The Foundation that pro­motes the Zig pro­gram­ming lan­guage has quit GitHub due to what its lead­er­ship per­ceives as the code shar­ing site’s de­cline.

The drama be­gan in April 2025 when GitHub user AlekseiNikiforovIBM started a thread ti­tled “safe_sleep.sh rarely hangs in­def­i­nitely.” GitHub ad­dressed the prob­lem in August, but did­n’t re­veal that in the thread, which re­mained open un­til Monday.

The code uses 100 per­cent CPU all the time, and will run for­ever

That tim­ing ap­pears no­table. Last week, Andrew Kelly, pres­i­dent and lead de­vel­oper of the Zig Software Foundation, an­nounced that the Zig pro­ject is mov­ing to Codeberg, a non-profit git host­ing ser­vice, be­cause GitHub no longer demon­strates com­mit­ment to en­gi­neer­ing ex­cel­lence.

One piece of ev­i­dence he of­fered for that as­sess­ment was the “safe_sleep.sh rarely hangs in­def­i­nitely” thread.

“Most im­por­tantly, Actions has in­ex­cus­able bugs while be­ing com­pletely ne­glected,” Kelly wrote. “After the CEO of GitHub said to ‘embrace AI or get out’, it seems the lack­eys at Microsoft took the hint, be­cause GitHub Actions started ‘vibe-scheduling’ — choos­ing jobs to run seem­ingly at ran­dom. Combined with other bugs and in­abil­ity to man­u­ally in­ter­vene, this causes our CI sys­tem to get so backed up that not even mas­ter branch com­mits get checked.”

Kelly’s gripe seems jus­ti­fied, as the bug dis­cussed in the thread ap­pears to have popped up fol­low­ing a code change in February 2022 that users flagged in prior bug re­ports.

The code change re­placed in­stances of the posix “sleep” com­mand with a “safe_sleep” script that failed to work as ad­ver­tised. It was sup­posed to al­low the GitHub Actions run­ner — the ap­pli­ca­tion that runs a job from a GitHub Actions work­flow — to pause ex­e­cu­tion safely.

“The bug in this ‘safe sleep’ script is ob­vi­ous from look­ing at it: if the process is not sched­uled for the one-sec­ond in­ter­val in which the loop would re­turn (due to $SECONDS hav­ing the cor­rect value), then it sim­ply spins for­ever,” wrote Zig core de­vel­oper Matthew Lugg in a com­ment ap­pended to the April bug thread.

“That can eas­ily hap­pen on a CI ma­chine un­der ex­treme load. When this hap­pens, it’s pretty bad: it com­pletely breaks a run­ner un­til man­ual in­ter­ven­tion. On Zig’s CI run­ner ma­chines, we ob­served mul­ti­ple of these processes which had been run­ning for hun­dreds of hours, silently tak­ing down two run­ner ser­vices for weeks.”

The fix was merged on August 20, 2025, from a sep­a­rate is­sue opened back in February 2024. The re­lated bug re­port from April 2025 re­mained open un­til Monday, December 1, 2025. A sep­a­rate CPU us­age bug re­mains un­re­solved.

Jeremy Howard, co-founder of Answer. AI and Fast.AI, said in a se­ries of so­cial me­dia posts that users’ claims about GitHub Actions be­ing in a poor state of re­pair ap­pear to be jus­ti­fied.

“The bug,” he wrote, “was im­ple­mented in a way that, very ob­vi­ously to nearly any­one at first glance, uses 100 per­cent CPU all the time, and will run for­ever un­less the task hap­pens to check the time dur­ing the cor­rect sec­ond.”

I can’t see how such an ex­tra­or­di­nary col­lec­tion of out­right face-palm­ing events could be made

He added that the plat­form-in­de­pen­dent fix for the CPU is­sue pro­posed last February lin­gered for a year with­out re­view and was closed by the GitHub bot in March 2025 be­fore be­ing re­vived and merged.

“Whilst one could say that this is just one iso­lated in­ci­dent, I can’t see how such an ex­tra­or­di­nary col­lec­tion of out­right face-palm­ing events could be made in any rea­son­ably func­tion­ing or­ga­ni­za­tion,” Howard con­cluded.

GitHub did not im­me­di­ately re­spond to a re­quest for com­ment.

While Kelly has gone on to apol­o­gize for the in­cen­di­ary na­ture of his post, Zig is not the only soft­ware pro­ject pub­licly part­ing ways with GitHub.

Over the week­end, Rodrigo Arias Mallo, cre­ator of the Dillo browser pro­ject, said he’s plan­ning to move away from GitHub ow­ing to con­cerns about over-re­liance on JavaScript, GitHub’s abil­ity to deny ser­vice, de­clin­ing us­abil­ity, in­ad­e­quate mod­er­a­tion tools, and “over-focusing on LLMs and gen­er­a­tive AI, which are de­stroy­ing the open web (or what re­mains of it) among other prob­lems.”

Codeberg, for its part, has dou­bled its sup­port­ing mem­ber­ship since January, go­ing from more than 600 mem­bers to over 1,200 as of last week.

GitHub has not dis­closed how many of its users pay for its ser­vices presently. The code host­ing biz had “over 1.3 mil­lion paid GitHub Copilot sub­scribers, up 30 per­cent quar­ter-over-quar­ter,” Microsoft CEO Satya Nadella said on the com­pa­ny’s Q2 2024 earn­ings call.

In Q4 2024, when GitHub re­ported an an­nual rev­enue run rate of $2 bil­lion, GitHub Copilot sub­scrip­tions ac­counted for about 40 per­cent of the com­pa­ny’s an­nual rev­enue growth.

Nadella of­fered a dif­fer­ent fig­ure dur­ing Microsoft’s Q3 2025 earn­ings call: “we now have over 15 mil­lion GitHub Copilot users, up over 4X year-over-year.” It’s not clear how many GitHub users pay for Copilot, or for run­ner scripts that burned CPU cy­cles when they should have been sleep­ing. ®

Ghostty is now fis­cally spon­sored by Hack Club, a reg­is­tered 501(c)(3) non-profit.

Fiscal spon­sor­ship is a le­gal and fi­nan­cial arrange­ment in which a rec­og­nized non-profit ex­tends its tax-ex­empt sta­tus to a pro­ject that aligns with its mis­sion. This al­lows Ghostty to op­er­ate as a char­i­ta­ble ini­tia­tive while Hack Club man­ages com­pli­ance, do­na­tions, ac­count­ing, and gov­er­nance over­sight.

Being non-profit clearly demon­strates our com­mit­ment to keep­ing Ghostty free and open source for every­one. It paves the way for a model for sus­tain­able de­vel­op­ment be­yond my per­sonal in­volve­ment. And it also pro­vides im­por­tant le­gal pro­tec­tions and as­sur­ances to the peo­ple and com­mu­ni­ties that adopt and use Ghostty.

Since the be­gin­ning of the pro­ject in 2023 and the pri­vate beta days of Ghostty, I’ve re­peat­edly ex­pressed my in­ten­tion that Ghostty legally be­come a non-profit. This in­ten­tion stems from sev­eral core be­liefs I have.

First, I want to lay bricks for a sus­tain­able fu­ture for Ghostty that does­n’t de­pend on my per­sonal in­volve­ment tech­ni­cally or fi­nan­cially. Financially, I am still the largest donor to the pro­ject, and I in­tend to re­main so, but a non-profit struc­ture al­lows oth­ers to con­tribute fi­nan­cially with­out fear of mis­ap­pro­pri­a­tion or mis­use of funds (as pro­tected by le­gal re­quire­ments and over­sight from the fis­cal spon­sor).

Second, I want to squelch any pos­si­ble con­cerns about a

“rug pull”. A non-profit struc­ture pro­vides en­force­able as­sur­ances: the mis­sion can­not be qui­etly changed, funds can­not be di­verted to pri­vate ben­e­fit, and the pro­ject can­not be sold off or re­pur­posed for com­mer­cial gain. The struc­ture legally binds Ghostty to the pub­lic-ben­e­fit pur­pose it was cre­ated to serve.

Finally, de­spite be­ing decades-old tech­nol­ogy, ter­mi­nals and ter­mi­nal-re­lated tech­nolo­gies re­main foun­da­tional to mod­ern com­put­ing and soft­ware in­fra­struc­ture. They’re of­ten out of the lime­light, but they’re ever pre­sent on de­vel­oper ma­chines, em­bed­ded in IDEs, vis­i­ble as read-only con­soles for con­tin­u­ous in­te­gra­tion and cloud ser­vices, and still one of the pri­mary ways re­mote ac­cess is done on servers around the world.

