The Ladybird browser project announced it will stop accepting public pull requests, limiting code contributions to project maintainers only. This change affects the independent browser initiative as it approaches its first alpha release. The project cited evolving development needs and security considerations as driving factors.

AI tools have fundamentally altered how open source projects evaluate contributions. Where a substantial patch once signaled genuine effort and trust, automated assistance now makes large code submissions cheap and fast to produce. This shift undermines traditional methods for identifying reliable contributors through their work.

For browsers specifically, this presents heightened security risks. Since browsers execute untrusted internet content on user machines, a single disguised vulnerability could compromise entire systems. The team has observed targeted campaigns where bad actors earned maintainer trust before exploiting it, and AI has accelerated these efforts.

Ladybird will close all existing open pull requests immediately, with no alternative submission pathways for external code. While the source code remains publicly available under an open license, the contribution model now requires direct maintainer involvement. Bug reporting, testing, and technical feedback from the community continue to support the project.