Latest

Dev weekly digest: The week npm caught fire

TanStack's npm supply-chain compromise and Next.js's 13-CVE security release dominated the week, but Rolldown 1.0, Node.js 26.1 with experimental FFI, Bun 1.3.14's built-in image processing, and Expo SDK 56 Beta show the tooling layer kept moving underneath.

AI weekly digest: Capacity crunch, mega launches, and an industry rewiring itself

A week dominated by infrastructure: Anthropic leased compute from xAI to fix a capacity crunch, OpenAI weighed suing Apple, Cerebras popped 107% on IPO, Nvidia hit $40B in AI bets, Thinking Machines dropped a 276B realtime model, and Opus 4.7 Fast landed in Claude Code.

Dev weekly digest: Remix leaves React, Node 26 ships Temporal

Remix 3 drops React for its own component model. Node 26 ships Temporal and an experimental FFI. Rolldown 1.0 hits stable, Astro previews v7, Chrome ships on-device AI and Mozilla pushes back. Plus Metro 1.0 for Kotlin DI, EAS Gradle caching, and a malicious npm package squatting on TanStack.

AI weekly digest: Anthropic crosses $1T while OpenAI's voice learns to reason

Anthropic took over xAI's Colossus 1 in a ~$5B/yr deal, doubled Claude Code limits, and crossed a reported $1T valuation. OpenAI shipped GPT-Realtime-2 and put Codex inside Chrome. DeepMind's AI co-mathematician posted 48% on FrontierMath Tier 4 — and proved a thesis-grade result.

Dev weekly digest: TypeScript goes Go, pnpm 11 goes SQLite, Zed goes 1.0

TypeScript 7.0 Beta lands with a Go-based compiler that's ~10x faster, pnpm 11 ships SQLite-backed installs and supply-chain protection by default, and Zed 1.0 finally arrives after five years. Plus a Node 26 slip, a React Compiler Rust port at Meta, and an Xcode 26 deadline that already kicked in.

AI weekly digest: Funding peaks, model launches, and the agent stack hardens

Anthropic eyes a $900B valuation, SpaceX dangles a $60B option on Cursor, and GPT-5.5, Grok 4.3, DeepSeek-V4 and Kimi K2.6 all ship in the same week. Plus: Claude Security beta, Anthropic's agent security framework, and Google opens TPU sales.

AI weekly digest: The race breaks into a sprint

GPT-5.5, Claude Mythos withheld for safety, Gemini 3.1 Ultra with 2M context, Gemma 4 open-source, Google's new TPUs, Arcee's 400B model, EU targets ChatGPT under DSA, 73K tech layoffs, NY RAISE Act, and Hinton's UN warning.

Dev weekly digest: Copilot grounded, npm under siege, and the toolchain keeps getting faster

GitHub freezes Copilot signups over agentic AI costs, axios npm compromise steals dev secrets, TypeScript 6.0 ships as the last JS-based compiler, Vite 8 goes 10-30x faster with Rolldown, Compose 1.11 adds Grid API, and CSS gets native mixins.

Dev weekly digest: RSC goes rogue, MDN dumps React, and GitHub finally stacks PRs

TanStack ships experimental RSC, a critical React DoS vulnerability forces emergency patches, MDN rebuilds without React, GitHub launches stacked PRs, and Bun gets a built-in headless browser.

AI weekly digest: The Model Wars Escalate

Opus 4.7 tops benchmarks, OpenAI open-sources gpt-oss-120b, GPT-Rosalind targets drug discovery, Gemma 4 launches under Apache 2.0, and the Mythos saga pulls in the White House. The biggest model-drop week of 2026.

Dev weekly digest: Supply chains under siege, animations unchained, and Cloudflare takes on WordPress

North Korean hackers hit Axios and hunt more npm maintainers. React Native 0.85 ships a shared animation backend. Cloudflare launches EmDash, a TypeScript CMS taking on WordPress. Google proposes JSIR to reshape JS tooling. Plus MUI 9, Turborepo 2.9, and HTML lazy media.

AI weekly digest: The Model Too Dangerous to Ship

Anthropic revealed Claude Mythos Preview but won't ship it — too good at finding zero-days. Meta launched Muse Spark, Z.ai open-sourced a 744B coding model under MIT, and OpenAI added a $100 ChatGPT tier.

How I built a typing trainer that practices what you actually mistype

Most typing trainers give you random words. KeyDown tracks the specific character sequences where you make mistakes and generates practice text weighted toward those weak spots. Here's how the adaptive engine works under the hood.

Two hooks that fixed how I handle server state in React

A stable callback ref and a three-way state fallback. Two small custom hooks I extracted from a typing trainer app to stop fighting React's render cycle.