PodRocket

LogRocket

Podcast

Episodes

Listen, download, subscribe

Apple Podcasts

Spotify

Bun's rust rewrite, the TanStack hack, and the $60B Cursor deal | Panel

5/21/2026 • 46 min

This month's panel digs into the SpaceX Cursor acquisition rumor and what a $60 billion valuation means for AI coding tools. They debate Bun's million-line Rust rewrite generated entirely by AI, the tradeoffs of agentic coding at scale, and a sophisticated CI/CD cache poisoning attack targeting TanStack. Plus: practical takes on Claude token optimization, session forensics, local AI models, and why most Claude Code skills work best when tailored, not pulled off the shelf. Resources SpaceX/Cursor deal, CNBC: https://www.cnbc.com/2026/04/21/spacex-says-it-can-buy-cursor-later-this-year-for-60-billion-or-pay-10-billion-for-our-work-together.html Fortune, Cursor's uncertain future: https://fortune.com/2026/03/21/cursor-ceo-michael-truell-ai-coding-claude-anthropic-venture-capital/ GitHub Copilot usage-based billing announcement: https://github.blog/news-insights/company-news/github-copilot-is-moving-to-usage-based-billing/ Developer backlash, Visual Studio Magazine: https://visualstudiomagazine.com/articles/2026/04/27/devs-sound-off-on-usage-based-copilot-pricing-change-you-will-get-less-but-pay-the-same-price.aspx "The IDE Is Dead, Long Live the ADE", Indie Hackers: https://www.indiehackers.com/post/the-ide-is-dead-long-live-the-ade-0d81e9da3d Companies spending crazy money on AI coding tools, Medium: https://medium.com/@Reiki32/companies-are-spending-crazy-money-on-ai-coding-tools-while-developers-burn-out-efe5908f3dda The PR: https://github.com/oven-sh/bun/pull/30412 The Register writeup: https://www.theregister.com/devops/2026/05/14/anthropics-bun-rust-rewrite-merged-at-speed-of-ai/5240381 The 13,000 unsafe blocks piece: https://byteiota.com/bun-rust-rewrite-merged-the-13000-unsafe-block-problem/ TanStack postmortem: https://tanstack.com/blog/npm-supply-chain-compromise-postmortem TanStack hardening follow-up: https://tanstack.com/blog/incident-followup StepSecurity writeup (the researcher who caught it): https://www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystem SOC Prime writeup: https://socprime.com/active-threats/active-supply-chain-attack-compromises-node-ipc-package We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Fill out our listener survey! https://t.co/oKVAEXipxu Let us know by sending an email to our producer, Elizabeth, at elizabeth.becz@logrocket.com, or tweet at us at PodRocketPod. Check out our newsletter! https://blog.logrocket.com/the-replay-newsletter/ Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form, and we’ll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understanding where your users are struggling by trying it for free at LogRocket.com. Try LogRocket for free today. Chapters 00:00 Introduction 01:00 The $60B SpaceX Cursor deal 08:00 Token costs rising — the rug pull is real 09:30 Local models and sub-agent routing 12:00 Session forensics — cutting Claude token waste 15:00 Bun's AI-generated Rust rewrite 18:00 Should AI rewrite core infrastructure? 23:00 Does runtime choice even matter anymore? 29:00 The TanStack supply chain attack explained 33:00 How the GitHub Actions cache poisoning worked 36:00 Is GitHub Actions too flexible? 39:30 Ad break 40:00 Hot take — you'll be okay (local models and hardware) 42:30 Hot take — "They Will Kill You" (Jack's movie rec) 43:30 Hot take — stop hoarding Claude Code skills 46:00 Wrap-up Special Guest: Jack Herrington.

PodRocket RSS Feed

Share: Twitter • Facebook