a Marathon with an AI Coach: What Worked and What Didn't Cyber Pulse: Agentic Intel - Apps on Google Play I Built an AI PR Reviewer That Catches Bugs by Not Looking for Bugs Gen Z workers are so fearful AI will take their job they’re intentionally sabotaging their company’s AI rollout | Fortune How AI Is Reimagining the Game of Golf–For Both Players and Courses GitHub - nattergabriel/reseed: A CLI tool for managing and distributing agent skills across projects Is SVG the final frontier? My AI workflow evolved from prompts to a near-autonomous workflow MLSharp Help - 3DGS Viewer & Generator I put my cognitive field based AI's runtime on GitHub Is Numble the first AI-proof game? A3: Kubernetes for autonomous AI agent fleets | Emergent Principles Deepali Vyas ("The Elite Recruiter") GitHub - msmarkgu/RelayFreeLLM: A restful API designed to route user prompts to various AI model providers. Unionized ProPublica staff are on strike over AI, layoffs, and wages Unleashing the Advantage of Quantum AI We're heading for an AI-fueled 'dementia crisis,' brain scientist warns The AI-Assisted Breach of Mexico's Government Infrastructure [pdf] GitHub - stef41/lmscan: 🔍 Detect AI-generated text and fingerprint which LLM wrote it. Open-source GPTZero alternative. Zero dependencies, works offline. MSN GitHub - visionscaper/collabmem: Enabling long-term collaboration with Agentic AI - building up episodic and world model memory over time with in-context awareness We gave an AI a 3 year retail lease in SF and asked it to make a profit | Andon Labs AI Code is Hollowing Out Open Source, and Maintainers are Looking the Other Way What leaked "SteamGPT" files could mean for the PC gaming platform's use of AI AI is the boss at this retail store. What could go wrong? GitHub - Wuzu11517/agentic-proxy: Local proxy meant to help reduce With Drones, Geophysics and ArtificiaI Intelligence, Researchers Prepare to Do Battle Against Land Mines A Single Operator, Two AI Platforms, Nine Government Agencies: The Full Technical Report 在 Steam 上购买 FriedrichAI: Offline AI 立省 10% GitHub - inevolin/resume-cli: Hit Claude usage limits? Resume any AI coding session elsewhere. Switch tools at zero friction. GitHub - atripati/ark: AI Runtime Kernel — a context operating system for AI agents. Eliminates tool bloat, loads only what’s needed, and gives LLMs their reasoning space back. How to Build a Secure AI PR Reviewer with Claude, GitHub Actions, and JavaScript This Startup Wants You to Pay Up to Talk With AI Versions of Human Experts Intel Arc Pro B70 Brings 32GB VRAM to Local AI for $949 WordPress 7.0: The Good, the AI, and the Still Missing AI on the couch: Anthropic gives Claude 20 hours of psychiatry IatroBench: Pre-Registered Evidence of Iatrogenic Harm from AI Safety Measures AI Agents Know About Supabase. They Don't Always Use It Right. The history and future of AI at Google, with Sundar Pichai Inside an AI‑enabled device code phishing campaign How Meta Used AI to Map Tribal Knowledge in Large-Scale Data Pipelines AI for Systems: Using LLMs to Optimize Database Query Execution Forecasting the Economic Effects of AI Introducing Tinker: Play with AI, bring your ideas to life AI sheds light on an ancient gaming mystery People really hate AI but not as much as Iran—or Democrats | Fortune What is an AI Product Engineer? Phoebe Gates wants her $185 million AI startup to succeed with 'no ties to my privilege or my last name': 'I have a chip on my shoulder' | Fortune
AI-generated abandonware is hollowing out open source
chhum · 2026-05-20 · via Hacker News - Newest: "AI"

You have 1 article left to read this month before you need to register a free LeadDev.com account.

Estimated reading time: 7 minutes

Key takeaways:

  • Generative AI has drastically lowered shipping barriers, creating a surge in low-quality abandonware.
  • AI workflows short-circuit traditional community engagement loops, starving open-source projects of documentation traffic, revenue, and new maintainers.
  • Maintainers are overwhelmed by a deluge of automated AI slop submissions.

Open-source abandonware isn’t new. Repositories have always accumulated half-finished projects and good intentions. But there’s growing evidence that AI-generated code is making the problem significantly worse.

With AI-assisted development, you trade code quality for quantity. As we’ve noted before, in environments where accuracy matters, such as a financial exchange, you end up spending less time writing code and more time verifying and refactoring it. With code that is more exploratory or personal, like my own tools for Google Docs, quality matters less. But that has a different side effect: we end up generating more code that is quickly abandoned.

Of course a lot of code has historically been abandoned, but AI seems to be exacerbating this lack of commitment. In a short post published last month, developer Mike Yerou explained the problem plainly: “The barrier to shipping software has collapsed. With AI code generation, any fleeting idea can become a reality almost instantly. But there’s a catch: software that is created fast is often abandoned fast.”

That may be partly because we are less invested in code we didn’t write, but also because lower-quality AI-generated code is genuinely hard to maintain. One anecdotal case study from early 2026 involved a developer called Pooja Rana who, after spending 225 hours managing and debugging AI-generated code, mass-deleted the entire output and rewrote it by hand.

There are broadly three things going on here. First, we simply aren’t as invested in code we didn’t write ourselves. Second, AI-generated code – at least when produced lazily – is hard to maintain. And third, AI-generated code is quietly breaking the economic model on which open-source software rests.

Your inbox, upgraded.

Receive weekly engineering insights to level up your leadership approach.

