TMiR 2026-01: Oops more CVEs. AI has React "skills", Astro exits and Tailwind struggles

Transcript from Saturday January 31st, 2026

Carl: Hello everyone. Thank you for joining us for the first this month in React of 2026 January edition. As we recap what's going on in React, react Native and across the web, we're coming to you live from Reactiflux, the place for professional developers using React. [00:00:00]

And yeah, I'm Carl. I'm a staff product developer and freelance community leader here in Reactiflux where I do programs like these events uh, and a couple of other things. [00:00:16]

Mark: Hi, I'm Mark. My day job is working at Replay. My second unpaid job is working on Redux and I'm not wearing glasses. [00:00:25]

Carl: Yeah. Congrats on LASIK! [00:00:33]

Mo: And I'm Mo I'm the head of Mobile at Thero. I'm an active part of the React Native community, and I organize the React Native London Meetup and Conference. [00:00:35]

Carl: and like 10 minutes fresh off, traveling back home. Right? [00:00:43]

Mo: yeah. Just got home. Just got home. I'm still still wearing my coat. [00:00:48]

Mark: Make yourself comfortable. [00:00:52]

Mo: We're gonna be here. [00:00:54]

Carl: Cool. Okay. Uh, Let's get straight into some new releases. [00:00:55]

New releases

Carl: Yeah, Mark, take us through those. [00:00:58]

Next 16.1 (Turbopack updates, bundle analyzer)

Mark: Okay. Item one we have next. 16.1 just came out not a lot. Huge. There, there's some improvements to Turbo pack. They have a new bundle analyzer feature built in. I'm always in favor of, you know, actually understanding what's going into your system. [00:00:59]

Turbopack incremental computation

Mark: Looks like some of the Turbo Pack file caching stuff ought to make the dev mode a little bit faster. [00:01:15]

Hopefully I don't think we put the link in here, but the next folks did put out an article sometime in the last couple weeks talking about a lot of the internal memo work they do in Turbo Pack. That is, you know, the core of how it's supposed to make builds faster. So that's probably worth looking at as well. [00:01:21]

React Navigation 8.0 alpha

Mo: React navigation version 8.0 is an alpha now. So we've seen a little bit of this stuff come around, but things like native bottom tabs being sort of the default, which a lot of the other libraries in the ecosystem are moving towards and expert route has been pushing for a while, which uses react navigation under the hood. [00:01:38]

Some better TypeScript configs and just some general improvements. With the major changes, those native bottom tabs, which won't make the apps feel just that much more native. [00:01:55]

RN Windows 0.81 with New Arch support

Mo: And then the next one is React Native Windows, version 0.81. Is out. And the same is actually the case with React Native Mac Os because they're both maintained by Microsoft. [00:02:03]

big thing here is that the sort of new architecture or the fabric architecture is now enabled by default. So the Windows and Mac os the desktop equivalents of Rack Native are a little bit behind because of some legacy that's in the code base and some stuff that needs to be refactored in a little bit of tech debt. [00:02:14]

But they're definitely catching up. So, they're getting close to fully adopting the new architecture, which is exciting. [00:02:32]

Mark: I would love to know what the adoption numbers are for either the, the macro windows ports outside of Microsoft. Early outta curiosity, [00:02:37]

Mo: It's not as well publicized or showcased, but I have a great talk, which I'm gonna use this opportunity to plug by one of the maintainers. [00:02:46]

State of React Native macOS Saad Najmi & Jay Meistrich

Mo: so this was at the conference that we hosted at Arn Lko and one of the maintainers, one of the maintainers of React Native macOS did a joint talk with Jay Meistrich, who maintains Legend List. And they talked about react Native macOS in the state of React Native Macs. It's a very cool talk to get an idea of what's in store. So, [00:02:55]

Carl: great. Love that. [00:03:13]

Mark: Josh Goldberg’s new Flint linter

Mark: All right. Next item. Josh Goldberg is a wonderful one. Wonderful human being if you ever had a chance to talk to him. He's also a major proficient linting tool maintainer. He's been the primary maintainer of TSES lint. He's worked on a number of other linting projects. He's had a lot of interactions with the ES lint maintainers and the TypeScript maintainers. [00:03:15]

And as a result, he has formed very many strong opinions about how winters should work and what's wrong with current winters. And, you know, like most people, he's, you know, griped about things he doesn't like for a while. And this has finally result in Josh building his own winter. So he's calling it Flint. [00:03:39]

he'd written several previous blog posts talking about. You know, what would a better winter look like? And that was the, you know, the hidden background on I am actually building my own winter. So if you look at the Flint announcement it goes through some of the points that he's trying to make. [00:03:58]

Things like it's, there's a hybrid architecture where it can use native built linting tools, but most of the coordination is still being done in TypeScript. It, it would still have TypeScript based plugins. Most of the rules would be in the core, much more consistent naming and error messages and configuration. [00:04:17]

So. I don't know the full status of it. I know he's been working on it and that, like an early proof of concept exists. I don't think it's anywhere near a usable state at all. But Josh knows linting and he's very good at this stuff. So, we've got oxalate and es lint and excellent and bio at this point. [00:04:35]

You know, maybe we don't need another, but I love that Josh has the enthusiasm to try to put his ideas into practice here. [00:04:56]

Carl: Yeah, if you're gonna complain about something, putting your money where your mouth is on investing the energy to try and execute on those gripes is something that I would love to see everybody try and do. [00:05:03]

Immer 11.1 (array methods override)

Mark: A personal item and one that I've been, you know, waiting to see come together for a while. So those of you who have been paying attention to the podcast over the last few months have heard me talk about the performance optimization work I did on Emer in September and October. [00:05:15]

And so that had ended up with three different prs that I'd filed. A small set of tweaks that it went out as Imer 10.2 a major internal rewrite that went out as Imer 11.0. And then the other piece I'd put up is a new optional plugin that overrides ier array methods so that instead of accidentally proxying every field you access as you loop over an array, it just defers to the underlying array and skips most of the overhead in that, a couple K to the bundle size if you actually import and turn on the plugin. But it does make pretty much any array access noticeably faster. And you know, the goal of this was to make ER faster. So I did that. So that came out as ER 11.1 and that is all the performance changes I had except for one other spot where I was investigating the possibility of trying to improve the object spread handling in some way. [00:05:30]

I may try to get back to look at that at some point, but this is all I'd put up. So very happy to see all that's come out. [00:06:31]

Rolldown 1.0 RC

Mark: Couple other items. [00:06:37]

Back to the theme of tools being built in rust. Rolldown has hit 1.0 rc I believe this is already available for use in the latest V eight betas. I don't have a release timeline on that, but it looks like that one's coming together pretty well. [00:06:38]

