GitHub

A developer reviewing a GitHub outage dashboard on a laptop, illustrating a code hosting single point of failure
Cloud Services

When the Code Host Becomes the Single Point of Failure

For eighteen years, Mitchell Hashimoto opened GitHub every single day. He built his career practically inside it, joked as a 20-year-old that maybe the company would hire him if his open-source project was good enough, and treated the platform the way most of us treat electricity — a utility so reliable it disappeared into the background. Then, in April 2026, he announced he was moving his terminal emulator project, Ghostty, off GitHub entirely. “I want to ship software and it doesn’t want me to ship software,” he wrote. That sentence, more than any ideological complaint, is the real story here — and it’s a story about infrastructure, not politics.

A security analyst reviewing vulnerability reports and advisory data on multiple screens
Data

When More Data Means More Work: Inside GitHub’s Vulnerability Curation Bottleneck

A security database does not slow down because something is broken. It slows down because every new report that arrives might be accurate, might be incomplete, or might contradict two other sources — and someone has to figure out which before any automated tool can act on it. That tension between volume and verification is exactly what GitHub’s Advisory Database ran into this spring, and the story is worth understanding not as a company hiccup but as a window into how security infrastructure actually works.

Scroll to Top