I be­lieve in­fra­struc­ture of this kind should be stew­arded by a mis­sion-dri­ven,

non-com­mer­cial en­tity that pri­or­i­tizes pub­lic ben­e­fit over pri­vate profit.

That struc­ture in­creases trust, en­cour­ages adop­tion, and cre­ates the con­di­tions for Ghostty to grow into a widely used and im­pact­ful piece of open-source in­fra­struc­ture.

From a tech­ni­cal per­spec­tive, noth­ing changes for Ghostty. Our tech­ni­cal goals for the pro­ject re­main the same, the li­cense (MIT) re­mains the same, and we con­tinue our work to­wards bet­ter Ghostty GUI re­leases and

libghostty.

Financially, Ghostty can now ac­cept tax-de­ductible do­na­tions in the United States. This opens up new av­enues for fund­ing the pro­ject and sus­tain­ing de­vel­op­ment over the long term. Most im­me­di­ately, I’m ex­cited to be­gin

com­pen­sat­ing con­trib­u­tors, but I also in­tend to sup­port up­stream de­pen­den­cies, fund com­mu­nity events, and pay for bor­ing op­er­a­tional costs.

All our fi­nan­cial trans­ac­tions will be trans­par­ent down to in­di­vid­ual trans­ac­tions for both in­flows and out­flows. You can view our pub­lic ledger at Ghostty’s page on Hack Club Bank. At the time of writ­ing, this is empty, but you’ll soon see some ini­tial fund­ing from me and the be­gin­ning of pay­ing for some of our op­er­a­tional costs.

All ap­plic­a­ble names, marks, and in­tel­lec­tual prop­erty as­so­ci­ated with Ghostty have been trans­ferred to Hack Club and are now owned un­der the non-profit um­brella. Copyright con­tin­ues to be held by in­di­vid­ual con­trib­u­tors un­der the con­tin­ued and ex­ist­ing li­cense struc­ture.

From a lead­er­ship per­spec­tive, I re­main the pro­ject lead and fi­nal au­thor­ity on all de­ci­sions, but as stated ear­lier, the cre­ation of a non-profit struc­ture lays the ground­work for an even­tual fu­ture be­yond this model.

As our fis­cal spon­sor, Hack Club pro­vides es­sen­tial ser­vices to Ghostty, in­clud­ing ac­count­ing, le­gal com­pli­ance, and gov­er­nance over­sight. To sup­port this, 7% of all do­na­tions to Ghostty go to Hack Club to cover these costs in ad­di­tion to sup­port­ing their broader mis­sion of em­pow­er­ing young peo­ple around the world in­ter­ested in tech­nol­ogy and cod­ing.

In the words of Zach Latta, Hack Club’s founder and ex­ec­u­tive di­rec­tor this is a “good-for-good” trade. Instead of donor fees go­ing to a for-profit man­age­ment com­pany or cov­er­ing pure over­head of a sin­gle pro­ject, the fees go to an­other non-profit do­ing im­por­tant work in the tech com­mu­nity and the over­head is amor­tized across many pro­jects.

In ad­di­tion to the 7% fees, my fam­ily is per­son­ally do­nat­ing $150,000

di­rectly to the Hack Club pro­ject1 (not to Ghostty within it). Hack Club does amaz­ing work and I would’ve sup­ported them re­gard­less of their fis­cal spon­sor­ship of Ghostty, but I wanted to pair these two things to­gether to am­plify the im­pact of both.

Please con­sider do­nat­ing to sup­port Ghostty’s con­tin­ued de­vel­op­ment.

I rec­og­nize that Ghostty is al­ready in an ab­nor­mally for­tu­nate po­si­tion to have my­self as a backer, but I do en­vi­sion a fu­ture where Ghostty is more equally sup­ported by a broader com­mu­nity. And with our new struc­ture, you can be as­sured about the us­age of your funds

to­wards pub­lic-ben­e­fit goals.

This post is­n’t meant to di­rectly be a fundrais­ing pitch

so it is pur­posely lack­ing crit­i­cal de­tails about our fund­ing goals, bud­get, pro­ject goals, pro­ject met­rics, etc. I’ll work on those in the fu­ture. In the mean time, if you’re in­ter­ested in talk­ing more about sup­port­ing Ghostty, please email me at m@mitchellh.com.

I’m thank­ful for Hack Club and their team for work­ing with us to make this hap­pen. I’m also thank­ful for the Ghostty com­mu­nity who has sup­ported this pro­ject and has trusted me and con­tin­ues to trust me to stew­ard it re­spon­si­bly.