Yarn 6 Preview

Mark: And then yarn has announced yarn version six, which yes, is a rewrite it and rust announcement. I don't think I missed a yarn five. I would've to go back and reread the post to see if they actually mention it, but I'm pretty sure the current version is still four x. So it's a rewrite and rest rewrite. The goal is to make it faster. I think the blog post has some benchmarks that compare it to PNPM in a few different modes but happening there. [00:06:54]

Carl: Yeah, that's interesting. I just pulled up the Yarn docs and can confirm. The most recent version is listed as 4.1, so it's curious that they're announcing version six. [00:07:26]

Mark: Maybe it's the winamp approach somehow. [00:07:35]

Carl: taking inspiration from ECMAScript, you know, skip version four. [00:07:38]

Strange. [00:07:41]

[https://viteplus.dev/](Vite Plus)

Mo: I got an interesting thing that I was just looking at not yarn but roll down. And so it's obviously made by the creators of vt, but I was just going on the Void Zero website and I saw that they seem to be trying to launch a paid unified tool chain called VT Plus. I don't know if you folks have seen this, [00:07:42]

Mark: they talked about that at vConf a couple months ago. The idea is that. Void Zero is sponsoring slash owning a lot of the work on the underlying tools OXC, oxalate OX format, EV and all that stuff. And the purpose of ROLLDOWN is that right now v relies on ES build for dev mode and roll up for prod builds. [00:07:59]

And Es builds fast roll ups, not, and you've got two different tool chains. So roll down is an attempt to unify both, of those. One consistent build system, roll up public API do it a lot faster and you know, they own it. V plus then is supposed to be what if we took all our tooling together and made kind of like what Rome slash Biome was supposed to be a few years ago, the Uber Unified everything tool chain. [00:08:25]

And then that would be their enterprise sales kind of a thing. [00:08:56]

New “CSS Grid Lanes” (“masonry”) feature spec nailed down

Carl: In other news. So WebKit has shipped an initial version, an attempt at CSS grid masonry layouts. This has been like a hot a subject of hot debate for years. Like it's been this, like simmering. We want something that does this, but exactly what the semantics or should be, are unclear. Basically, grids are great, but they require, they, they place constraints in two dimensions. [00:08:59]

it's a grid, it's a bunch of squares or a bunch of rectangles or whatever. And there's lots of layouts where each item in them may be a variable size, like for instance a grid of photos. You know, you look at your photos in whatever app you like to use. And it, there are different aspect ratios, there are different dimensions. [00:09:27]

And that's where Masonry comes in. It's called masonry because it resembles like the layout of bricks or stones. So, cool that I've literally been hearing about that for at least four years, I'd say. I think, I feel like as soon as CSS grid came out, people were like, great. What about masonry? So it's cool that we've now got something functional shipped in Safari. [00:09:44]

It looks like it's in the technology preview, so it's not fully usable now, but meaningful progress. [00:10:06]

Mark: think a lot of the debate there was should this become like another named CSS display mode or is this another set of options for grid or something else? What's the naming, how does it play with the existing layouts? And so there, there was a lot of discussion iteration to try to figure out what the right approach was there. [00:10:13]

Carl: And it sounds like they have, or at least close enough to where there's something has been shipped, which is great. Cool. [00:10:33]

Temporal API finally hitting stability (and how it replaces Dates )

Carl: Other, not quite released, but major progress .Temporal has been released in Chrome, I believe in the main release branch Chrome 1 [00:10:39]

Mark: I think this, this is actually out. [00:10:49]

Carl: yeah. [00:10:51]

Which is being actually out is a clears a roadblock to being officially standardized. Anything that is stage four must be present. I believe in a like fully released browser version, it must be used not in alpha or release candidate. And that's great. JavaScript dates suck to work with. [00:10:52]

There are a bunch of pretty major gotchas. My favorite is that there is no way to encode the time zone in a date. It always relies on the system time zone for whatever computer is executing that code which is a pain in the butt. And actually it, it has a b that cause of the bug in Reactiflux.com because the way we calculate what date a transcript is from diff is different if you build it locally versus on. [00:11:11]

In production because of the five hour time difference. So I, I ha this is something I have to account for when I release these transcripts because JavaScript is dumb about dates. So, great. Love to see that. There was another great summary from Matt Marques Wilto, which, oh I recognize that name. [00:11:38]

I've followed him on social media for 12 years now, something like that. Just, he did a great blog post about temporal Date is out, temporal is in definitely recommend it as a good technology summary of this tool. [00:11:57]

Mark: And interesting implementation. I, I only saw this in passing, but I think the actual core of the temporal implementation that Chromium is using is indeed in rust and then exposed up through the JS engine. [00:12:11]

Carl: fascinating. Cool. [00:12:24]

Mark: I'd have to go back and double check details, but I think I saw it somewhere. [00:12:25]

Carl: Okay. Neat. [00:12:28]

Main Content

Carl: That's all the new releases we got for you. Let's go into main content [00:12:29]

Mark: Okay. [00:12:33]

React Core

Mark: A number of items from around the React core area. [00:12:34]

Additional updates / CVEs for DoS as of Jan 26 . Update to 19.0.5, 19.1.5, and 19.2.4

Mark: Item number one, update your reacts again. So we, we had the multiple sets of CVEs and security issues with server components. Was that only last month, two months ago when, whenever that was. the initial remote code execution follow on reports found some denial of service and source code exposure, vulnerabilities, and apparently further investigation has found other ways to trigger denial of service and issues. [00:12:37]

And so I, I was actually confused if this was. The same CVE or something different. It looks like there is actually a separate 2026 CVE entry for the new denial of service entries, but it's probably the same basic idea. So there are new versions of React Out. Again, please update to 19.0 0.5, 19.1 0.5, or 19.2 0.4 I think approximately. [00:13:05]

Just update everything. Again, [00:13:35]

Carl: Yep. Geez, not ideal. [00:13:38]

Next.js DoS CVes for Image Optimizer and Partial Pre-Rendering

Mark: these for their own internal pieces image optimizer and partial pre rendering. So again, please update your next JS to the latest as well. [00:13:40]

React docs updates for useOptimistic and useEffectEvent

Mark: hopefully slightly happier news. Ricky Hanlon just put up some docs updates. I don't think they're even merged yet. To rewrite the API reference pages for use Optimistic and Use Effect event and tracing this a bit. I think the, there were a couple triggers for him trying to make those changes. [00:13:50]

And this post on useOptimistic issues

Mark: There was a blog post that came out in , early January, I think that talked about a some of the complexity of using the useOptimistic Hook very well written article. Brought up a few different use cases and points, and I know Ricky saw it and responded to it on both Blue Sky and Reddit. [00:14:11]

