unknown

A peer-reviewed CMU study (ICSE 2026) identified 6 million fake GitHub stars across 18,617 repositories using 301,000 accounts, with AI/LLM repos as the largest non-malicious category. Stars sell openly for $0.03–$0.85 each on dozens of platforms, and VCs explicitly use star counts as sourcing signals — Redpoint data shows the median seed-stage star count is 2,850, making fake stars an extraordinarily high-ROI investment for fundraising startups. An independent analysis of 20 repos found blockchain and some AI projects with 36–81% zero-follower stargazers and fork-to-star ratios 10x below organic baselines. The fork-to-star ratio emerges as the strongest simple detection heuristic: organic projects average 0.10–0.24, while manipulated repos often fall below 0.05. Legal exposure is real — the FTC's 2024 rule bans fake social influence metrics with $53,088-per-violation penalties, and SEC wire fraud precedents apply when inflated metrics deceive investors. GitHub's enforcement removes repos but leaves 57% of fake accounts intact, preserving the infrastructure for future campaigns.

Inside GitHub's Fake Star Economy

A safe space for developers interested in open source projects, articles, tips and useful coding tools.

OpenSouls

I have seen genuinely good projects with fewer stars and overhyped ones that aren’t actually that usable. Stars might just be a vanity metric at this point.

Nowadays, I don’t look on how many stars a repository has. Instead, I look at its contributions, release activity, project history, and most importantly whether it actually solves the problem I have.

We all knew this was happening to some degree. Turns out it’s to a crazy degree! 🤯

Feels like this is less about the specific tech and more about how we choose tradeoffs.
The interesting part is what we give up that we don’t immediately notice.

Proud to say that my library vue-stripe/vue-stripe’s 1000+ stars are all organic. I watched it grew little by little in more than 8 years.