For more in­for­ma­tion about Ghostty’s non-profit struc­ture, see the

ded­i­cated page on Ghostty’s web­site.

About Us

PIN Talk: Driving un­der the in­flu­ence and road safety, Ljubljana 8 December / PIN pogovor: Vožnja pod vplivom alko­hola ali drog in varnost prometa,  Ljubljana, 8. de­cem­ber 2025

Experts in lead­ing med­ical jour­nal con­demn the rise of SUVs, cit­ing crit­i­cal pub­lic health and safety risks

Accepting US car stan­dards would risk European lives, warn cities and civil so­ci­ety

EU of­fi­cials must re­visit the hastily agreed trade deal with the US, where the EU stated that it “intends to ac­cept” lower US ve­hi­cle stan­dards, say cities — in­clud­ing Paris, Brussels and Amsterdam, and more than 75 civil so­ci­ety or­gan­i­sa­tions. In a let­ter to European law­mak­ers, the sig­na­to­ries warn that align­ing European stan­dards with laxer rules in the US would un­der­mine the EU’s global lead­er­ship in road safety, pub­lic health, cli­mate pol­icy and com­pet­i­tive­ness.

The deal agreed over sum­mer states that “with re­spect to au­to­mo­biles, the United States and the European Union in­tend to ac­cept and pro­vide mu­tual recog­ni­tion to each oth­er’s stan­dards.” Yet, EU ve­hi­cle safety reg­u­la­tions have sup­ported a 36% re­duc­tion in European road deaths since 2010. By con­trast, road deaths in the US over the same pe­riod in­creased 30%, with pedes­trian deaths up 80% and cy­clist deaths up 50%.

Europe cur­rently has manda­tory re­quire­ments for life-sav­ing tech­nolo­gies, such as pedes­trian pro­tec­tion, au­to­mated emer­gency brak­ing and lane-keep­ing as­sis­tance. Some of the most ba­sic pedes­trian pro­tec­tion re­quire­ments which have long been in place in the EU, such as de­for­ma­tion zones in the front of ve­hi­cles to re­duce crash sever­ity and the pro­hi­bi­tion of sharp edges have made cars like the Tesla Cybertruck il­le­gal to sell in Europe.

“Europe built its rep­u­ta­tion on pi­o­neer­ing ro­bust ve­hi­cle stan­dards. To ac­cept lower US stan­dards would undo decades of EU progress,” say the sig­na­to­ries. According to the let­ter “the con­se­quences of such a move for European road safety would be pro­found.“

The EU is set to ap­ply lim­its to harm­ful pol­lu­tion from brake and tyre wear from 2026 on­wards, while at the same time the US is mov­ing to weaken air pol­lu­tion rules for ve­hi­cles. Accepting weaker US stan­dards would in­crease European ex­po­sure to pol­lu­tants linked to asthma, can­cer and nu­mer­ous car­dio­vas­cu­lar and neu­ro­log­i­cal con­di­tions, warn the sig­na­to­ries.

Major EU brands such as BMW, Mercedes and Stellantis al­ready build large num­bers of ve­hi­cles in US au­to­mo­tive plants to EU stan­dards — par­tic­u­larly larger SUVs. However, if the lower US ve­hi­cle stan­dards are ac­cepted in Europe, these pro­duc­tion lines could pro­duce ve­hi­cles to these US lower stan­dards, be­fore ship­ping these ve­hi­cles to the EU. Overall, ve­hi­cle pro­duc­tion would shift from the EU to the US. To ac­cept lower US car stan­dards would risk large-scale job losses in EU car plants and across Europe’s au­to­mo­tive sup­ply chain.

The European Commission is al­ready work­ing to tighten Individual Vehicle Approval (IVA), which is be­ing abused to put thou­sands of over­sized US pick-up trucks on EU streets with­out com­ply­ing with core EU safety, air pol­lu­tion and cli­mate stan­dards. To now ac­cept lower US ve­hi­cle stan­dards across the board would open the flood­gates to US pick-ups and large SUVs.

The sig­na­to­ries urge EU law­mak­ers to op­pose the in­ten­tion to ac­cept lower US ve­hi­cle stan­dards in the EU–US Joint Statement and af­firm pub­licly that EU ve­hi­cle stan­dards are non-ne­go­tiable.

