Re: "in over half a million software repositories"
Yes. Reminds me of the Astrolabe / timezone database fracas not so long ago. Normally, you'd expect losing a single server, with no fault tolerance, run by one bloke as a hobby in his spare time to be no big deal.
However, you then add someone's free library wrapper on his service and world + dog taking same "as is" without even looking at how it worked. The end result being that the number of critical services that were dependant on the server was, frankly, terrifying.
This is something the free software / open source types really need to get a grip on. When you find something out there that does what you need, open it up, look at how it works, make sure you understand it and all its dependancies and that the whole shebang is suitable for your use before thinking of using it.
 ...and yes, all too often it does turn out to be turtles all the way down.