Weekly roundup covering Bun's acquisition by Anthropic, new AI models from Mistral and DeepSeek, a critical React Server Components security vulnerability (CVSS 10.0), malicious npm packages evading AI security tools, JavaScript bundle optimization techniques, CSS Subgrid capabilities, Git workflow shortcuts, and releases including RubyGems 4.0.0 and Express v5.2.0 with security patches.
Table of contents
Bun is joining Anthropic – by Jarred Sumner, Bun BlogIntroducing Mistral 3 – by Mistral teamDeepSeek-V3.2: Pushing the Frontier of Open Large Language Models – by DeepSeek-AI E. Research & Engineering teamBundle Size Investigation: A Step-by-Step Guide to Shrinking Your JavaScript – by Nadia MakarevichCritical Security Vulnerability in React Server Components – by React TeamHow I Reverse Engineered a Billion-Dollar Legal AI Tool and Found 100k+ Confidential Files – by Alex SchapiroMalicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools – by The Hacker NewsAccessibility with Interactive Components at React Advanced Conf – by Daniel CurtisBrand New Layouts with CSS Subgrid – by Josh ComeauSmall shortcuts that made my Git workflow easier – by Leonardo RodriguesGetting Started with Go on Nintendo 64 – by Timur ÇelikOrganizing Files and Modules in Elm: Building an Advent Calendar – by Christian EkremRubyGems 4.0.0Tinybench 6.0: A Tiny, Simple Benchmarking LibraryExpress v5.2.0RelatedSort: