Simon Willison — 2026-05-17#

Highlight#

The NHS recently decided to close its open-source repositories in response to AI-discovered vulnerabilities, but the UK Government Digital Service (GDS) is publicly pushing back. Simon highlights this rare public clash between UK civil service branches over the critical issue of AI security and open-source by-default policies.

Posts#

GDS weighs in on the NHS’s decision to retreat from Open Source · Source Simon points to Terence Eden’s continued coverage of the NHS’s poorly considered decision to lock down access to open-source repositories following vulnerabilities flagged by Project Glasswing. The UK Government Digital Service (GDS) has stepped in with a new publication on AI and open code, strongly recommending that public sector code remain “open by default” because closing everything adds delivery costs and reduces both code reuse and scrutiny. Terence Eden observes that this public disagreement—described as a frosty “meeting without biscuits”—represents a major escalation within the civil service over how to handle open-source security in the age of AI.

Project Pulse#

Today’s update steps away from developer tooling to focus entirely on the broader implications of open-source policy and AI security in the public sector.

Categories: Blogs, AI, Tech
Tags: Open Source, Security, AI, Gov-Uk
Backward 2026-05-18 2026-05-16 Forward