Earlier today Ariya Hidayat announced that he is archiving PhantomJS and suspending development
[github.com] due to the lack of active contribution.
PhantomJS version 2.1.1 will remain the last known stable release until further notice.
To keep the source repository in a sane situation:
* the master branch will be preserved under the new bleeding-edge branch.
* after that, the master branch will be restored back to the approximate state of v2.1.1
That way, if anyone wants to improve PhantomJS for their own usages (internal fork, in-house patches), the master branch can still serve as a good baseline. It can still be built from source and it will still work on macOS, Linux, and Windows.
Once the project is archived, no new issue can be filed. However, feel free to use the mailing-list to post questions and discuss any relevant topics.
For those who aren't familiar with PhantomJS it is a scriptable headless browser built on WebKit, released in January 2011, that was the first popular 'off the shelf' human browsing mimicking scraper and attacker - along with it's occasional non-dark side usage.
As mainstream browsers officially added headless capabilities (Chrome v59 for Linux, MacOS, v60 for Windows; FF v55 for Linux, v56 for OSX, Windows) I've seen site stats usage of PhantomJS decrease significantly. Whether these releases have had anything to do with the decrease in PhantomJS contribution I don't know.
Note: Google has been pushing headless Chrome quite hard for automated testing and server environments where you don't need a visible UI shell
Note: Google has been checking websites via headless browser since at least 2009.
I do remember the sudden flood of bot behaving 'browsers' (yes, many/most early adapters were over eager) were a serious pita until identified and defences updated.
Disclaimer: I use a headless browser for both internal and external (including referrers) link checking.
[webmasterworld.com] back in 29-October-2013 that mentions several of the new attack vectors including PhantomJS.