Hi folks,

This week’s lead story looks at the race to build a GitHub alternative for the agentic era — with Cursor, GitLab, and Zed all taking aim at the pull request model that has defined software collaboration for nearly two decades.

Elsewhere, OpenAI launches a programme to patch vulnerabilities in widely used open source projects; the EU picks a winner to build its own frontier AI model in all 24 official languages; and the Linux Foundation wants to give AI agents a DNS-style identity.

As usual, feel free to reach out to me with any questions, tips, corrections, or suggestions: forkable[at]pm.me.

Paul

<Open issue>

GitHub built the pull request, AI is breaking it.

GitHub has a problem it helped create. The platform that kickstarted the AI coding era with the launch of Copilot in 2021 is now struggling under the weight of what that era has produced — processing around 1.4 billion commits per month, up from 1 billion across all of 2025, with AI agents alone generating more than 17 million pull requests every month.

The cracks were already showing before the agent explosion. As Forkable reported in December, a stream of open-source projects — including the Zig programming language and the Naev space trading game — had been migrating away from GitHub, citing unreliable CI pipelines, corporate control concerns, and discomfort with the platform’s accelerating AI focus, with many heading to Forgejo-based hosts like Codeberg.

Brian Douglas, GitHub’s former director of developer advocacy who recently launched his own AI infrastructure startup, told me in a story for The New Stack that the agent era is deepening that alienation.

“Agents are quickly killing the will for doing open source,” Douglas said — his point being that as agents handle more of the writing and review, the human collaboration that made open-source culture what it is, is beginning to hollow out. “Right now, the velocity of projects being created is overwhelming GitHub, and engineers are not looking at the code,” he continued. “So if the goal is to put it in the cloud so agents are managing the code, I think that is absolutely an opportunity for disruption.”

Several companies are now taking that opportunity seriously. At a developer conference in San Francisco last week, Graphite co-founder Tomas Reimers — whose code review startup was acquired by Cursor in January — unveiled Origin, a Git-compatible code hosting platform rebuilt specifically for the scale and speed of agent-driven development. The same day, SpaceX announced it was acquiring Cursor for $60 billion.

Origin isn’t alone. At its Transcend conference in London the previous week, GitLab announced a private beta of “Next Generation Source Code Management” — preserving the Git protocol but overhauling the architecture underneath it, so agents can interrogate repositories without pulling down a full local copy, claiming up to 50 times faster task execution per agent. Notably, Anthropic is a design partner.

And Zed co-founder Nathan Sobo shone some light on DeltaDB, arguably the most radical of the three: rather than organising work around commits, it records every agent operation as a granular delta, linked back to the conversation that generated it. A beta is reportedly weeks away.

None of these products are in public hands yet. But the pull request — GitHub's signature contribution to how software gets built — was designed for a world where humans wrote code deliberately, one change at a time. That world is receding fast, and several well-funded teams are now betting GitHub that won't be the one to replace it.

Read more: The New Stack

<Patch notes>

Cursor swallows another open source project

Cursor’s been very busy! The company quietly acquired Continue, an open-source AI coding assistant with 34,000 GitHub stars. In truth, it seems it was more of an acqui-hire, with some of the talent heading over to Cursor, and the codebase being handed to the community.

Read more: The New Stack

OpenAI wants to patch the planet's open source bugs

OpenAI launched Patch the Planet, a programme built with security firm Trail of Bits that uses its GPT-5.5-Cyber model to find and fix vulnerabilities in widely used open source projects — including cURL, Python, and the Go project — with human experts reviewing findings before they reach maintainers.

Read more: OpenAI

Apple joins the open-source party

Swift Package Index, the community-built directory of Swift packages, has been acquired by Apple — bringing the open-source project under the official stewardship of the very company whose ecosystem it serves.

Read more: Swift Package Index

Linux Foundation wants to give AI agents a DNS-style identity

The Linux Foundation has announced the Agent Name Service, an open standard that extends the internet's existing DNS infrastructure to give AI agents verifiable identities — letting systems confirm who an agent represents, what it's allowed to do, and whether its code has been tampered with.

Read more: The Linux Foundation

GitHub joins open source coalition to push back on California's AI law

GitHub has joined Black Forest Labs, Hugging Face, and Mozilla in calling for amendments to California's AI Transparency Act, arguing that a provision requiring license revocation conflicts with how open-source licenses fundamentally work.

Read more: GitHub

OSI launches Open Source AI Fellowship at the UN

The Open Source Initiative (OSI) has announced a two-year fellowship, grounded in a partnership with Duke University and backed by Red Hat, AWS, Google, and Mozilla, to build research and consensus around what it actually means for an AI system to call itself open source.

Read more: OSI

Europe picks a winner to build its own open source frontier AI model

The European Commission has selected the EUROPA consortium, led by Italian company Domyn, to build a 400-billion-parameter open source AI model covering all 24 official EU languages — Europe's most concrete bid yet to compete at the frontier model layer, not just regulate it.

Read more: European Commission

New research maps how governments are building open source capability

Researchers at RISE Research Institutes of Sweden and OpenForum Europe have published a peer-reviewed study identifying six archetypes for how public sector organisations can structure Open Source Program Offices (OSPOs), based on interviews across 16 cases in EU countries.

Read more: Johan Linåker (LinkedIn) | ScienceDirect

<Final commit>

Shining a light on banned books

Security researcher Richard Osgood has turned a cheap WiFi-enabled smart lightbulb into what he calls a "cyberpunk digital dead drop" — a covert, offline library of banned books that anyone nearby can access simply by connecting to the open Wi-Fi network it broadcasts.

The idea is fairly low-tech: screw the bulb into a socket, leave it switched on, and it silently serves ebooks to anyone within range, no internet connection required.

Storage is tight — the bulb's 4MB flash chip, repartitioned to carve out 2MB for books, fits only a handful of EPUBs — but Osgood argues that constraint is almost the point.

"Each dead drop will be representative of the person who created it," he wrote.

The firmware erases stored Wi-Fi credentials on first boot, so a bulb can be installed in a public space without exposing anyone's home network. All the code is open source on Codeberg.

Read more: Tom’s Hardware | Richard Osgood | Codeberg