Astral has been acquired by OpenAI (News)

MCP on Code Mode (Interview)

This week I’m talking with Matt Carey about Code Mode and how most of us have been thinking about MCP all wrong. Matt works on the Agents SDK and MCP at Cloudflare — we discuss how server-side Code Mode lets one MCP server expose all ~2,500 Cloudflare API endpoints in about 1,000 tokens of context, the dynamic Worker loader that runs model-written code safely in a V8 isolate, Matt’s own workflow with Claude, where memory fits into the future of agents, and his Zaggy git wrapper that keeps agents from force-pushing his repos. Join the discussion [https://changelog.zulipchat.com/#narrow/stream/456187-interviews] Changelog++ [https://changelog.com/++] members save 9 minutes on this episode because they made the ads disappear. Join today! Sponsors: * Coder.com [https://coder.com/] – Secure environments where devs and agents work in parallel. Open by design. Secure by default. * Tailscale [https://tailscale.com] – Adam loves Tailscale! Easy, secure, identity-based access to anything. Tailscale deploys quickly and enables Zero Trust access to any resource on your network. From CI/CD runners across multi-cloud environments, to SaaS tools and infrastructure, Tailscale connects it all, seamlessly. * RWX [https://www.rwx.com] – CI/CD platform for high velocity teams. When agents help developers write code in minutes, validation becomes your bottleneck. RWX gives agents programmatic control, sub-second cached builds, and semantic outputs they can act on. No commit required. Just iterate until CI passes, then push. * Fly.io [https://fly.io/] – The home of Changelog.com — Deploy your apps close to your users — global Anycast load-balancing, zero-configuration private networking, hardware isolation, and instant WireGuard VPN connections. Push-button deployments that scale to thousands of instances. Check out the speedrun [https://fly.io/speedrun/] to get started in minutes. Featuring: * Matt Carey – Website [https://mattzcarey.com], GitHub [https://github.com/mattzcarey], LinkedIn [https://www.linkedin.com/in/mattzcarey], X [https://x.com/mattzcarey] * Adam Stacoviak – Website [https://adamstacoviak.com/], GitHub [https://github.com/adamstac], LinkedIn [https://www.linkedin.com/in/adamstacoviak], Mastodon [https://changelog.social/@adam], X [https://x.com/adamstac] Show Notes: FEATURED * Matt Carey on the Cloudflare blog [https://blog.cloudflare.com/author/matt-carey/] * You’ve Been a Bad Agent [https://bad-agent.transistor.fm/] * Cloudflare [https://www.cloudflare.com/] * Code Mode: give agents an entire API in 1,000 tokens [https://blog.cloudflare.com/code-mode-mcp] * Code Mode: the better way to use MCP [https://blog.cloudflare.com/code-mode/] * Cloudflare MCP Server [https://github.com/cloudflare/mcp] * Cloudflare Agents SDK [https://developers.cloudflare.com/agents/] * Cloudflare Agents SDK on GitHub [https://github.com/cloudflare/agents] CLOUDFLARE PLATFORM * Dynamic Workers [https://developers.cloudflare.com/dynamic-workers/] * Cloudflare Workers [https://developers.cloudflare.com/workers/] * Durable Objects [https://developers.cloudflare.com/durable-objects/] * AI Gateway [https://developers.cloudflare.com/ai-gateway/] * Vectorize [https://developers.cloudflare.com/vectorize/] MCP AND CODE-MODE REFERENCES * Model Context Protocol [https://modelcontextprotocol.io/] * Introducing the Model Context Protocol [https://www.anthropic.com/news/model-context-protocol] * Code execution with MCP [https://www.anthropic.com/engineering/code-execution-with-mcp] * CodeAct paper [https://huggingface.co/papers/2402.01030] * GitHub MCP Server [https://github.com/github/github-mcp-server] * Datadog MCP Server [https://docs.datadoghq.com/bits_ai/mcp_server/] * Pydantic Monty [https://pydantic.dev/articles/pydantic-monty] CODING AGENTS AND TOOLS * Claude Code [https://docs.anthropic.com/en/docs/claude-code/overview] * Claude Code voice dictation [https://code.claude.com/docs/en/voice-dictation] * OpenCode [https://opencode.ai/] * Cursor [https://www.cursor.com/] * OpenAI Codex CLI [https://developers.openai.com/codex/cli] * Changesets [https://github.com/changesets/changesets] * Handy [https://github.com/cjpais/Handy] AGENT MEMORY AND PERSONAL AI * Granola [https://www.granola.ai/] * Letta [https://www.letta.com/] * Mastra [https://mastra.ai/agents] * Supermemory [https://supermemory.ai/] * Poke [https://poke.com/] * Pi coding agent [https://pi.dev/] HOMELAB AND INFRASTRUCTURE * Swamp Club [https://swamp.club/] * Proxmox VE [https://www.proxmox.com/en/proxmox-ve] * Tailscale [https://tailscale.com/] * 1Password [https://1password.com/] * K3s [https://docs.k3s.io/] * Pi-hole [https://www.pi-hole.net/] * DuckDB [https://duckdb.org/] * Apache Parquet [https://parquet.apache.org/] * ClickHouse [https://clickhouse.com/] Something missing or broken? PRs welcome! [https://github.com/thechangelog/show-notes/blob/master/podcast/the-changelog-681.md]

Automation at the speed of Swamp (Friends)

This week I’m talking with Adam Jacob, founder of System Initiative and creator of Swamp, about what happens when AI agents change the entire shape of software development. We discuss how he went from an 18-person team down to five and shipped Swamp 900 times in four weeks, why he brought User Acceptance Testing (UAT) testing back from the 90s, why software architecture (and domain-driven design) suddenly matters more than knowing how to write code, the live demo where I pointed Swamp at my Proxmox box and watched it write its own automation (blew my mind!!), and why he’ll never accept a pull request to Swamp, ever. Join the discussion [https://changelog.zulipchat.com/#narrow/stream/455613-friends] Changelog++ [https://changelog.com/++] members save 9 minutes on this episode because they made the ads disappear. Join today! Sponsors: * Coder.com [https://coder.com/] – Secure environments where devs and agents work in parallel. Open by design. Secure by default. * Tailscale [https://tailscale.com] – Adam loves Tailscale! Easy, secure, identity-based access to anything. Tailscale deploys quickly and enables Zero Trust access to any resource on your network. From CI/CD runners across multi-cloud environments, to SaaS tools and infrastructure, Tailscale connects it all, seamlessly. * RWX [https://www.rwx.com] – CI/CD platform for high velocity teams. When agents help developers write code in minutes, validation becomes your bottleneck. RWX gives agents programmatic control, sub-second cached builds, and semantic outputs they can act on. No commit required. Just iterate until CI passes, then push. * Fly.io [https://fly.io/] – The home of Changelog.com — Deploy your apps close to your users — global Anycast load-balancing, zero-configuration private networking, hardware isolation, and instant WireGuard VPN connections. Push-button deployments that scale to thousands of instances. Check out the speedrun [https://fly.io/speedrun/] to get started in minutes. Featuring: * Adam Jacob – Website [https://www.systeminit.com], GitHub [https://github.com/adamhjk], X [https://x.com/adamhjk] * Adam Stacoviak – Website [https://adamstacoviak.com/], GitHub [https://github.com/adamstac], LinkedIn [https://www.linkedin.com/in/adamstacoviak], Mastodon [https://changelog.social/@adam], X [https://x.com/adamstac] Show Notes: FEATURED * Swamp Club [https://swamp.club/] * Swamp manual [https://swamp.club/manual] * Swamp extensions [https://swamp.club/extensions] * Swamp leaderboard [https://swamp.club/leaderboard] * Swamp on GitHub [https://github.com/systeminit/swamp] * Swamp extensions on GitHub [https://github.com/systeminit/swamp-extensions] * System Initiative [https://www.systeminit.com/] * System Initiative on GitHub [https://github.com/systeminit/si] AI CODING TOOLS * Claude Code [https://www.anthropic.com/claude-code] * Claude Code docs [https://docs.anthropic.com/en/docs/claude-code/overview] * OpenAI Codex CLI [https://developers.openai.com/codex/cli] * Codex on GitHub [https://github.com/openai/codex] INFRASTRUCTURE AND AUTOMATION * Chef Infra [https://www.chef.io/products/chef-infra/] * Proxmox VE [https://www.proxmox.com/en/proxmox-virtual-environment/overview] * QEMU [https://www.qemu.org/] * Grafana [https://grafana.com/grafana/] * Honeycomb [https://www.honeycomb.io/] * Better Auth [https://www.better-auth.com/] * TypeScript [https://www.typescriptlang.org/] * Talos Linux [https://www.talos.dev/] * Ubiquiti [https://ui.com/] * DigitalOcean [https://www.digitalocean.com/] * Hetzner Cloud [https://www.hetzner.com/cloud/] * Amazon S3 [https://aws.amazon.com/s3/] * Incus [https://linuxcontainers.org/incus/] * Kubernetes [https://kubernetes.io/] DEVELOPER PLATFORMS AND COMPANIES * GitHub [https://github.com/] * GitLab [https://about.gitlab.com/] * Block [https://block.xyz/] RELATED CHANGELOG EPISODES * Rebuilding DevOps from the ground up [https://changelog.com/podcast/545] * From Chef to System Initiative [https://changelog.com/friends/55] * From Chef to System Initiative (remastered) [https://changelog.com/podcast/655] * The war for the soul of open source [https://changelog.com/podcast/353] * OSCON [https://www.oreilly.com/conferences/oscon.html] Something missing or broken? PRs welcome! [https://github.com/thechangelog/show-notes/blob/master/friends/changelog--friends-130.md]

Bitwarden CLI compromised (News)

Bitwarden’s CLI got hit by the Checkmarx supply-chain campaign, TypeScript 7.0 beta lands with the Go-rewritten compiler running ~10x faster than 6.0, and pgBackRest lost its maintainer of thirteen years leaving anyone running production Postgres with a real dependency-trust task this week. We’ve also got Ubuntu 26.04 LTS shipping with TPM-backed full-disk encryption, and Matz dropping Spinel as an AOT path that takes Ruby to native binaries. This week was a good reminder that the tools we depend on are all moving at once. Security, performance, and maintenance aren’t isolated threads. View the newsletter [https://changelog.com/news/185/email] Join the discussion [https://changelog.zulipchat.com/#narrow/stream/455469-news] Changelog++ [https://changelog.com/++] members save 2 minutes on this episode because they made the ads disappear. Join today! Sponsors: * Coder.com [https://coder.com/] – Secure environments where devs and agents work in parallel. Open by design. Secure by default. Featuring: * Adam Stacoviak – Website [https://adamstacoviak.com/], GitHub [https://github.com/adamstac], LinkedIn [https://www.linkedin.com/in/adamstacoviak], Mastodon [https://changelog.social/@adam], X [https://x.com/adamstac]

Exploring with agents (Interview)

Today on the show I’m talking with Amelia Wattenberger — designer, data-viz veteran, ex-GitHub Next, and now designing Intent at Augment Code. What if the last 30% of any software project is about to become the hardest part you’ve ever done? That’s the argument Amelia is making today. We discuss the identity crisis developers are having as agents take over the keyboard, the epic redesign of developer tooling in this agent-first world, the arc from autocomplete to chat to CLI back to UI, why Intent treats a workspace as their core primitive not a chat thread, the tradeoffs between one-worktree-per-agent vs. one-worktree-per-task, and why she thinks prototyping just got easier but finishing got harder. Join the discussion [https://changelog.zulipchat.com/#narrow/stream/456187-interviews] Changelog++ [https://changelog.com/++] members save 8 minutes on this episode because they made the ads disappear. Join today! Sponsors: * WorkOS [https://workos.com] – Auth for CLI with AuthKit from WorkOS — Bring secure browser-based login to your terminal apps using the OAuth Device Flow, with the same polished AuthKit experience plus SSO, MFA, and passkeys. Learn more at WorkOS.com [https://workos.com/] and AuthKit.com [https://www.authkit.com] * NordLayer [https://nordlayer.com/thechangelog] – Toggle-ready network security for modern businesses. Get an exclusive offer: up to 22% off NordLayer yearly plans plus 10% on top with the coupon code changelog-10-NORDLAYER. Try it risk-free with a 14-day money-back guarantee at nordlayer.com/thechangelog [https://nordlayer.com/thechangelog] * RWX [https://www.rwx.com] – CI/CD platform for high velocity teams. When agents help developers write code in minutes, validation becomes your bottleneck. RWX gives agents programmatic control, sub-second cached builds, and semantic outputs they can act on. No commit required. Just iterate until CI passes, then push. * Fly.io [https://fly.io/] – The home of Changelog.com — Deploy your apps close to your users — global Anycast load-balancing, zero-configuration private networking, hardware isolation, and instant WireGuard VPN connections. Push-button deployments that scale to thousands of instances. Check out the speedrun [https://fly.io/speedrun/] to get started in minutes. Featuring: * Amelia Wattenberger – Website [https://wattenberger.com], GitHub [https://github.com/wattenberger], X [https://x.com/wattenberger] * Adam Stacoviak – Website [https://adamstacoviak.com/], GitHub [https://github.com/adamstac], LinkedIn [https://www.linkedin.com/in/adamstacoviak], Mastodon [https://changelog.social/@adam], X [https://x.com/adamstac] Show Notes: * GitHub Copilot [https://github.com/features/copilot] — the launch that kicked off this era (mentioned ~12×) * GitHub Next [https://githubnext.com] — GitHub’s R&D team; where Amelia worked * GitHub Actions [https://github.com/features/actions] * Intent [https://augmentcode.com/intent] — Augment Code’s new workspace-first agent app that Amelia is building (the core product discussion) * Augie [https://augmentcode.com] — Augment’s agent * Claude Code [https://claude.com/product/claude-code] * Codex [https://chatgpt.com/codex] * Notion AI [https://notion.com/product/ai] * VS Code [https://code.visualstudio.com] * Incus [https://linuxcontainers.org/incus] — system-level containers/VMs; the Canonical LXD fork * Proxmox [https://proxmox.com] — Adam’s hypervisor platform for the sandbox * ZFS [https://openzfs.org] — storage layer Incus is built on * Bun [https://bun.sh] — JavaScript runtime * Rust [https://www.rust-lang.org] * Go [https://go.dev] * Ruby on Rails [https://rubyonrails.org] * SvelteKit [https://svelte.dev/docs/kit] * Svelte [https://svelte.dev] * TypeScript [https://www.typescriptlang.org] * TanStack Start [https://tanstack.com/start] Something missing or broken? PRs welcome! [https://github.com/thechangelog/show-notes/blob/master/podcast/the-changelog-680.md]

Astral has been acquired by OpenAI (News)

Astral is joining OpenAI, which says a lot about where the center of gravity is moving for developer tools, LiteLLM got hit by a nasty supply-chain attack, and OpenCode blew up as the latest serious open source swing at the coding-agent stack. We’ve also got Rust doing a very public reality check on its own pain points, WorkOS pushing AuthKit into CLI auth, Ryan Lizza using AI to build an open source TurboTax alternative, and a fresh httpx fork that turns open source maintenance drama into a real dependency story. If nothing else, this week was a good reminder that tools, trust, and control all move together. View the newsletter [https://changelog.com/news/184/email] Join the discussion [https://changelog.zulipchat.com/#narrow/stream/455469-news] Changelog++ [https://changelog.com/++] members save 1 minute on this episode because they made the ads disappear. Join today! Sponsors: * WorkOS [https://workos.com] – Auth for CLI with AuthKit from WorkOS — Bring secure browser-based login to your terminal apps using the OAuth Device Flow, with the same polished AuthKit experience plus SSO, MFA, and passkeys. Learn more at WorkOS.com [https://workos.com/] and AuthKit.com [https://www.authkit.com] Featuring: * Adam Stacoviak – Website [https://adamstacoviak.com/], GitHub [https://github.com/adamstac], LinkedIn [https://www.linkedin.com/in/adamstacoviak], Mastodon [https://changelog.social/@adam], X [https://x.com/adamstac]