Not every story is about the model layer. Rust ships a release every six weeks; Adobe is rebuilding Photoshop around Firefly; Figma’s strategic grip on prototyping just cracked. We follow the tools developers and designers actually spend their day in — language features shipping without fanfare, IDE consolidation that reshapes who controls distribution, and the quieter platform moves that decide which stack you’ll be stuck with in 2027.
60 articles in this topic
AI-built interfaces all look the same: purple gradients, Inter, three icon cards in a row. Here's why the output converges, what it costs, and how developers break the pattern.
Cloudflare acquired VoidZero, Evan You's company behind Vite, Vitest, Rolldown and Oxc. The tools stay MIT-licensed, and there's a $1M ecosystem fund.
A widely shared breakdown explains why Linear feels instant: a local-first sync engine, optimistic UI, and an in-browser object cache. Here's the architecture, in plain terms.
Godot, Unity and Unreal get the headlines, but six open-source tools quietly do the art, levels, and dialogue work that real games ship on.
Levels.fyi has acquired TechPays, Gergely Orosz's European tech-salary project. Here's what's changing, what isn't, and what it means for engineers.
A disclosed VS Code zero-day lets one click on a malicious github.dev notebook steal a GitHub OAuth token with full read-write access to every private repo.
Microsoft's Coreutils for Windows brings native ls, cp, and grep to Windows, built on the Rust uutils project. Here's what it is and why the Rust rewrite matters.
GitHub wiped Nightmare-Eclipse's account on May 23 after weeks of unpatched Windows exploits. The ban reopened the oldest fight in security: who decides what research gets hosted?
Two of the most cautious C projects split on AI contributions in the same week. The real fight is over copyright provenance and who cleans up the slop.
Six dev-tooling and AI posts that climbed Hacker News in late May 2026: durable execution on plain Postgres, LLM code smells, a permission-fatigue game, Rust 1.96, and more.
Uber exhausted its full-year Claude Code budget by April. Adoption hit 84%, heavy users burn $2,000 a month, and COO Andrew Macdonald can't connect the spend to shipped features.
MySQL bug #11472 was filed in 2005: triggers never fired on foreign key cascade actions, silently breaking audit logs. MySQL 9.7 finally closes it via WL#17024.
Yufeng Gao and Rich Cini scanned Tim Paterson's 1981 assembler printouts. Microsoft pushed them to DOS-History/Paterson-Listings on April 28, the 45th anniversary.
Vivado 2026.1 introduces a five-tier licensing model. The free BASIC tier supports Windows only; Linux requires the paid CORE tier. FPGA hobbyists are pushing back.
Chromium Issue 1396278 went public on May 20 because Google's tracker auto-clears restrictions on stale closed bugs. The flaw, reported in 2022, was never fixed.
Cloudflare moved Browser Run off shared isolation infrastructure on May 13. The agentic-coding crowd gets four times the headless-Chrome ceiling and half the latency.
Mads Torgersen's union proposal landed in .NET 11 Preview 2 on April 2. C# 15 targets November 2026 and replaces the OneOf library hack the .NET community has been living with.
Internal Claude Code licenses end June 30, 2026, for Microsoft's Experiences + Devices group. Engineers move to GitHub Copilot CLI instead.
yt-dlp's maintainer bashonly says Bun's Rust rewrite 'has taken a turn towards being fully vibe-coded.' The supported window narrowed to four versions.
Forrest Chang turned Andrej Karpathy's January coding thread into a 70-line CLAUDE.md. It now has 110,000+ stars and has trended on GitHub for 28 weeks.
GitHub detected the intrusion on May 18 after a malicious VS Code extension compromised an employee's device. The attacker claims to have exfiltrated 3,800 internal repositories.
GitGuardian found a public CISA repo with 844 MB of secrets, including AWS GovCloud admin keys. The repo sat open for six months.
Joernchen of 0day.click found a deeplink RCE in Claude Code. Anthropic shipped the fix in 2.1.118 the same week.
Three Cloudflare engineers shipped panic and abort recovery into wasm-bindgen on April 22. A Rust Worker that panics now reinitialises on the next request.
Vasilios Syrakis spent eight years building Atlassian's Envoy control plane. After the March cuts, he posted a 40-minute walkthrough that hit 1.1M views.
Anthropic announced May 18 it acquired SDK generator Stainless, reportedly for over $300M. The same toolchain still powers OpenAI's, Google's, and Cloudflare's official clients.
OpenAI shipped Codex remote control inside the ChatGPT app for iPhone, iPad, and Android on May 14. Pair via QR; the agent runs on your laptop, the review moves to your phone.
Jarred Sumner merged the Bun-in-Rust PR on May 14, ending Zig as Bun's runtime language. Binary shrinks 3-8 MB; one analysis counted 13,000 unsafe blocks.
Obsidian launched Obsidian Community on May 12. The new directory replaces the GitHub plugin queue with automated reviews, and paid plugins are in for the first time.