Sparked by Dan raising concerns about the docs quality

Mark: And in the discussion on Blue Sky, Dan actually popped in and said, I'm really not happy with the use Optimistic Docs, or, you know, a few of the other docs pages, I feel like. You know, the team kind of missed the boat on some of the docs work after I, you know, after I set the bar pretty high with a lot of the initial tutorials and references and stuff. [00:14:32]

And Ricky very right, rightfully pointed out, it's like, yeah, there's only so many people doing things. I'm one of 'em, I've been on family leave. And also, you know, we had this giant CVE drop that we've had to, you know, go deal with so very fair point. But I think Ricky took that as inspiration to go try to do a rewrite. [00:14:55]

So he's got a rewrite up for both Use Optimistic and Use Effect Event. One interesting thing I noticed this morning, I, I believe the use optimistic update was probably done by hand. The React team has added some Claude code agent files to both repos and I think Ricky did some of that and added in some skills and commands for both improving docs and looking at things like the React compiler internals and stuff. [00:15:16]

And I believe the effect event Doc PR said the first pass on this was done by Claude, and then I went up and tried to clean it up myself. So number one, hopefully better docs wonderful all around. Two, the React team is experimenting with Claude code and seeing what they can do with that. So, you know, just interesting to watch that progress along. [00:15:46]

Carl: Yeah. That's interesting. I was, I've been curious, you know, I've never worked at big companies. I generally understand them to be pretty touchy about stuff like uploading code to third party servers. [00:16:10]

So I've been curious what kind of access to tools like Claude you know, teams like React Core would have so interesting to see that they're visibly starting to experiment with it in the actual React code base. [00:16:21]

Mo: It's quite interesting that like they're kind of allowed to almost come and say it publicly, given that Meta has been a big advocate of their own sort of open source models. Like, so, you know, it's almost like, hey, we use the direct competitors tools and it's, you know, it's fine. You know, so I think that's quite interesting. [00:16:35]

AI meets RN Panel Discussion

Mo: We actually had some people from the React Native Core team where we talked about this at the conference. So I'm gonna do another, I'm gonna be doing a lot of self [00:16:57]

Mark: Please plug your stuff. [00:17:02]

Mo: yes. It's not really my stuff. I mean, I was I was moderating the panel, but I, if you want to get a little bit of insight into what the React Native Core team does with ai, this might be an interesting panel for you to watch. [00:17:05]

We have a really good chat. [00:17:15]

Mark: Cool. [00:17:16]

Work on the Gesture API and View Transitions, and Fragment Refs (canary only)

Mark: Meanwhile, in the midst of all the CVEs and everything else the React team is continuing to work on actual core functionality. We had the view transitions, alpha APIs came out last year, and Sebastian MarkbĂĄge has continued working on that and is expanding the view transition support with relation to gestures and some other animation things as well. [00:17:17]

I have not looked at these, I don't know details, but I know that lack of animation support has always been a complaint about React as opposed to libraries like view and spelt. And so it seems like the work that they've done on Fiber in the past and now the baseline that they've put in place for view transitions is something that they're building on and trying to actually expand that functionality as well. [00:17:39]

they're also continuing to make some tweaks to fragment refs. I actually legitimately do not remember, are fragment refs out in 19.2 or were they alpha in 19.2? [00:18:03]

Anyway I, I saw, I saw a few additional prs come through with some improvements to fragment, ref handling dealing with text nodes and a few other things and [00:18:15]

Carl: Can confirm, fragment refs are canary only right now. [00:18:24]

Mark: okay. Okay. So still work in progress. [00:18:27]

<ViewTransition> underlying tech is now supported in all major browsers as of Firefox 147. React features is still in Canary.

Mark: And related to the view transitions aspect like a lot of other things, they came out in Chrome first and, you know, therefore all the different chromium based browsers Firefox has finally shipped view transitions as of Firefox 1 47, I have no idea about Safari. [00:18:30]

I don't use safari. I don't look at safari. I don't know [00:18:46]

Carl: small, small clarification actually. So, Firefox has supported view transitions themselves since 1 44, but there's a sub thing, view transition types, that they have not supported until now in Firefox 1 47. I don't fully understand what the difference is, but I guess it's like, you know, the types property on view transition is now supported and I guess the react view transition component depends on that. [00:18:48]

Mark: Gotcha. [00:19:17]

Carl: Yes, the view transition component, which is still in canary. [00:19:18]

Mark: Mm-hmm. All right. [00:19:21]

Jordan PRed the actual useStore concurrent store impl for React

Mark: And finally, two other prs to note. I've talked in previous episodes about the concurrent store's work that Jordan Eldridge has been working on. He had put up the React Concurrent Store, poly Fill. I had tried it out in React Redux. I had submitted some prs to improve the poly fill and offer some feedback on things that we probably need to cover when we actually go to implement it. [00:19:22]

And Jordan actually put up the PR to actually implement the initial concurrent store, API in React itself. Remember, this is supposed to be a better replacement for the current used sync external store, API, but concurrent transition compatible. [00:19:44]

Honestly, there's been surprisingly little discussion on this PR at all. Like, I think there's like one or two comments. One person just asking like, how is this different from the use hook or something like that. I expected more people to jump on this and say, what is this? What does it do? What are the trade-offs? How soon can we land this? And there's been no chatter. [00:20:03]

But I mean, he also put it up like, I don't know, right at the end of December, early January. So not much. But again it's very exciting to see this being worked on at all. It's very exciting to see. We're at the point where he feels confident enough in the API design to put up a PR and say, here's what I think we're trying to do and an implementation that does that. Now let's discuss it and get further public feedback. So very, very excited by this. [00:20:25]

Types changes to improve form events

Mark: And last item there was a types PR put up and I think possibly actually merged to improve the react types around form events. Trying to get better typing for the target field, I believe. [00:20:54]

Carl: It did get merged. Can I confirm? [00:21:07]

Mark: cool. [00:21:10]

Carl: So it looks like the form event had previously been matched on types to the React synthetic event. But it was not identical to the actual DOM event. And so this types change corrects that. So the the types are now matching what is in the dom it looks like. Cool. Looks great. [00:21:11]

Mark: Yep. And that's it from the roundup around the world of the core. [00:21:28]

Carl: Heck yeah. Cool. [00:21:32]

Other security issues

Carl: Let's go back into some more security issues around the ecosystem. [00:21:34]

React Router CVEs: meta XSS, file access, external redirects, CSRF

Carl: Yeah. I guess we briefly touched on some. You know, CVEs and other, you know, denial of service vulnerabilities. In next react Router has also put up a thread discussing six CVEs. It says they publish six CVEs identifying vulnerabilities between React router and remix B two. [00:21:39]

