A 19,000‑Line PR Sparks Node.js Community Petition to Ban AI‑Generated Code

On March 18, former Node.js TSC member Fedor Indutny posted a petition on GitHub urging the TSC to reject the proposal allowing AI‑assisted development and to forbid core code rewritten by large language models (LLMs). More than 80 developers have signed the petition publicly, with an additional 58 anonymous supporters on change.org, including notable figures such as Kyle Simpson, Andrew Kelley, and Blaine Bublitz.

What triggered the controversy

On January 22, core contributor Matteo Collina submitted PR #61478 to add a built‑in virtual file system module ( node:vfs) to Node.js, a feature that would enable in‑memory file systems, single‑executable (SEA) resource access, and better test isolation.

"I've used a significant amount of Claude Code tokens to create this PR. I've reviewed all changes myself." 我使用了大量的 Claude Code token 来创建这个 PR。所有改动我都亲自审查过了。

The PR contains roughly 19,000 lines of code generated with AI. A Hacker News user estimated that a thorough manual review would require about 90 work days. The PR attracted 274 up‑votes and 252 comments on Hacker News.

Petition’s four main arguments

1. DCO compliance is questionable. Node.js contributors must sign the Developer's Certificate of Origin, asserting that code is authored by them or derived from properly licensed sources. The petition argues that AI‑generated code blurs authorship and raises licensing uncertainties, despite OpenJS legal counsel’s view that LLM assistance does not violate the DCO.

2. Ethical concerns. The training data for mainstream LLMs includes large amounts of copyrighted works and open‑source code used without explicit permission, a point that is especially sensitive in the open‑source community.

3. Loss of educational value. Code review in open‑source projects serves both quality assurance and contributor learning. AI‑generated patches bypass the learning process, depriving newcomers of skill development.

4. Privilege barrier. Access to LLMs often requires paid subscriptions or high‑end hardware. Requiring reviewers to replicate AI‑generated changes would impose a financial barrier on contributors.

Community split

Supporters of the petition argue that Node.js powers millions of servers and every line of core code should be carefully crafted and understood. They fear a flood of AI‑generated contributions that human reviewers cannot realistically absorb.

Opponents view the petition as overreacting. They note that the PR has been open for over two months, examined by multiple experts, and that code quality—not generation method—should be the deciding factor. They also point out the difficulty of reliably distinguishing AI‑written from human‑written code.

Matteo Collina himself raised the broader question on the OpenJS Foundation issue tracker: "Should AI‑assisted development be allowed?" indicating a desire for community consensus.

Technical controversy of the PR itself

Beyond the AI origin, the VFS PR faces technical criticism. Contributor Joyee Cheung says the design ignores real‑world use‑case data collected four years earlier. Stephen Belanger raises safety concerns about the mount() API, warning that unrestricted path hijacking could be exploited.

The most pointed critique concerns the module loader rewrite. Joyee Cheung warns that merging the PR would introduce a third, divergent module loader alongside the existing two, dramatically increasing maintenance burden. She suggests either reusing existing code or gating the new loader behind a runtime flag.

After more than two months of revisions, Collina has substantially trimmed the implementation, but the PR remains open and unmerged.

Observations

The dispute is not simply about whether AI code is "good". While Collina is a top‑level developer capable of reviewing the changes, the sheer volume of AI‑generated code creates a real review burden.

The petition’s concerns are valid, yet a blanket ban may be impractical. AI‑assisted programming is an industry trend; a more realistic approach could involve clear rules—such as requiring AI‑generated PRs to be broken into smaller, well‑documented units and ensuring human reviewers understand every line.

In the PR’s comment thread, another core contributor, Stephen Belanger, shared his own VFS experiment code, openly acknowledging extensive LLM assistance, showing that AI assistance is already common within the core team, though consensus on acceptable levels is still lacking.

Overall, the Node.js community is confronting a profound question about open‑source collaboration in the AI era: how to adapt contribution guidelines, review processes, and trust mechanisms when AI can produce months‑worth of code in hours.