The NHS is preparing to close nearly all of its Open Source repositories.  Throughout my time working for the UK Government - in GDS, NHSX, i.AI, and others - I championed Open Source. I spoke to dozens of departments about it, wrote guidance still in use today, and briefed Ministers on why it was so important.  That's why I'm beyond disappointed at recent moves from NHS England to backtrack on…

Terence Eden

NHS England is preparing to close nearly all of its open source GitHub repositories, citing security concerns related to AI-powered vulnerability scanning tools like Mythos. A former UK government technologist who championed open source across GDS, NHSX, and i.AI argues this is a gross overreaction that contradicts multiple UK government policies mandating open source by default, including the Tech Code of Practice and NHS Service Standard. The author notes the code has already been indexed by AI tools, that closing repos won't prevent AI-based attacks on binaries or live services, and that the effort to close thousands of repos is enormous for no real security gain. A Freedom of Information request has been filed, all NHS repos have been backed up, and readers are urged to contact their MPs.

NHS Goes To War Against Open Source

<p>Closing repos won’t fix real security gaps—attackers go after live systems, not just code. Feels like energy spent hiding instead of actually hardening what matters.</p>