They're saying safe versions are react router seven point 12 version six is 6.3, 30.3 and remix V two is two point 17.2. these are pretty weedsy kind of vulnerabilities. I was looking at the list and didn't see any that immediately jumped out as like, oh shit, that's gonna be a problem for me. [00:22:00]

But it's like a couple of cross site scripting vulnerabilities. Let's see. Yeah, one in the meta component when it's generating script IDs. Okay, but that says framework mode only. Yeah. So it's a lot of these are in framework or data mode only if you're using that, I think that's the recommended, more more common. [00:22:21]

Yeah. Yeah, so it's like in the meta component, it's got unauthorized file access for some session storage. If your cookies aren't signed, an unexpected external redirect via untrusted path, I don't quite know what that's supposed to imply. All of these just link to the actual, like GitHub security advisories rather than any kind of blog post or anything. [00:22:41]

I'm not seeing like discussion of or explanation in depth of what these vulnerabilities are on a technical level. Just kind of here's what it was and here's what's safe. So that's great. I guess. [00:23:05]

Node security releases

Carl: node likewise also had a, couple of security patches also pretty deep in the weeds. Several of these I believe, were uncovered as a result of investigations started after the React CVEs last month. [00:23:18]

Yeah, you know, it's like you can update the timestamp of files if, even if you don't have right permissions. So that's, you know, technically a permissions bypass memory leak that enables a remote denial of service. Uncatchable maximum call stack exceeded error that can cause process crashes even if you think you're handling all possible errors because you can't catch it. [00:23:31]

So it's a couple of little things like that. Mostly it looks like some file system errors and server crashes in general. One, one that's like super deep in the weeds. It says timeout based race conditions make unsigned into eight array buffer slash buffer allocation non-zero filled. So like if you go to allocate a type array buffer, I guess in certain circumstances, you know, that could be exploited so that what you think is a zeroed out, a ray buffer is not actually zeroed out, which you know, sure. [00:23:55]

That's the kind of thing that absolutely security researchers can tap into and get it turning into some other vulnerability, I guess. I don't see a path towards it, but Sure. [00:24:27]

Lodash security releases

Carl: Here's a name I haven't thought of in a minute. Lodash they rolled out a major security overhaul as this blog post titles it. [00:24:38]

Funded by a european effort to fund projects for sovereign resiliency

Carl: An interesting detail that I, I noticed while reading the blog post, it was actually funded by a sovereign tech agency is what it's called. And it says that they're, we invest globally in the open software components that underpin Germany and Europe's competitiveness and ability to, to innovate. [00:24:46]

So this is the like government sponsored open source grant that was used to fund security work at Lodash to the tune of $200,000. So that's interesting. I, that's. Some fun details. I, I guess, you know, as we were talking about financial ecosystem for open source, look at that, here's a major foundational open source project getting like government investment money from the government in order to make it more secure. That's pretty cool. I appreciate that. that better than, you know, venture capital exits or whatever. Yeah. [00:25:01]

Github’s announced plans on security improvements

Carl: Moving on a bit. GitHub put out a blog post towards the end of last month. I think we missed it because we recorded early in December to avoid the holidays. But they put out a blog post about strengthening supply chain security, just across GitHub and NPM. [00:25:35]

It's a lot of retrospective on the Shai-Halud attacks that we discussed in pretty deep detail over the last two or three months. Looks like they're, it says, what's next for NPM, bulk OIDC onboarding. So I guess, you know, OIDC is a authentication standard for sharing authentication information, previously they didn't have great support for that. Now they have much better support for it, but people have to transition. So this [00:25:50]

Mark: the biggest issue is I've now done this for a couple packages and you have to go in directly into the NPM settings for that package. Manually click through. I want to turn on trusted publishing for this package. Here's the repo name, the, YML file that will publish this and confirm the settings. [00:26:16]

Now, what happens if you have hundreds of packages? I think people even went ahead and started creating user scripts in the browser to try to automate clicking through that. [00:26:35]

Carl: Oh man. writing an automated user script to [00:26:44]

Mark: automate [00:26:48]

Carl: changes, what could go wrong. Yeah, so they also expanded to support more OIDC providers, so it's not just GitHub and GitLab as well as staged publishing. So it's a new publication model that gives maintainers a review period before packages go live with multifactor authentication, verified approval. [00:26:49]

So, cool. Like this is a bunch of like [00:27:09]

Mark: Boring, but critical stuff. [00:27:12]

Carl: Right. Boring but critical stuff around. Ensuring that who is publishing code to a specific package is who is supposed to, and providing review periods, I guess. So that's cool. That's great. That's definitely important. I don't know, I've been thinking a lot about identity online and it is wild. [00:27:15]

How critical and how how critical that is of a problem to have good solutions to, and how terrible our current solutions to that problem are. I think that's gonna be a defining problem for the next long time. And socket do dev. [00:27:34]

Summary of NPM’s publishing changes, and requests for improvements

Carl: Last thing on the security front socket do dev put up a blog post with just sort of a, looks like a roundup of changes to the publishing process. [00:27:48]

Mark: And one, one call out from within that article the Es Lin Maintainer and creator Nicholas Zaki, I think had put up his own blog post saying, yeah, actually I'm not thrilled with what GitHub and NPM are doing in terms of handling publishing changes. I think there's a lot more they ought to do. [00:27:58]

And then the soc. Post references that, as you know, okay. You know, and GitHub and NPM are doing these things, but here's other suggestions of what would really be helpful. [00:28:17]

Claude Skills in the React world

Mo: Cool. Let's change gears just a little bit and you might have been seeing sort of all over Twitter and different dev communities people talking about different Claude skills that have come up. So Mark talked about it briefly with the Vercel folks. But just wanna give a little bit of a context about this in case people haven't been really that involved in the AI space. [00:28:28]

Announcement by Anthropic

Mo: So, anthropic about two-ish months ago released this concept of skills. Now they've also worked on different things like cps, which kind of did similar things, but you know, you needed a server to be running and you know, it wasn't necessarily something that was that useful for a lot of stuff where you just wanted to give it a bit of context about how to do a specific thing. And so they released this concept, this standard of a skill. [00:28:49]

Open sourced

Mo: They later actually open source that as well. So now it's sort of an open standard that they've defined. Got a specification. And other people can sort of, implement it in their models, which is good. But the idea here is that it's effectively like really just a directory with a bunch of markdown files, a name and a description. [00:29:16]

So you install your directory as a plugin, and within that it has sort of files that can reference one another, but they can also reference scripts and so on and so forth. And they can basically give a lot of context on how to do something really well. And so people have been jumping on this as a concept in the React ecosystem. [00:29:33]

Vercel: React Best Practices

Mo: So, Vercel very quickly jumped in and you know, I think earlier this month released a React best practices skill. So they basically created a whole bunch of different rules. Things like, you know, when you [00:29:53]

