The hardest fork (chainguard.dev) AI

In “The hardest fork,” Chainguard CEO Dan Lorenc argues that AI-enabled security research and supply-chain attacks make the current open-source vulnerability disclosure and patching system inadequate at scale, especially given broken incentives and limited maintainer capacity. He proposes a two-part approach: Plan A coordinated disclosure routed by a trusted organization, and Plan B a “maintainer of last resort” that centralizes and maintains trusted upstream forks when patches don’t arrive. He frames the choice as three scenarios—do nothing, decentralized chaotic forking, or a deliberate “hard fork” to build new trust infrastructure for open-source consumption.