The numbers are not reassuring

GitHub’s Octoverse 2025 report recorded 36 million new developers joining the platform in the past year, with 230 new repositories created every minute. Over 4.3 million AI-related repositories now exist on the platform, representing a 178% year-on-year jump in LLM-focused projects alone. Some 80% of new developers on GitHub use Copilot in their first week.

A lot of the resulting code will be abandoned.

The 2026 Open Source Security and Risk Analysis (OSSRA) report from Black Duck, based on analysis of 947 commercial codebases across 17 industries, provides the most authoritative data we currently have on the state of open-source maintenance. 

Its findings are grim. A staggering 93% of codebases contained components with no development activity in the last two years. Only 7% of components in the audited codebases are running the latest available version, and 41% are ten or more versions behind. Black Duck calls this the ‘zombie component’ problem: software that appears functional, is actively relied on, but effectively unmaintained. This maintenance debt creates compounding security risk. When a vulnerability is discovered in a project that hasn’t been touched in years, there is often no maintainer left to fix it.

AI is making all of this worse

In other words, abandoned projects don’t disappear. They persist as dependencies inside codebases that others rely on. Before AI, the rate of abandonment was broadly matched by the community’s capacity to notice, flag, and fork. What’s changed is the volume, and the fact that AI workflows reduce the human activity, such as documentation reading, forum questions and  pull request engagement, that previously acted as an early warning system.

Documentation has always been under-valued, with technical writers chronically underpaid. But now there is a perverse idea that AI can write the documentation. Which it can – badly. AI is also speeding up the breaking of the economic model on which open source depends.

A pre-print paper published in January 2026 by economists Koren, Békés, Hinz, and Lohmann, titled Vibe Coding Kills Open Source, models the consequences. The paper’s central finding is that under traditional OSS business models, widespread AI-assisted development undermines the open-source ecosystem’s ability to sustain itself,  even as it produces more software than ever before.

Traditional open-source development follows a documented engagement loop: a developer downloads a package, reads documentation, encounters a problem, asks a question on a public forum, and sometimes contributes a fix. That activity generates the visibility through which maintainers earn their private returns – reputation, consulting leads, documentation traffic, paid enterprise add-ons, and so on.

AI-assisted workflows short-circuit the loop. Agents select and assemble packages without engaging with documentation or forums. The Tailwind CSS case featured in the paper illustrates this. In a January 2026 GitHub comment, Tailwind CSS creator Adam Wathan reported that despite its enduring popularity, Tailwind CSS’ documentation traffic had decreased by around 40% since early 2023, and revenue was down almost 80%. “Together, these patterns suggest that AI mediation can divert interaction away from the surfaces where OSS projects monetize and recruit contributors,” the paper’s authors write.

Stack Overflow saw the same dynamic at scale: research published in PNAS Nexus in 2024 found that within six months of ChatGPT’s release, Stack Overflow activity dropped by around 25%. By May 2025, Gergely Orosz suggested that Stack Overflow was almost dead, as overall traffic had declined sharply.

The result is a growing asymmetry: automated tools make it trivially easy to submit code, bug reports, and pull requests, while review and validation remain costly, manual, and time-consuming. Daniel Stenberg, creator of curl, has tracked what he calls “AI slop” submissions to his project: two in 2023, six in 2024, and 37 in 2025. “We still have not seen a single valid security report done with AI help,” he wrote on LinkedIn.

Keeley Hammond, a longtime maintainer of Electron, described receiving twice as many proposals in 2025, with a significant portion being AI-generated noise. “It’s frustrating when you know some contributors put real thought into theirs,” she said on GitHub’s podcast.

It is worth being pragmatic about the connection between AI-generated abandonware and the systems engineering teams rely on today.

I wrote about what’s gone wrong at GitHub after the platform suffered 257 incidents between May 2025 and April 2026, including 48 major outages. The same explosion of AI-generated code that is straining GitHub’s infrastructure is also filling its repositories with projects that will never be maintained. GitHub is simultaneously the surface on which agentic workflows run and the archive where their output accumulates.

What this means for you

Before choosing a library, tool, or framework, engineering leaders need to evaluate not just the code but the people and organizations sustaining them. That means looking at commit history, not just star count. It means checking whether documentation traffic and community engagement are growing or declining. And it means ascertaining whether a project has a bus factor of one – and if that one person is drowning under a deluge of AI-generated pull requests.

The OSSRA data is a useful starting point: if 93% of codebases contain zombie components, the odds are high that yours does too. An audit of your dependency tree, mapped against recent development activity, is not a pleasant exercise, but it is necessary. Tools like Nexus Lifecycle, Snyk, and Dependabot can surface stale and vulnerable dependencies; the difficult decision is what to do about them.

There is also a question of internal culture. If your engineers are using AI to generate contributions to open-source projects without meaningful human review before submission, they are participating in the degradation of infrastructure that your organization almost certainly depends on. That is worth naming explicitly in engineering standards and code review policies.

The broader structural problem – that the open-source ecosystem’s sustainability model is being eroded by AI in ways that may not be visible until something critical fails – is not one that any individual organization can solve. But engineering leaders can advocate for sustainability, contribute financially to projects they depend on, and make the case internally that open-source health is not someone else’s problem.

The optimistic reading at this point is that AI has democratized software creation, lowered barriers to entry, and enabled people who previously couldn’t build software to do so. That is true, however most of what is being built will not exist in useful form in two years because the people who created it will have moved on.

When everyone can build, the scarce resource is maintainers. That scarcity was already real before AI made it worse. The question now is whether the industry will treat it as the infrastructure problem it is, or wait for the next Log4j to remind us.

LDX3 London 2026 agenda is live - See who is in the lineup

LondonJune 2 & 3, 2026

Last few weeks left. Secure your spot soon!