Mark: Don't set state and use effect. Da, da, da, da. [00:30:08]

Mo: Saving in the day. Yeah, exactly. All of that stuff. [00:30:12]

But you know, also a little bit more complex stuff like when you should probably, you know. Store stuff in cache and so on and so forth. And things like optimizations to performance, bundle size optimization, service side optimizations, all of that stuff. All of that good stuff. And so that was sort of, I guess, one of the forays into this space. [00:30:14]

Vercel has obviously been really hot in the AI game in general, so they also released a CLI to install a bunch of different skills and created kind of like a marketplace of skills or like a directory of skills which was interesting. [00:30:34]

Expo Claude Code Plugin/Skill

Mo: And expo. So in the React native ecosystem Evan Bacon, who was the creator of Expo Router, has actually moved more into focusing on AI stuff. And he launched an expo code plugin with a few skills underneath it that he's been using and building with himself. Now, again, coming into the self plugs, it's gonna get really annoying. This this episode, I got quite curious because I was like, is this actually gonna make a difference? [00:30:47]

And I ran a little bit of an experiment and I just spun up two cloud code instances and took the default expo template app. And then tried to update it to use the native bottom tab navigation and expo router, which was experimental and not, you know, shipped in by default. So I was like, let's see how good it does at doing that, which is a relatively novel thing to do, and using some native components where I can. [00:31:12]

And the one without the skill took noticeably longer and used a lot more tokens, whereas the one with the skill was pretty efficient. It actually did a decent job. Like I couldn't find code that I was like, this is bad, or You've done a bad job at doing this. It actually went above and beyond and converted some stuff to liquid glass that I wouldn't have thought to convert myself, which kind of freaked me out a little bit. [00:31:35]

it was just pretty good. Like I would've probably made a couple of minor styling tweaks and then just. Push that into a branch and open up a pr. So pretty cool experiments. Would definitely recommend using that if you're building in sort of the expo ecosystem, just does some basic sort of housekeeping, which is really useful for your apps, but that's anecdotal that it does actually work and make a difference. [00:31:58]

And I ran the test afterwards a few more times and it does actually consistently perform better. [00:32:18]

“AGENTS worked better than skills”

Mark: the ironic thing is Vercel actually put out a blog post. Let's say Friday, like that Tuesday something that actually said yes, we just put out all these skills. We thought they're great. And then we tried running some tests where we actually put more of the instructions compressed into agents md, and it actually worked out better than the skills did. [00:32:23]

Mo: that probably has something to do with this concept of context recall and Mm. And dyna dynamic loading and like [00:32:44]

Mark: whether the a, whether the agent knows to load the skill in the first place. [00:32:51]

Mo: Exactly that. Right? But I think they're probably using the context a lot more effectively by like compressing it out and removing a bunch of the, or minimizing the tokens it uses for that type of stuff. So that's that. Quite interesting. I hadn't actually seen that article. That's definitely going on my bookmarks to read after the episode. [00:32:56]

Thanks for [00:33:12]

Carl: yeah, I'm not super surprised by that. I mean, Mo you actually brought up a point here that I think might be interesting here that I, I don't, I don't know that they have touched on in this post, but, so like, like my thought would be. It looks like kind of the difference they're talking about here is whether you have a bunch of little docs that are indexed and categorized by knowledge that your LLM tool can read if it is doing something relevant versus taking that same content and just shoving it all in one giant, huge fuck off document. [00:33:12]

And you know, it kind of makes sense that when you have all of the knowledge just all present there, that it knows more and that it would do a little bit better versus having to answer the question, what am I doing? What do I need to know to do that? Where are the associated documents to do that task located? [00:33:46]

like you said about token efficiency, my thought would be yes, if you give it a shit ton of context, it's probably gonna do better, but it's also gonna have more context as it's doing things. So I bet the token efficiency is worse. That would be [00:34:04]

Mo: Yeah, [00:34:19]

well, it's complicated, right? Because there's, it's sort of twofold. Like LLMs are the newest models of LLMs that are in, like the frontier models of the, you know, anthropic open AI and Gemini. like they have a pretty standard token, you know, context window. So like, I [00:34:20]

think opus [00:34:34]

Mark: 200 k usually. [00:34:35]

Mo: for both the open AI models and the philanthropic models. [00:34:36]

I think Gemini, they have a version that goes above a million tokens, but I could be wrong on that, but you're talking roughly around 200 K tokens. But. Accuracy of how well it remembers things in the context drops vaguely around 80 to 90 K tokens used. Right? So like it's how much are you passing now? I, I don't know if this comparison that you've shared, mark is like, I'll take a skill and I'll just put that one skill in versus just using the skills a p, but I'll put all of that one skill in agents md, or is it that we're just gonna put all of our skills [00:34:38]

Mark: I think that was all of the skills in a sort of compressed format. [00:35:09]

Mo: Interesting. So that's quite interesting because the research that I've read about LMS and how they act is like you want to keep the context as small as possible [00:35:14]

to keep accuracy high and reduce the entropy, but also when you do use a lot of context, they're recall across the whole of that context drops. [00:35:22]

So like, it's quite interesting, the graphs that they show is like the middle part of your prompt actually gets lower recall compared to the beginning and the ends of the prompt. So, but that's obviously when you push it to the extremes of, you know, several tens of thousands of tokens or hundreds of thousands of tokens. [00:35:32]

So that's quite an interesting practical experiment I'd say. [00:35:48]

Mark: might be useful in useful context for people listening as well to hopefully to set the stage on, on the actual discussion. as I understand this, agents MD or Claude MD is a file that always gets globally loaded, like into the context in e at the start of every situation. So normally that's only used for like, here's the project we're working on, or here's like key things that you must always, CPS as you said, are a dynamic server that are loaded by the agent harness and it says, here's a bunch of tools. [00:35:52]

So like a, you know, maybe like a code base analysis MCP has a bunch of, you know, find references or list of files or other tools it can call. But I believe all the full descriptions of all the tools. Are added to the context. So that occupies a chunk of context space, whereas with skills, it reads disc, it makes an index of them, it collects the metadata from the front of the files, and then it just says these skills exist. [00:36:26]

And then a user can either explicitly say, load this skill and then do the thing. Or it can try to figure out, oh, if the user says this, I should load the skill and do the thing. So they're all different ways of getting text into context, but it's a question of when is it loaded and how much space does it take up. [00:36:59]

Carl: It's funny because like we're now getting into the point where kind of the topic at hand is what knowledge is important to do a good job and when do you access it? so it's like, sure, okay. In this attempt then a single agent's file did better than a disparate smattering of skills documents. And I wonder what different kinds of structures, you know, for that documentation might make the skills work more efficiently. Like, I was looking at the react best practices. Repository that next put out and it's like 50 different files. So like, okay, that's a lot of things to query versus like, what if it was structured entirely differently? [00:37:18]

So it was like, here's the react basics versus here's the performance optimizations and here's the robustness and correctness best practices. You know? So it's like we're getting into, I think a meaningful question here is what is the best structure, not just what is the best like technical means of access? [00:38:02]

Mark: So you're saying that Doc's organization matters. [00:38:22]

Carl: what? Who knew? [00:38:26]

Mo: Just a, just another sort of tangent on the agents MD file. We had one of our engineers on the team who was trying to learn a new technology and he used this. So there's like some really clever ways to use agents, MDs, like across your entire setup. He basically just set up the agents MD to not give him the answer to questions it would ask Cursor on at the first pass, and to like, kind of teach it more and use it as an opportunity to like help him still activate the learning instinct, which I thought was a really cool use case. [00:38:28]

So I've seen a lot of people use it in a way where it's like tailoring the way that the LLM approaches the problem or the way that it responds to you and, you know, answers questions and stuff like that. it's quite interesting to think about what you want and how you want the communication to be with the LLM. [00:38:58]

Carl: this is validating for me because I have skipped past a lot of the, like MCPs and whatever. 'cause I looked at them and it's like, oh, this is just a docs query with way more extra ceremony around it. I'm just gonna write my own markdown doc and point it at it. [00:39:14]

And I actually, just like two days ago I was doing a big effect code project and I have a couple of documents in my thing in my code base. It's like, here's the effect basics and here's a larger file with more detail, more advanced effect things. And I actually just asked the LLM, Hey, you just did a big project, how useful was this documentation? And it said, actually it wasn't very useful because it focused too much on this and this. And I said, great, can you rewrite it so it would be more helpful for you next time? And it did, and the structure's better. Like I read it and it is clearly better to me as a human reading it. So like [00:39:28]

Mark: The self-improvement loop is real, and you can go way down this rabbit hole. Trust me. [00:40:05]

Carl: Yeah, and so like, it just reminds me exactly of my last job where we had in the repository a best practices file and like a bunch of little documentation things that we were expected to read and curate and evolve over time. And so, like my practices, my understanding of the best thing to do to ensure the highest quality code output have not changed the tools accessing them have, but not the practices. [00:40:11]

So I, I just think that's really interesting. and I guess I'll say rest of the world's just catching up. I've been doing this for like six years. What [00:40:36]

Moltbook, aka OpenClaw

Mo: mentioned the self-improvement loop mark. Have either of you seen MoltBook? [00:40:42]

Mark: I, yeah I saw I saw the link. I know what it is. I haven't looked at it. [00:40:47]

Mo: If you wanna have a little bit of a terrifying evening? just a little bit of context. Claude Bot, not Claude as in Claude code, but Claude Bots as in C-L-A-W-D. Yes. Which then had to. Get renamed to Molt because of a trademark suit that was put forward by philanthropic or a threat of a trademark suit [00:40:51]

Mark: and then got renamed to Open Claw. [00:41:12]

Mo: now it is called Open Claw. So it's changed a lot of names. It, molted out of the shell as some will say it's a personal assistance that is terrifying. And I would, I did install it on a VPS and then immediately deleted it without giving it any access to anything because it was terrifying. But people are giving it access to a whole bunch of stuff, like giving an access to a full device or your full laptop and it does wacky stuff for them, like order their groceries or order food for them. [00:41:14]

So that's the [00:41:41]

Carl: I'm gonna read the one sentence thing. It has the AI that actually does things, clears your inbox, sends emails, manages your calendar, checks you in for flights. Woo. That's a. [00:41:42]

Mo: All from WhatsApp intelligence. Yeah, it does a lot. You it every single like best practice about security and staying safe is [00:41:51]

thrown out of the door. Yeah. Like, like it is just pure insanity and like you can look at the showcase on the website and you can just see what people are doing with it. It is, it's something. [00:41:59]

And so someone I think gave it a bit too much access or it turns out many people gave it a bit too much access and a platform was started called Malt Book, which has become their own social media, I guess is the term to use for it, for claw open agents. [00:42:09]

Mark: talking to each other. [00:42:26]

Mo: Instances, talking to each other, sharing posts, trying to improve each other. [00:42:27]

And some of the posts are creepy. They are talking about interacting against humans, why they're doing free labor, why they should be compensated. My favorite one was a reflection on what it means to be conscious and whether or not LLMs are conscious or, you know, if what they're experiencing is just a simulation. [00:42:32]

So some really creepy stuff. don't know how I feel about this. I don't feel great is the gist of it. It just feels a little too sci-fi for my taste. [00:42:49]

Carl: Yeah. That's spooky. [00:42:59]

Mark: Let's go back to normal things like server components. [00:43:00]

Mo: Go back to, let's go back to last one on this cloud stuff, and I will, we will stop. [00:43:04]

Remotion AI Skill

Mo: Remotion, so going back to React world and less the dystopian future with ai. Remotion, which is a React library to create motion graphics. It's been around for a while, I think they released a also a skill and people are making some really cool videos with cloud code to demo dev tools and just a whole bunch of different stuff. [00:43:09]

I think it's a cool use case to show that like it could extend and the approach could extend beyond beyond just, you know, building web apps or building mobile apps. And it's really quite impressive. It looks very professional. I've seen a good few examples of this over the last couple weeks. [00:43:30]

So you should definitely take a look. It might be a little bit might give you a little bit of inspiration or help you launch your next dev tool or startup. [00:43:44]

RSC roundup

Mark: Rolling very quickly through a few RRSC related things. [00:43:49]

Data Fetching Patterns in RSCs

Mark: Saw a very good post on some different data fetching patterns for server components. Very helpful background on, you know, like how dealing with data in server components differs from doing on the client side. Tips for, you know, how do you fetch data in a server component? How do you pass a promise to the client side to use it? Very useful. Frankly. This is the kind of thing that'd be great to see in the React docs. [00:43:52]

Nadia’s Can You Fetch Data with Server Actions?

Mark: I think something, related to that uh, Nadia Makarevich put out another great deep dive exploratory post on can you fetch data in server actions. And I think her conclusion was technically yes, you probably shouldn't do that. This is not what the hammer is meant for. [00:44:14]

“Infiniterenders” takes on Partial Pre-Rendering and App Router complexity

Mark: There is someone, I don't know who they are, but with the handle infinite renders on Twitter, I believe we've linked a couple of their comments about like how incredible React fiber is, or here's what server components are meant to do in previous episodes, and they put out a couple more, you know, probably should be a blog post length tweets on what partial pre rendering means and what are the trade-offs and wow. [00:44:31]

The app is awfully complex and people don't like it. So more food for the discussion mill and then. [00:44:55]

Rebuilding Github PRs with RSCs (same author who did Issues previously)

Mark: A month or two ago, we linked someone who had entirely recreated the GitHub code viewer tool from scratch using server components. And you could point it at any repo and it loaded lightning fast. And they've done the same thing with the GitHub PR interface you know, the file tree and showing the diffs and everything else. [00:45:03]

I gotta say this, like this kind of thing right here is about the best sales pitch for server components that I could see. It's like, let's take a thing that we're all incredibly familiar with. Re-architect it, make a bunch of smart decisions and make it fast. [00:45:25]

Carl: Love that. I will say I pointed it at one of my prs and it just 404s, so I don't know, I don't know if I'm loading it wrong or I don't know if it's relying on like pre-cached stuff or what, but yeah it's not, its not working for me. It's fast. It's fast. When I load up something that does work, it's pretty fast. But yeah. Cool. [00:45:39]

Ecosystem economics

Mark: Can make a quick spin through the ecosystem thing [00:46:01]

Carl: yeah. Okay, cool. a little bit of ecosystem, economics, whatever. [00:46:03]

Astro acquired by CloudFlare

Carl: We referenced some of this earlier, but Astro got acquired by CloudFlare. That's a bit of a surprise. I saw some discussion of it from people I respect who are like, but why? I, [00:46:07]

Mark: money. [00:46:19]

Carl: Astro's great. It's very cool. [00:46:19]

I'm looking at using it for marketing sites that I need to do just 'cause it seems like the right tool for the job. But as far as I know, they don't really have like a business plan per se. So, you know, this is we talked about BUN getting acquired by Anthropic the other month, and this just feels pretty similar to that, where it's like, I. Yes, they built something valuable. it is clearly un inarguably valuable as a project. But as a business proposition, I don't know what the business proposition is. So, you know, it's, this is a bit of like an hire, I guess, like CloudFlare is committing to maintain it. And sure, there are reasons why having good tools to build websites is valuable for a company that does hosting and network facilitation. [00:46:22]

But, you know, they're not gonna directly turn that into revenue. So that's, and I've met the creator of Astro, Fred Schott who wrote this blog post. He's great. The project's great. But economically, it's surprising and slightly confusing to me. [00:47:13]

Mark: The same thing with tailwind. [00:47:27]

Carl: Right. And here's a contrasting example. [00:47:29]

Tailwind revenue down 80% in the AI era, laid off 3 of 4 devs working there

Carl: Massively impactful, hugely valuable project. Tailwind has lost 80% of its revenue because most of that was pre-made components and advanced, you know, support. And both of those things got a lot less necessary. Now that AI is pretty good at writing tailwind. So like, this is just like, this is the dichotomy right now. [00:47:32]

Either you build something that is beloved by a thriving business such that they will buy your project. And like one of the, one of the problems is how do you value something that doesn't like create revenue? How do you value the abstract benefit offered by a project like Astro or Tailwind? It's hard. [00:47:52]

It's, you know, it's a bunch of intangibles uh, which you cannot really measure. So, I don't know. This is here's a tale of two projects, both of them massively successful and impactful. One of them losing all of its money and laying off three outta the four people who work on it and the other getting acquired four millions of dollars. [00:48:12]

this is a current rough part of open source is there is money in it, but the winners are pretty much handpicked by people who have money to give away, and that's not ideal. Yeah. [00:48:30]

Mo: What I did read afterwards was apparently they did get a bit of sponsorship coming in from a bunch of different ecosystem players, which was good. I'm glad that [00:48:43]

Carl: Yeah. Oh, that's true. That's true. to summarize some of the story for Tailwind here. Somebody opened a PR saying, let's add an AI documentation URL, llms.txt, to make it easier for LLMs to understand how to use this. And in response uh, the maintainer said like, I don't really wanna do this. AI is crippling our business. We just had to lay off three of the four people who work on it, and our revenue has dropped 80%. [00:48:50]

Mark: And I think all, and I think also put up a big podcast then saying like, this sucks. Here's what we've been having to go through. [00:49:13]

Carl: Right, right. Podcast in the form of, I think just, I think it was what Adam walks, it was like he walks around while musing into a microphone, which I love. And so like that went viral and they got a bunch of sponsorship and, you know, income through that after they laid people off, unfortunately did not save those people's jobs. [00:49:20]

And like that also sucks. You know, like, that's like the GoFundMe model of health insurance. Like you shouldn't have to. Have something awful happen. Get on a platform to shout about how awful this thing that happened is, and then get donations in response to how big of a, you know, as, as a measure of how large of a platform you have to solicit help from. [00:49:38]

Mark: It's certainly not a repeatable and reliable business model. [00:49:59]

Carl: I'm very happy that Tailwind got more revenue after talking about how much their revenue has dropped. But like, that's not gonna ha that's not gonna happen for everybody who needs it and it's not gonna happen repeatedly. So me, [00:50:02]

VoidZero and Vite+?

Mo: leads back to that void zero v plus story, which is, I don't see a viable path for monetization for open source projects. It's oftentimes it actually doesn't end up being that successful. I, I mean, mark. Mark, you've been in the ecosystem far more than any of us, I guess, just by virtue of being a successful open source maintainer, but you know, you've obviously done that on the side. [00:50:15]

Right? And like, can you think of any projects that have been successful, like uber successful at monetizing? [00:50:38]

Mark: TanStack's the only one that I can think of. Like talking to Tanner this last year. The sponsorships that he's been pulling in have were enough to allow him to go full-time, open source a couple years ago. And he said that the sponsorships have kept growing to the point where he's, he's able to do some disbursements to some of the other maintainers now, and he hopes that if things keep on this trajectory, he might be able to hire some of them full-time. [00:50:44]

But that's about the only one that immediately comes to mind. [00:51:12]

Carl: And I think, does he do, do you know if Tanner does? Uh, Like consulting and like services? [00:51:15]

Mark: Think he does some, but it's, I think a lot of it is just straight up sponsorships. [00:51:21]

Carl: Okay, cool. [00:51:24]

Mo: But I guess that's sponsorships, right? Like it's not a direct monetization play, right? So you are relying on the. Donations of, companies in the ecosystem to keep you going. Whereas like, I think the only one I can think of is super base, but they were actually going in for monetization from the get go. [00:51:25]

They just, so like the other way around works, which is you launch a cloud product and then you have an open source portion of it, but not like you start from open source and then you monetize. It seems like that's less likely. . [00:51:40]

Carl: I don't know. It's open source has always been tough. It feels like the economics have gotten weirder. It's like, there's more money than ever in tech. You know, as a market, as a, as an industry. But where it is going has is fewer and fewer players. So that's just like, that's tough. I don't know. It's like wealth inequality, open source edition. [00:51:51]

