





















When Microsoft announced it was acquiring GitHub in a $7.5 billion deal in 2018, developers were nervous. Some were concerned about Microsoft controlling GitHub, and others were taking a wait-and-see approach. Nearly eight years later, GitHub is now fighting for its survival, amid a surge of outages, security issues, and pressure from competitors.
In the last few weeks alone, GitHub had multiple major outages, a remote code execution vulnerability disclosure, and its internal code repositories hacked due to a “poisoned” VS Code extension on an employee’s device. I’ve spoken to current and former GitHub employees who all paint a picture of a company that is struggling with a lack of leadership and pressure from competitors.
A lot of GitHub’s current struggles can be traced back to last summer. Former GitHub CEO Thomas Dohmke resigned and triggered a big shakeup to the way GitHub operates under Microsoft control. Microsoft didn’t replace Dohmke’s CEO position, so the rest of GitHub’s leadership team had to report directly to Microsoft’s CoreAI team instead. GitHub employees, who refer to themselves as Hubbers, have struggled to adapt after being proudly independent for so long.
The CoreAI team that GitHub operates under is led by former Meta engineering chief Jay Parikh, who Microsoft CEO Satya Nadella personally recruited last year to help with the company’s AI transformation. Sources tell me Parikh isn’t well-liked by Microsoft employees and that it was his decision not to appoint a new GitHub CEO.
Since Dohmke’s departure, there’s been an ongoing talent drain at GitHub. Some GitHub employees have followed Dohmke to his Entire startup, a new developer platform that looks like it will compete directly with GitHub. Out of the 30 employees listed at Entire, at least 11 of them used to work at GitHub.
In addition to worrying about upstarts like Entire, Parikh is reportedly concerned about the threat of competition from Cursor and Claude Code. While GitHub Copilot had an early lead in the AI coding wars, it has fallen behind rivals over the past year or so. The Information reported earlier this week that Parikh has privately warned colleagues that GitHub “faces a critical threat.” Microsoft had also reportedly considered acquiring Cursor in recent months to help close the GitHub Copilot gap. I reported last week that Microsoft is canceling many of its own Claude Code licenses in an effort to get its developers to help improve GitHub Copilot.
Microsoft will need top talent to fend off the competition, yet leadership shakeups and departures in recent months haven’t slowed. Veteran Microsoft executive Julia Liuson announced her departure from Microsoft last month after 34 years at the company. GitHub previously reported to Liuson before the formation of CoreAI last year, and she was responsible for overseeing GitHub revenue, engineering, and support after Dohmke’s departure.
Jared Palmer, who only just joined GitHub in October as a senior vice president, is already leaving for a job at Xbox as VP of engineering and a technical adviser to Xbox CEO Asha Sharma. The new Xbox chief has hired a bunch of former Microsoft CoreAI executives, who seem to be more than eager to get out from under the leadership of Parikh.
Elizabeth Pemmerl, GitHub’s former chief revenue officer, also announced her resignation last month. Dan Stein, former head of software and digital platforms for Microsoft Customer and Partner Solutions (MCAPS), was appointed as new chief revenue officer for GitHub. With GitHub’s revenue now reporting into MCAPS and product work split into Microsoft’s Developer Division, some inside GitHub feel like there’s no leadership team anymore.
“There’s basically no more GitHub at all anymore,” one GitHub employee told me last month. “It’s all Microsoft, and the company is collapsing, both in outages that are reallllly bad and have torched the company reputation… and in an exodus of leadership.”
The outages have been particularly bad over the past year, to the point where GitHub CTO Vladimir Fedorov had to personally apologize for the latest incidents last month. Fedorov admitted that GitHub was struggling with a huge growth spike in recent years, thanks to an increase in pull requests, commits, and new repos. “Our priorities are clear: availability first, then capacity, then new features,” said Fedorov. “We are reducing unnecessary work, improving caching, isolating critical services, removing single points of failure, and moving performance-sensitive paths into systems designed for these workloads.”
Fedorov only joined GitHub a year ago, after previously spending nearly eight years at Microsoft and more than 12 years at Facebook in various senior engineering roles. The outages come amid GitHub’s ongoing migration to Azure servers, a project that Fedorov kicked off months after joining GitHub to try and address struggles with data center capacity. I warned at the time that the migration could lead to outages along the way, due to the complex MySQL clusters that GitHub manages.
The ensuing outages have angered developers inside and outside Microsoft. “GitHub is failing me, every single day, and it is personal,” wrote Ghostty terminal developer Mitchell Hashimoto last month. “I want it to be better, but I also want to code. And I can’t code with GitHub anymore. I’m sorry. After 18 years, I’ve got to go.” Ghostty is now leaving GitHub.
While the outages are driving some developers away, GitHub is also struggling with security issues. GitHub rushed to fix a critical vulnerability in less than six hours in March, after Wiz Research used AI models to uncover a vulnerability in GitHub’s internal git infrastructure that could have allowed attackers to access millions of public and private code repositories.
Earlier this week, 3,800 internal GitHub code repositories were breached after one of its employees installed a malicious VS Code extension. One Microsoft employee tells me that VS Code often asks to install new extensions, and extensions with hundreds of thousands of installs have previously been pulled from the VS Code Marketplace after users were infected with cryptomining tools.
GitHub also faces a backlash against its move to usage-based billing for its GitHub Copilot AI coding tool. Every Copilot plan will include a monthly allotment of GitHub AI credits next month, with an option for subscribers to purchase additional usage. Developers can currently experiment and not worry about the costs involved, as GitHub just moves them to a less capable AI model once limits are reached. The new system means GitHub Copilot users will be cut off unless they pay for more credits.
The pressure is now well and truly on Parikh and the CoreAI leadership team that are responsible for the future of GitHub. The race is on for competitors to build the next GitHub and take advantage of Microsoft’s struggles. If Microsoft’s CoreAI team can’t meet the moment, there’s a very real danger that Microsoft continues to lose the very “developers, developers, developers” that helped turn it into a software giant.
I’m always keen to hear from readers, so please drop a comment here, or you can reach me at notepad@theverge.com if you want to discuss anything else. If you’ve heard about any of Microsoft’s secret projects, you can reach me via email at notepad@theverge.com or speak to me confidentially on the Signal messaging app, where I’m tomwarren.01. I’m also tomwarren on Telegram, if you’d prefer to chat there.
Thanks for subscribing to Notepad.
Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。