Brian Chesky dropped the 60% figure on an earnings call without defining how Airbnb measures it. Google claims 75%. The independent average is 27%.
Attackers compromised 42 TanStack packages through a pull_request_target exploit, cache poisoning, and OIDC token theft. An external researcher caught it in 20 minutes.
CEO Bill Staples announced a restructuring he frames around agentic AI, retiring GitLab's six core values for three new operating principles. Exact layoff numbers come June 2.
The PS3 emulator project posted on X on May 10, citing 'AI slop' that has been clogging review. The hard line: ban-on-sight if you don't disclose.
Bun's creator used Claude to port the JavaScript runtime from Zig to Rust, hitting 99.8% test compatibility. He says there's a 'very high chance' it gets scrapped.
RedAccess found that AI coding tools like Lovable, Base44, and Replit default to public hosting, leaving medical records, bank internals, and corporate secrets indexed by Google.
Cloudflare laid off 20% of its workforce on May 7 while reporting record Q1 revenue of $639.8M. The stock dropped 18% after hours.
A two-line PR flipped the AI co-author flag from off to all in April. Hand-typed commits started getting Copilot attribution. The maintainer apologized and promised a fix in 1.119.
GitHub's new model multiplier table for Copilot Pro and Pro+ annual plans lands June 1. Opus 4.6 goes 3 to 27. Sonnet 4.6 goes 1 to 9.
The Playdate Catalog will no longer accept titles that use ChatGPT, Stable Diffusion, or Suno output for art, audio, text, or dialog. Existing titles get a label.
MIT-licensed at GitHub on April 28, the 86-DOS 1.00 kernel and PC-DOS development snapshots were OCR'd from 45-year-old assembler listings.
Andrey Letov shipped a native macOS Notepad++ port as a universal binary with the original Scintilla engine and a new Cocoa UI. It's GPL, free, and unaffiliated with Don Ho.
Zed Industries shipped 1.0 on April 29 after five years of Rust and GPU work. Free forever for humans, with $10/month hosted AI and an open Agent Client Protocol.
Ghostty's creator has tracked GitHub outages every workday for months. After 18 years on the platform, he's moving the project. A read-only mirror stays.
Warp released its 36k-star Rust client on GitHub under AGPLv3 on April 28. OpenAI is the founding sponsor and Oz keeps the bills paid.
CVE-2026-3854 is a CVSS 8.7 RCE in GitHub's git-push pipeline. github.com fixed it within hours. 88% of Enterprise Server installs were still vulnerable at disclosure.
Leaked internal Disney screenshots show 4,800 product and tech staff burning 3.1 billion Claude tokens and 13.3 billion Cursor tokens across nine April workdays.
CVE-2026-34621 is an actively exploited Acrobat and Reader bug that runs attacker JavaScript inside the PDF runtime. The first sample hit VirusTotal in November and went unflagged.
On June 1 every Copilot plan switches to GitHub AI Credits priced per token. Code completions stay free. Fallback models and credit rollover do not.
OpenAI says SWE-bench Verified is saturated and contaminated, and 60% of remaining problems are unsolvable. Here's what comes next, and why every coding leaderboard is suspect.
Canonical released Ubuntu 26.04 'Resolute Raccoon' on April 23. It's the first LTS without X11, ships kernel 7.0 and GNOME 50, and sets post-quantum SSH on by default.
GitHub froze Copilot Pro/Pro+/Student signups on April 20 and moved Claude Opus 4.7 behind the $39 Pro+ tier. Agent workflows broke the old math.
Framework opened pre-orders for the Laptop 13 Pro on April 21. Panther Lake or Ryzen AI 300, LPCAMM2, a 74Wh battery, and Framework's first touch display.
GHSA-xq3m-2v4x-88gg hits protobuf.js ≤8.0.0 / ≤7.5.4. Attacker-controlled schemas executed arbitrary JS on decode. One-line fix patched it.
A Carnegie Mellon study counted 6 million suspected fake stars across 18,617 GitHub repos. Here's what the StarScout research actually found and how to read a star count now.
Ruby Central cut its executive director, CFO, and PR firm, and shifted to a volunteer working board. The April 16 letter closes the arc from September's RubyGems walkout.
Anthropic launched Claude Design on April 17, a prompt-to-prototype tool that exports to Canva, not Figma. Figma's stock closed down 7% on the same day.
Cursor is in talks to raise $2B at a $50B valuation, nearly double its September mark. Revenue is up, but it's still losing money per indie seat.
Nawfal Motii's Aeris-10 phased-array radar beats $250,000 commercial systems at 3% of the cost. Hardware, firmware, and FPGA bitstream are all on GitHub.
Rust 1.95.0 stabilized cfg_select!, if-let guards in match arms, and a pile of new Vec and atomic APIs. Here's what's actually worth upgrading for.
Adobe renamed Project Moonlight to Firefly AI Assistant and opened a public beta. It runs multi-step workflows across Photoshop, Premiere, Lightroom, and more.