2025 10 20 Civil so­ci­ety + city let­ter on risk of EU ac­cept­ing lower US car stan­dards (FINAL)Download

This web­site does not use cook­ies but cer­tain pages use em­bed­ded con­tent from ex­ter­nal ser­vices in­clud­ing YouTube, Twitter, Google Sheets, MailChimp and Infogram which may track your us­age. If you con­tinue to use this site, you give your con­sent to this. You can find more in­for­ma­tion on our pri­vacy pol­icy page.

We thank com­ments from Sumit Agarwal, Ron Kaniel, Roni Michaely, Lyndon Moore, Antoinette Schoar, and sem­i­nar/​con­fer­ence par­tic­i­pants at the Chinese University of Hong Kong, Columbia Business School, Deakin University, Macquarie University, Peking University (HSBC and Guanghua), Shanghai Lixin University of Accounting and Finance, Tsinghua University, University of Sydney, University of Technology Sydney, 2023 Australasian Finance and Banking Conference, 2023 Finance Down Under, and 2023 Five Star Workshop in Finance for their help­ful com­ments. We thank Lei Chen, Jingru Pan, Yiyun Yan, Zitong Zeng, and Tianyue Zheng for their ex­cel­lent re­search as­sis­tance. The views ex­pressed herein are those of the au­thors and do not nec­es­sar­ily re­flect the views of the National Bureau of Economic Research.

I grabbed lunch with a for­mer Microsoft coworker I’ve al­ways ad­mired—one of those en­gi­neers who can take any idea, even a mediocre one, and im­me­di­ately find the gold in it. I wanted her take on Wanderfugl 🐦, the AI-powered map I’ve been build­ing full-time. I ex­pected en­cour­age­ment. At worst, overly gen­er­ous feed­back be­cause she knows what I’ve sac­ri­ficed.

Instead, she re­acted to it with a level of neg­a­tiv­ity I’d never seen her di­rect at me be­fore.

When I fi­nally got her to ex­plain what was wrong, none of it had any­thing to do with what I built. She talked about Copilot 365. And Microsoft AI. And every mis­er­able AI tool she’s forced to use at work. My prod­uct barely fea­tured. Her re­ac­tion was­n’t about me at all. It was about her en­tire en­vi­ron­ment.

Her PM had been laid off months ear­lier. The team asked why. Their di­rec­tor told them it was be­cause the PM org “wasn’t ef­fec­tive enough at us­ing Copilot 365.”

I ner­vously laughed. This di­rec­tor got up in a group meet­ing and said that some­one lost their job over this?

After a pause I tried to share how much bet­ter I’ve been feel­ing—how AI tools helped me learn faster, how much they ac­cel­er­ated my work on Wanderfugl. I did­n’t fully grok how tone deaf I was be­ing though. She’s drown­ing in re­sent­ment.

I left the lunch de­flated and weirdly guilty, like build­ing an AI prod­uct made me part of the prob­lem.

But then I re­al­ized this was big­ger than one con­ver­sa­tion. Every time I shared Wanderfugl with a Seattle en­gi­neer, I got the same re­flex­ive, crit­i­cal, neg­a­tive re­sponse. This was­n’t true in Bali, Tokyo, Paris, or San Francisco—people were cu­ri­ous, en­gaged, wanted to un­der­stand what I was build­ing. But in Seattle? Instant hos­til­ity the mo­ment they heard “AI.”

The peo­ple at big tech in Seattle are not ok

When I joined Microsoft, there was still a sense of pos­si­bil­ity. Satya was push­ing “growth mind­set” every­where. Leaders talked about em­pow­er­ment and break­ing down si­los. And even though there was al­ways a gap be­tween the slo­gans and re­al­ity, there was room to try things.

I leaned into it. I pushed into ar­eas no­body wanted to touch, like Windows up­date com­pres­sion, be­cause it lived awk­wardly across three teams. Somehow, a 40% im­prove­ment made it out alive. Leadership backed it. The peo­ple try­ing to kill it shrank back into their fief­doms. It felt like the cul­ture wanted change.

That world is gone.

When the lay­off di­rec­tive hit, every org braced for im­pact. Anything not strictly in­side the org’s char­ter was axed. I went from ship­ping a ma­jor im­prove­ment in Windows 11 to hav­ing zero pro­jects overnight. I quit shortly af­ter. In hind­sight, get­ting laid off with sev­er­ance might’ve been bet­ter than watch­ing the cul­ture col­lapse in slow mo­tion.

Then came the AI panic.

