GitHub and Wikipedia Quietly Losing Institutional Trust
Two separate HN threads today about critical open-source infrastructure showing signs of institutional decay. The GitHub thread described a platform being 'swallowed by Microsoft bureaucracy and thoroughly digested,' with talent and leadership fleeing. The Wikimedia Foundation Community Tech team disbandment thread was more concrete: engineers were laid off, the team that serves Wikipedia's developer community is gone. These are not the same kind of story, but they rhyme.
The Megalodon GitHub CI workflow backdooring thread added a security dimension. The attack surface of GitHub Actions workflows is real and underappreciated. The Internet Archive being blocked by news outlets adds a third data point: the infrastructure of collective knowledge, whether code hosting, web archiving, or collaborative encyclopedias, is under simultaneous pressure from different directions.
The Freenet peer-to-peer decentralized app platform post and the 'It is time to build a new internet' thread are responses to exactly this. Neither is close to production-ready as an alternative, but the fact that both surfaced on the same day HN was discussing GitHub's decline is not a coincidence.
So what?
If your build and deployment pipeline runs on GitHub Actions, the Megalodon CI backdoor story is a concrete security action item: audit your workflow files and third-party action dependencies now. More broadly, any product that treats GitHub, the Internet Archive, or Wikipedia as permanent infrastructure should build contingency into its architecture.
Read these
GitHub faces a fight for its survival at Microsoft
Wikimedia Foundation Community Tech team has been disbanded, engineers laid off
Megalodon: Mass GitHub Repo Backdooring via CI Workflows
Show HN: Freenet, a peer-to-peer platform for decentralized apps
It is time to build a new internet
News outlets are limiting the Internet Archive’s access to their journalism