| ▲ | MattSayar 5 hours ago | |
I like simonw's take that open source should be more valuable [0] >An interesting result of this is that open source libraries become more valuable, since the tokens spent securing them can be shared across all of their users. This directly counters the idea that the low cost of vibe-coding up a replacement for an open source library makes those open source projects less attractive. I can understand why the reflexive move to fork the code and move it in-house, but how sustainable will that be when eng teams have MORE code to manage and mitigate vulnerabilities for? [0] https://simonwillison.net/2026/Apr/14/cybersecurity-proof-of... | ||
| ▲ | alephnerd 2 hours ago | parent [-] | |
I agree. The reflexive move is by a specific F50 that has the size, internal controls, headcount, and liability risk that they are taking such an approach. Most other places will continue to use OSS, but much more locked down access to third party dependencies will be granted. I personally think it'll be a great time to be in the AppSec and SBOM validation space. | ||