June 5, 2026
PR Panic at the Browser Disco
Changing How We Develop Ladybird
Ladybird shuts the front door on outside code and fans are split between panic and shrugs
TLDR: Ladybird says only its maintainers can add code now, arguing AI has made outside submissions too easy to fake and too risky for a browser used by real people. Commenters are torn between calling it necessary security and declaring the whole project’s community spirit dead.
Open-source browser project Ladybird just dropped a very spicy update: it will no longer accept public pull requests, meaning outside developers can’t directly send in code changes anymore. Only project maintainers — the core people already in charge — can add code from now on. The official reason is serious: Ladybird says artificial intelligence has made it much harder to tell whether a polished contribution reflects real trust, real responsibility, or a potential security problem waiting to explode. And because browsers handle the whole messy internet on your computer, the team says one sneaky bad change could be catastrophic.
But the real fireworks were in the reactions. One commenter went full funeral mode with “I feel like the project just died,” which is about as dramatic as a community can get without posting a black-and-white candle photo. Others were more resigned, calling it sad but understandable — basically, nobody likes this, but maybe nobody sees a better option either. One especially sharp comment said the new fear is people using AI to “gain trust through plausible contributions,” which instantly gave the whole debate a thriller-villain vibe.
There was also a side quest into “is this the future now?” territory, with one person noting that Zig is moving this way too, while another demanded stricter identity checks on coding accounts, arguing this should have happened even before the AI boom. The mood? A mix of heartbreak, grim realism, and that classic internet flavor of “well, this is why we can’t have nice things.”
Key Points
- •Ladybird will no longer accept public pull requests; only project maintainers will be able to introduce code changes.
- •The project says the change is tied to its transition toward a first alpha release and the need for a tighter development and security process.
- •Ladybird argues that AI tools have weakened the traditional trust signal associated with substantial external pull requests.
- •The project says browser security requires stricter accountability because browsers process untrusted internet content on users’ machines.
- •Ladybird will close all currently open public pull requests and will not provide alternative patch-submission channels, while continuing to accept non-code contributions such as bug reports and security reports.