Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: Is GitHub preparing to go behind a login wall?
50 points by reconnecting 19 hours ago | hide | past | favorite | 35 comments
From time to time, I check that our open-source project is still available to all users, and I've occasionally noticed that the stargazers (1) information returns a 404 for non-logged-in users.

I assume they're preparing to follow the LinkedIn model by making access available to registered users only.

Have you noticed that GitHub has started blocking access to certain functions/pages for users without an account?

1. https://github.com/tirrenotechnologies/tirreno/stargazers

 help



I don't have an immediate direct source but read yesterday GitHub stars are being "obfuscated" because they're being scraped to spam popular projects -- or something similar.

Edit found the link [0], do not believe it mentions reason but links github blog

From Github [1]: > These endpoints and views currently expose public lists of stargazers and watchers, and this information has increasingly been misused to collect user data for spam activities which negatively impacts user experience and platform trust.

[0]: https://www.star-history.com/blog/github-stargazer-api-restr...

[1] https://github.blog/changelog/2026-06-30-upcoming-access-res...


I think it’s been functionally login-only for a while, unfortunately.

Any time I try to use the site while logged out I immediately hit all sorts of rate limits and spam prevention measures. Issues and pull requests stop loading almost immediately. Searches are extremely restricted, like i think literally one search is all you get sometimes unless you login.

It’s hard to tell how much of this is intentional and how much is GitHub infra not being stable. My daily renovate bot that looks for updates for specific packages times out and encounters errors almost every time it runs and it’s barely doing anything. And it has an api key. I know I’m not hitting limits, some queries just don’t work >50% of the time on some repos.

Sometimes I see there are 200 issues, I click the issues tab, and there are zero. Is GitHub down? Am I rate limited? Do I just need to login? Or I know an issue/PR exists, and it just doesn’t appear when I search for the title or keywords verbatim. I just manually bookmark or subscribe to any important issue or PR now because the UI can’t be trusted anymore.


> Any time I try to use the site while logged out I immediately hit all sorts of rate limits and spam prevention measures.

When this started happening to me I realized that I can't rely on Github as infrastructure anymore. I now vendor all the repos I need.

Self-hosted forges like Forgejo make it pretty easy to mirror repos so you have everything locally. You don't get issues though.


> like i think literally one search is all you get sometimes unless you login

Lucky you - search never seems to work for me anonymously, and even when logged in the search isn't great.


The whole GitHub infra is cracking under the AI-boom's increased load. This can very well be just another symptom of the same thing.

Don't buy the BS about them being overwhelmed by AI code when they've also had terrible vibe-coded feature rollouts repeatedly break the site and are trying to rapidly increase their feature surface to kill off competing test runners and review managers. Maybe github, if well managed, would struggle in the current day - but it simply isn't.

I self-host my own code forge (a gitea instance) and I've mirrored a couple of large repositories on it. The traffic from AI crawlers was bringing my entire server to its knees. As soon as I put the large repos behind a login, my server's CPU usage dropped to ~5%. I don't doubt for a second that github is under a torrential downpour of AI crawler traffic. Those locusts destroy everything they touch.

Fine for my closed source stuff, but my open source work is specifically meant to be viewable, even by non-technical people doing recruitment or looking over my portfolio.

I've put up with a lot of stuff, but this would be my personal last straw.


On top of the that now most of the open source contributers are assholes. they are insulting people as well.

It just pisses me off bro like from every angle ai is trying to fuck us.

If you need to just offer free access to your open source repo, gitea is a nice alternative and super easy to self host. Github also has the community, which you lose, true, but it depends on what matters more to you. I can help you setup gitea really fast if you're interested

I think this would push even more small to medium sized busineses towards self hosting which I would love to see

Some parts of the website are explicitly login-only, yes. I sometimes tend to follow link to gh from my mail on phone where I'm not logged in and found that e.g. you can't see any CI results without logging in.

With AI and all the new projects/forks/updates, github is one busy place.

I wasn't browsing /trending on github until I started using AI, wanting to see what cool projects people are working on.


Advanced Search doesn't work unless you're logged in, but it's been like that for at least a year.

It’s been like that since very beginning.

I mean, I'm guilty too. Claude code scrapes everything in sight whenever I search for something.

I've written a small tool to query Github to see if a particular feature has been released for an open source project. I had to use an API token to not get immediately blocked. But I don't think rate limits are new for Github.


I can't even access that link with an account.

It basically already is. You can’t use the search logged out and my agent can’t fetch issue comments.

Hard to say, the only people who know are those internal to MS and GH and know, or who have told others. You have copies of your repos in other systems, yeah? Have a plan you don't need rather than need a plan you don't have.

Ask HN: What alternatives to GitHub are you using? - https://news.ycombinator.com/item?id=44876289 - August 2025 (97 comments)


Codeberg constantly returns this just because I use an outdated Safari: 'If you are an AI scraper and wish to not receive garbage when visiting Codeberg: stop visiting. If you are not an AI scraper: contact Codeberg.'

Perhaps https://tangled.sh/ or a https://forgejo.org/ instance is an option?

The question is rather whether GitHub is no longer an option, or will stop being one soon.

One should always assume a vendor could vanish at any time, or your access to your data at the vendor. To assume this is a cheap mitigation against potential sadness.

At a minimum, you should be keeping hot copies of all contents of your repos currently hosted at Github, code, issues, etc. This could be in another svn system, or archive blobs in object storage you have full control over and can hydrate as needed into operating svn systems.

(risk management is my day gig)


I believe so. I cannot view any repository from my phone. It asks me to log in first.

It's the new scraping tax. The delicate balance of the open web is completely broken right now because platforms are getting hammered by bots. Sometimes i wonder how long before the entire internet ends up behind a mandatory login or a paywall just to protect server bandwidth?

I really appreciate that HN still just uses temporary rate limits. You get the occasional "sorry" text, but as soon as traffic drops or your IP changes, you can read without logging in.

I wish more platforms stuck to temporary rate limits instead of building permanent walled gardens.


that is github.com you are referring to, would pulling public repos the curl -fsSL way need to be authenticated?

Depends on what you mean by login wall. They are, technically, behind a login/auth wall as you can only make 60 requests to their API per hour. Scrapping these days is extremely challenging as defenses do in-depth checks on your browser to make sure you are a "real" person.

Looking at how much work GitLab has to do due to abuse of being open, I don't blame anyone for wanting to make that change.

GitHub specifically put out a changelog about the stargazers API endpoint to restrict open access because of its use for spam and abuse. I believe this is more about user data than code. Obviously restricting public access to Git would be a different tier.

Fine so far with closed source

AI ruined everything. They have to protect "their" code.

Just to nitpick, requiring a free account is substantially different from a paywall.

Agreed, changed paywall to a login wall instead.

No, it is pretty much the same, both means agreeing to a contract.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: