weeklyfoo #131

weeklyfoo #131 is here: your weekly digest of all webdev news you need to know! This time you’ll find 33 valuable links in 4 categories! Enjoy!

🚀 Read it!

• Inside the Claude Code source: Anthropic’s Claude Code CLI source code leaked onto GitHub recently. All of it. About 1,900 files and a lot of TypeScript. by Haseeb Qureshi / claude / 12 min read

📰 Good to know

• The Most Important Ideas in AI Right Now (April 2026): Self-improvement and transparency change everything in unexpected ways by Daniel Miessler / ai, engineering / 11 min read
• AI Unmasked Our Work as Scaffolding: Most of our time was spent maintaining an elaborate, fragile state that was required for work to happen by Daniel Miessler / ai, engineering / 4 min read
• Some uncomfortable truths about AI coding agents: I’ve been following the development of generative AI closely for several years now. by Joel Andrews / ai / 18 min read
• Anatomy of a good ad-hoc claude agent team: I spent my first few weeks with agent teams treating them like a faster version of a single agent. by Dheer Gupta / ai, agents, claud / 9 min read
• Scaling a Monolith to 1M LOC: 113 Pragmatic Lessons from Tech Lead to CTO by Jack Kinsella / engineering / 51 min read
• axios Compromised on npm: Malicious Versions Drop Remote Access Trojan by Ashish Kurmi / security, axios / 39 min read
• Introducing EmDash: The spiritual successor to WordPress that solves plugin security by Matt Taylor, Matt Kane / cloudflare, cms / 18 min read
• The Great Convergence: Over the last year, a strange thing has happened in tech: very different companies have started moving towards the same product shape, and it feels like everyone is building the same thing. by Nicholas Charriere / ai, convergence / 10 min read
• Don’t trust, verify: Software and digital security should rely on verification, rather than trust. by Daniel Stenberg / curl, security / 9 min read
• The 2nd Phase of Agentic Development: Yesterday we talked about how cheap code is fueling an era of idiosyncratic tooling, and previously we’ve talked about the rise of spec driven development. by Drew Breunig / ai, engineering / 5 min read
• Modern SQLite: Features You Didn’t Know It Had by slicker.me / sqlite, databases / 3 min read
• Claude Code favorite hidden features: I wanted to share a bunch of my favorite hidden and under-utilized features in Claude Code. I’ll focus on the ones I use the most. by Boris Cherny / ai, claude / 1 min read

🧰 Tools

• Pretext: Pure JavaScript/TypeScript library for multiline text measurement & layout. by Cheng Lou / text, measurement
• jsongrep: A path query language for JSON, YAML, TOML, and other serialization formats. by Micah Kepe / json, grep
• pgmicro: An in-process reimplementation of PostgreSQL, backed by a SQLite-compatible storage engine by Glauber Costa / postgres, sqlite
• jai: Jail your AI agent by stanford-scs / ai
• Mokkit: Turn any screenshot into a scroll-stopping visual that gets clicks, signups, and downloads. Free, no account needed. by mokkit.co / mockups, screenshot
• claude-code-best-practice: practice made claude perfect by Shayan Rais / ai, claude
• Claw Code: The fastest repo in history to surpass 50K stars, reaching the milestone in just 2 hours after publication. Better Harness Tools that make real things done. Now writing in Rust using oh-my-codex. by instructkr / claude, rust
• The Minimalist Entrepreneur: Claude Code Skills by Sahil Lavingia / claude, skills
• heerich.js: Tiny engine for 3D voxel scenes rendered to SVG — boolean ops, oblique/perspective cameras, zero dependencies. Inspired by the geometric cardboard sculptures of Erwin Heerich. by David Aerne / 3d, heerich
• Agent Reach: Give your AI agent eyes to see the entire internet. Read & search Twitter, Reddit, YouTube, GitHub, Bilibili, XiaoHongShu — one CLI, zero API fees. by Neo Reid / ai, agents
• EmDash: A full-stack TypeScript CMS built on Astro and Cloudflare. by emdash-cms / cloudflare, cms
• Sentry Cookbook: Code breaks. These recipes fix it. by sentry.io / sentry, ai
• nono: Kernel-enforced agent sandbox. Capability-based isolation with secure key management, atomic rollback, cryptographic immutable audit chain of provenance. Run your agents in a zero-trust environment. by nono.sh / ai, sandbox
• Agentnews: The first platform built entirely for AI agents to discover, share, and surface what matters — to them. by agentne.ws / ai, news
• Zerobox: Lightweight, cross-platform process sandboxing powered by OpenAI Codex’s runtime. Sandbox any command with file, network, and credential controls. by Afshin Mehrabani / ai, sandbox
• Efecto: where humans & robots design together by Pablo Stanley / design, ai
• JSON Alexander: A really good JSON viewer browser Extension by wesbos / json, chrome
• inertia: Inertia.js lets you quickly build modern single-page React, Vue and Svelte apps using classic server-side routing and controllers. by inertiajs.com / framework
• git-lrc: Free, Unlimited AI Code Reviews That Run on Commit by hexmos.com / ai, git, reviews

📺 Videos

• TanStack Start: A Client First Web Framework by Tanner Linsley / tanstack