TypeScript 6.0 RC landed. Astro 6 arrived with a built-in Fonts API, Content Security Policy, and Live Content Collections. Vite 8 went stable β if your team is still on webpack, you've officially run out of excuses.
On the AI front (buckle up, it's a long list): Matteo Collina got tired of his coding agent repeating the same mistakes and built a self-learning extension to break the cycle. TanStack launched Intent, bundling AI agent skills directly inside npm packages. Bassim Eledath mapped out the 8 Levels of Agentic Engineering β worth knowing which rung you're standing on. If you need a human checkpoint before the agent's code starts flying, Plannotator lets you annotate and review plans visually. For the data-obsessed, Rudel tracks every token your Claude Code sessions burn. And OneCLI is the credential vault the agentic era needed β secure access to any service, no exposed API keys.
Security note: one carefully crafted GitHub issue title was all it took to compromise Cline's CI pipeline and leak npm publish tokens. Every open-source maintainer should read this one.
George Sivulka asked the question nobody wants to answer: AI made developers 10x more productive, so why aren't companies 10x more valuable? Meanwhile, Lorin Hochstein documents the AI reliability debt coming due β the race to capture market share left systems that crumble under real-world load.
And the boldest open-source prediction of 2026: the Linux kernel goes MIT-licensed within 5 years and copyleft dies with it. The GPL momentum data is hard to argue with.
Enjoy!
Signup here for the newsletter to get the weekly digest right into your inbox.
Find the 13 highlighted links of weeklyfoo #128:
The 8 Levels of Agentic Engineering
by Bassim Eledath
AI's coding ability is outpacing our ability to wield it effectively.
π Read it!, ai, engineering
Your Coding Agent Keeps Making the Same Mistakes. I Built a Fix
by Matteo Collina
Explored how coding agents can learn from past mistakes with a new pi-self-learning extension.
π° Good to know, ai, errors
The Linux Kernel Will Soon Be MIT-Licensed and Copyleft Will Be Dead Within 5 Years
by lowendbox.com
The GNU Public License is popular with many developers, but itβs lost a lot of its momentum over the years.
π° Good to know, linux, copyleft, mit
by Lorin Hochstein
The general vibes I see online is that the AI companies have not been doing particularly well in the reliability department.
π° Good to know, ai, reliability
by TanStack
Ship Agent Skills with your npm Packages
π° Good to know, ai, docs, agents
by Daniel Rosenwasser
Today we are excited to announce the Release Candidate (RC) of TypeScript 6.0!
π° Good to know, typescript
by Astro Blog
Astro 6 introduces a broad set of new capabilities, including a built-in Fonts API, Content Security Policy API, and support for Live Content Collections that work with your externally-hosted content through the unified Astro content layer.
π° Good to know, astro
How to steal npm publish tokens by opening GitHub issues
by Neciu Dan
A chain of vulnerabilities and pretty clever attack strategies led to the compromise of the Cline CLI. Let me explain what happened and what you can do to protect yourself.
π° Good to know, ai, security
Productive Individuals Don't Make Productive Firms
by George Sivulka
AI just made every individual 10x more productive. No company became 10x more valuable as a result. Where did the productivity go?
π° Good to know, engineering, productivity
by vite.dev
We're thrilled to announce the stable release of Vite 8!
π° Good to know, vite
by plannotator.ai
Annotate and review coding agent plans and code diffs visually, share with your team, send feedback to agents with one click.
π§° Tools, ai, agents, reviews
by rudel.ai
Claude Code Session Analytics
π§° Tools, ai, claude, reports
by onecli.sh
Open-source credential vault, give your AI agents access to services without exposing keys.
π§° Tools, ai, credentials
Want to read more? Check out the full article here.
To sign up for the weekly newsletter, visit weeklyfoo.com.
Top comments (0)