If you could clas­sify your pro­ject as “AI,” you were safe and pres­ti­gious. If you could­n’t, you were no­body. Overnight, most en­gi­neers got re­branded as “not AI tal­ent.” And then came the fi­nal in­sult: every­one was forced to use Microsoft’s AI tools whether they worked or not.

Copilot for Word. Copilot for PowerPoint. Copilot for email. Copilot for code. Worse than the tools they re­placed. Worse than com­peti­tors’ tools. Sometimes worse than do­ing the work man­u­ally.

But you weren’t al­lowed to fix them—that was the AI org’s turf. You were sup­posed to use them, fail to see pro­duc­tiv­ity gains, and keep quiet.

Meanwhile, AI teams be­came a pro­tected class. Everyone else saw comp stag­nate, stock re­fresh­ers evap­o­rate, and per­for­mance re­views tank. And if your team failed to meet ex­pec­ta­tions? Clearly you weren’t “embracing AI.”

Bring up AI in a Seattle cof­fee shop now and peo­ple re­act like you’re ad­vo­cat­ing as­bestos.

Amazon folks are slightly more in­su­lated, but not by much. The old Seattle deal—Ama­zon treats you poorly but pays you more—only masks the rot.

This be­lief sys­tem—that AI is use­less and that you’re not good enough to work on it any­way—hurts three groups:

1. The com­pa­nies.

They’ve taught their best en­gi­neers that in­no­va­tion is­n’t their job.

2. The en­gi­neers.

They’re stuck in re­sent­ment and self-doubt while their ca­reers stall.

3. Anyone try­ing to build any­thing new in Seattle.

Say “AI” and peo­ple treat you like a threat or an id­iot.

And the loop feeds it­self:

Engineers don’t try be­cause they think they can’t.

Companies don’t em­power them be­cause they as­sume they should­n’t.

Bad prod­ucts re­in­force the be­lief that AI is doomed.

The spi­ral locks in.

My for­mer coworker—the com­pos­ite of three peo­ple for anonymity—now be­lieves she’s both un­qual­i­fied for AI work and that AI is­n’t worth do­ing any­way. She’s wrong on both counts, but the cul­ture made sure she’d land there.

Seattle has tal­ent as good as any­where. But in San Francisco, peo­ple still be­lieve they can change the world—so some­times they ac­tu­ally do.

is a se­nior ed­i­tor and found­ing mem­ber of The Verge who cov­ers gad­gets, games, and toys. He spent 15 years edit­ing the likes of CNET, Gizmodo, and Engadget.

is a se­nior ed­i­tor and found­ing mem­ber of The Verge who cov­ers gad­gets, games, and toys. He spent 15 years edit­ing the likes of CNET, Gizmodo, and Engadget.

The game it­self is a Windows ex­e­cutable, right? At a core level, the Linux op­er­at­ing sys­tem does not even know how to load the pro­gram, and so, in­stead of in­vok­ing it through the OS, you in­voke it through Proton, which is go­ing to do the first step of set­ting up the ad­dress space, load­ing the seg­ments of code into mem­ory. The code com­ing from the app is all x86, and so Proton is a fa­cil­i­ta­tor. It puts the ex­ist­ing code of the app in a for­mat and a lay­out that the Linux OS can un­der­stand and then starts ex­e­cut­ing that code.

Update: This post re­ceived a large amount of at­ten­tion on Hacker News — see the dis­cus­sion thread.

Initial Contact: Upon dis­cov­er­ing this vul­ner­a­bil­ity on October 27, 2025, I im­me­di­ately reached out to Filevine’s se­cu­rity team via email.

November 4, 2025: Filevine’s se­cu­rity team thanked me for the writeup and con­firmed they would re­view the vul­ner­a­bil­ity and fix it quickly.

November 20, 2025: I fol­lowed up to con­firm the patch was in place from my end, and in­formed them of my in­ten­tion to write a tech­ni­cal blog post.

November 21, 2025: Filevine con­firmed the is­sue was re­solved and thanked me for re­spon­si­bly re­port­ing it.

The Filevine team was re­spon­sive, pro­fes­sional, and took the find­ings se­ri­ously through­out the dis­clo­sure process. They ac­knowl­edged the sever­ity, worked to re­me­di­ate the is­sues, al­lowed re­spon­si­ble dis­clo­sure, and main­tained clear com­mu­ni­ca­tion. This is an­other great ex­am­ple of how or­ga­ni­za­tions should han­dle se­cu­rity dis­clo­sures.

AI le­gal-tech com­pa­nies are ex­plod­ing in value, and Filevine, now val­ued at over a bil­lion dol­lars, is one of the fastest-grow­ing plat­forms in the space. Law firms feed tools like this enor­mous amounts of highly con­fi­den­tial in­for­ma­tion.

Because I’d re­cently been work­ing with Yale Law School on a re­lated pro­ject, I de­cided to take a closer look at how Filevine han­dles data se­cu­rity. What I dis­cov­ered should con­cern every le­gal pro­fes­sional us­ing AI sys­tems to­day.

When I first nav­i­gated to the site to see how it worked, it seemed that I needed to be part of a law firm to ac­tu­ally play around with the tool­ing, or re­quest an of­fi­cial demo. However, I know that com­pa­nies of­ten have a demo en­vi­ron­ment that is open, so I used a tech­nique called sub­do­main enu­mer­a­tion (which I had first heard about in Gal Nagli’s ar­ti­cle last year) to see if there was a demo en­vi­ron­ment. I found some­thing much more in­ter­est­ing in­stead.

I saw a sub­do­main called mar­go­lis.filevine.com. When I nav­i­gated to that site, I was greeted with a load­ing page that never re­solved:

I wanted to see what was ac­tu­ally load­ing, so I opened Chrome’s de­vel­oper tools, but saw no Fetch/XHR re­quests (the re­quest you of­ten ex­pect to see if a page is load­ing data). Then, I de­cided to dig through some of the Javascript files to see if I could fig­ure out what was sup­posed to be hap­pen­ing. I saw a snip­pet in a JS file like POST await fetch(${BOX_SER­VICE}/​rec­om­mend). This piqued my in­ter­est — rec­om­mend what? And what is the BOX_SERVICE? That vari­able was not de­fined in the JS file the fetch would be called from, but (after look­ing through mini­fied code, which SUCKS to do) I found it in an­other one: “dxxxxxx9.ex­e­cute-api.us-west-2.ama­zon­aws.com/​prod”. Now I had a new end­point to test, I just had to fig­ure out the cor­rect pay­load struc­ture to it. After look­ing at more mini­fied js to de­ter­mine the cor­rect struc­ture for this end­point, I was able to con­struct a work­ing pay­load to /prod/recommend:

(the name could be any­thing of course). No au­tho­riza­tion to­kens needed, and I was greeted with the re­sponse:

At first I did­n’t en­tirely un­der­stand the im­pact of what I saw. No mat­ter the name of the pro­ject I passed in, I was rec­om­mended the same box­Fold­ers and could­n’t seem to ac­cess any files. Then, not re­al­iz­ing I stum­bled upon some­thing mas­sive, I turned my at­ten­tion to the box­To­ken in the re­sponse.

After read­ing some doc­u­men­ta­tion on the Box Api, I re­al­ized this was a max­i­mum ac­cess fully scoped ad­min to­ken to the en­tire Box filesys­tem (like an in­ter­nal shared Google Drive) of this law firm. This in­cludes all con­fi­den­tial files, logs, user in­for­ma­tion, etc. Once I was able to prove this had an im­pact (by search­ing for “confidential” and get­ting nearly 100k re­sults back)

I im­me­di­ately stopped test­ing and re­spon­si­bly dis­closed this to Filevine. They re­sponded quickly and pro­fes­sion­ally and re­me­di­ated this is­sue.

If some­one had ma­li­cious in­tent, they would have been able to ex­tract every sin­gle file used by Margolis lawyers — count­less data pro­tected by HIPAA and other le­gal stan­dards, in­ter­nal memos/​pay­rolls, lit­er­ally mil­lions of the most sen­si­tive doc­u­ments this law firm has in their pos­ses­sion. Documents pro­tected by court or­ders! This could have been a real night­mare for both the law firm and the clients whose data would have been ex­posed.

To com­pa­nies who feel pres­sure to rush into the AI craze in their in­dus­try — be care­ful! Always en­sure the com­pa­nies you are giv­ing your most sen­si­tive in­for­ma­tion to se­cure that data.

More se­vere the more the re­mote (logically and phys­i­cally) an at­tacker can be in or­der to ex­ploit the vul­ner­a­bil­ity.

More se­vere for the least com­plex at­tacks.

More se­vere if no priv­i­leges are re­quired.

More se­vere when no user in­ter­ac­tion is re­quired.

More se­vere when a scope change oc­curs, e.g. one vul­ner­a­ble com­po­nent im­pacts re­sources in com­po­nents be­yond its se­cu­rity scope.

More se­vere when loss of data con­fi­den­tial­ity is high­est, mea­sur­ing the level of data ac­cess avail­able to an unau­tho­rized user.

More se­vere when loss of data in­tegrity is the high­est, mea­sur­ing the con­se­quence of data mod­i­fi­ca­tion pos­si­ble by an unau­tho­rized user.

Skip to con­tent

Secure your code as you build

We read every piece of feed­back, and take your in­put very se­ri­ously.

Include my email ad­dress so I can be con­tacted

Use saved searches to fil­ter your re­sults more quickly

To see all avail­able qual­i­fiers, see our doc­u­men­ta­tion.

Sign up

You signed in with an­other tab or win­dow. Reload to re­fresh your ses­sion.

You signed out in an­other tab or win­dow. Reload to re­fresh your ses­sion.

You switched ac­counts on an­other tab or win­dow. Reload to re­fresh your ses­sion.

Notifications

You must be signed in to change no­ti­fi­ca­tion set­tings

There was an er­ror while load­ing. .

+**This pro­ject is cur­rently un­der main­te­nance and is not ac­cept­ing new changes.**+- The code­base is in a main­te­nance-only state+- No new fea­tures, en­hance­ments, or pull re­quests will be ac­cepted+- Critical se­cu­rity fixes may be eval­u­ated on a case-by-case ba­sis+- Existing is­sues and pull re­quests will not be ac­tively re­viewed+For en­ter­prise sup­port and ac­tively main­tained ver­sions, please see [MinIO AIStor](https://​www.min.io/​prod­uct/​ais­tor).

You can’t per­form that ac­tion at this time.

It’s no sur­prise to see mod­ern AAA games oc­cu­py­ing hun­dreds of gi­ga­bytes of stor­age these days, es­pe­cially if you are gam­ing on a PC. But some­how, Arrowhead Game Studios, the de­vel­op­ers be­hind the pop­u­lar co-op shooter Helldivers 2, have man­aged to sub­stan­tially cut the game’s size by 85%.

As per a re­cent post on Steam, this re­duc­tion was made pos­si­ble with sup­port from Nixxes Software, best known for de­vel­op­ing high-qual­ity PC ports of Sony’s biggest PlayStation ti­tles. The de­vel­op­ers were able to achieve this by de-du­pli­cat­ing game data, which re­sulted in bring­ing the size down from ~154GB to just ~23GB, sav­ing a mas­sive ~131GB of stor­age space.

Originally, the game’s large in­stall size was at­trib­uted to op­ti­miza­tion for me­chan­i­cal hard dri­ves since du­pli­cat­ing data is used to re­duce load­ing times on older stor­age me­dia. However, it turns out that Arrowhead’s es­ti­mates for load times on HDDs, based on in­dus­try data, were in­cor­rect.

With their lat­est data mea­sure­ments spe­cific to the game, the de­vel­op­ers have con­firmed the small num­ber of play­ers (11% last week) us­ing me­chan­i­cal hard dri­ves will wit­ness mis­sion load times in­crease by only a few sec­onds in worst cases. Additionally, the post reads, “the ma­jor­ity of the load­ing time in Helldivers 2 is due to level-gen­er­a­tion rather than as­set load­ing. This level gen­er­a­tion hap­pens in par­al­lel with load­ing as­sets from the disk and so is the main de­ter­min­ing fac­tor of the load­ing time.”

This is a promis­ing de­vel­op­ment and a nudge to other game de­vel­op­ers to take some notes and po­ten­tially make an ef­fort in sav­ing pre­cious stor­age space for PC gamers.

One can ac­cess the ‘slim’ ver­sion of Helldivers 2 by opt­ing in to the lat­est beta up­date via Steam, which is said to func­tion­ally of­fer the same ex­pe­ri­ence as the legacy ver­sions, apart from its smaller in­stal­la­tion size. All pro­gres­sion, war con­tri­bu­tions, and pur­chases are also ex­pected to be car­ried over to the new slim ver­sion. There’s also the op­tion to opt out of the beta at any time in case there are any po­ten­tial is­sues.

Follow Tom’s Hardware on Google News, or add us as a pre­ferred source, to get our lat­est news, analy­sis, & re­views in your feeds.