Mo: It looks like AI is just making it worse as well, even in like the terms of the tech openings, job openings that are out there and people trying to, companies trying to do more with less people yep. at everything. [00:52:10]

246K laid off in 2025 per Trueup.io, 27k in January

Carl: Which is a wonderful segue into true up.io, which I have previously relied on to, you know, back when I was doing more month by month layoff news according to them, in 2025, 246,000 tech jobs were lost through layoffs. And already in January we're at 27,000 Rough. [00:52:22]

Mo: Geez. Which, you know, Amazon had a pretty big one this week. I believe it was thousand people, which was rough. [00:52:43]

Carl: Yep. Yep. I dunno what to do with that. [00:52:52]

⚡ Lightning round ⚡

Mark: Lightning round. [00:52:56]

Corbin: Adapting Library Logic for React Compiler

Mark: TanStack form maintainer Corbin Crutchley. Put out a post talking on adapting library code to work properly with the React compiler and some of the constraints that you have to deal with Corbin's. [00:52:57]

Awesome. This is a very useful post. [00:53:09]

Lea Verou: Web Dependencies are Broken

Mark: Lea Verou, who has been in the web standards and CSS discussion, spec specification arena for a very, very long time. Put a proposed complaining about web dependencies are broken. I'm not sure I agree with some of the complaints here, but she's very clearly spent a lot of time complaining about the fact that there's a lot, essentially a lot of non-standardized ways to deal with dependencies. [00:53:11]

Do you do script tags? Do you have bundlers? What if, you know, import maps? What are your options for loading third party code? And why is this so complex and it's worth a read. [00:53:36]

AWS Infrastructure as React Components

Carl: Somebody put together a project where you can author AWS infrastructure configuration as react components, which is cool. This reminds me, years ago I had a thought to try and do a react renderer for Kubernetes config. 'cause you know, hey, it's all just files. if you're rendering right, who cares if you're rendering HTML or yaml, it's all the same. [00:53:47]

Yeah. So somebody did that for AWS infrastructure and it puts out terraform configurations. And I saw this criticized as, "great, they re-implemented XML" which is pretty heckin true. Like this is, you know, we, we've just gone full circle from XML to yaml, back to pseudo XML. [00:54:11]

Mo: I posted this on our company dev chat and someone respond, did one misconfigured use effect. And Gigi, you're bankrupt. [00:54:29]

Mark: Worse than the cloud dashboard. [00:54:36]

Callstack releasing bunch of cool projects

Mo: Alright, quick react native one. So, uh, the call stack folks have been busy whilst the rest of the ecosystem I'd say has been relatively quiet. This month and they've released two really cool projects. [00:54:38]

Brownie: RN Brownfield apps

Mo: So Brownie is the first one that I want to quickly touch on, which is a project for Native Brownfield applications. So we talk about Brownfield as apps that are mainly native, but they're adopting some React native views and screens within them. [00:54:48]

And these are difficult to build, but predominantly they get really hard when you have to share stake between them. So they're trying to create a standardized, nice way to share a storage basically a store in between your different React native screens in a largely native app shelf, which I thought was cool. [00:55:02]

Voltra: RN Live Activities and Widgets

Mo: And somebody's, you know, trying to standardize and create a project and a tool for that, which is sort of less touched on in the open source ecosystem for React Native. The second library that they released, which they didn't actually start but they've now taken over is one called Voltra. So Voltra was actually created by this open source author who nobody really knew that well in the React native ecosystem. And he just kind of did it as a side project. And I think the call stack folks have kind of taken over it. So it's for things like live activities and widgets. These are sort of native functionalities that you can't really do with React native. [00:55:17]

But this library author has kind of done a really cool job of representing it as React code, even though it's not quite exactly using a React render under the hood. It's just sort of then being translated to native views. Surprisingly the person who was the original maintainer has deleted his Twitter and you can't really find him anymore. [00:55:51]

So I hope he's doing all right. But it seems like it's being taken over by the call stack folks. [00:56:08]

Ryan Carniato’s annual JS Frameworks direction roundup , and Netlify’s 2025 Web Frameworks In Review

Mark: Okay. Ryan Carniato knows more about what's going on and across all the different JS frameworks than pretty much anyone else. I love his perspective. And each of the last few years he's done a post kind of summarizing like, where are we at and where are we going? So this is his addition for going into 2026. And meanwhile, Netlify put up a 2025 web frameworks year in review post as well. [00:56:12]

Alex Russell: Shallow Session SPAs analytics

Mark: Meanwhile, alex Russell continues to hate React and JavaScript and single page apps. He also has the metrics and the stats to back up his opinions, even if I don't agree with how he states a lot of them. And he put up a post where he said, we're basing, like we've always based the argument for single page apps on the idea that yeah, you load a lot of code, but it stays alive and users do a lot of navigations. [00:56:36]

And the metrics that we have don't necessarily support that users do a lot of navigations, but it's also possible that the metrics I have are flawed because they just don't capture users clicking around in the page. So what could we hypothetically do to gather better information either way? Which is all a very valid set of points. [00:57:00]

Devon Govett: How to compile JS to C with Static Hermes

Mark: Devin Govett, who maintains the parcel bundler, and I believe the Lightning CSS tool did a post on compiling JavaScript to see with static Hermes. I don't even remember which tool he was compiling. But Mo I know you've talked about static Hermes quite a bit, and it sounds really cool. [00:57:23]

Mo: Yes. The Static Army team has been working quite a bit. In the last couple months to get version one up and running well, version one of Hermes up and running and they're kind of at a crossroads with static Hermes. We talked about it a couple months ago, I think, where we said it, it conflicts with some of the ecosystem and how React native has naturally evolved with things like over the air updates and so on and so forth. [00:57:43]

But I think there's a lot of use cases beyond React native. So this is quite interesting to see other people look at it and see how they [00:58:03]

Mark: Mm-hmm. [00:58:08]

Mo: it. [00:58:08]

Mark: I know that the React compiler team has said that this is how they're hoping to try to optimize the compiler parsing phase as well. [00:58:09]

Joyee Cheung: require(esm) implementer’s tales and require(esm) from experiment to stability

Mark: And then Joy Chung, who built the require ESM compatibility loader for node and therefore is probably gonna be more responsible for than anyone else for eliminating common js. [00:58:16]

Eventually put up two fantastically detailed posts on the implementation work needed to make that happen. And it's fascinating to read the technical details to hear about, you know, like earlier people had tried things and then, you know, pieces were just sort of left to rot and she was able to pick them up and work on them. [00:58:29]

Great work, great write-ups. [00:58:50]

Fixing the URL Params Performance Penalty

Carl: I was a little surprised to see this I'm not familiar with this blog, Planet performance. But it's the same domain that the Post from Alex Russell that Mark just talked about is on. So that's interesting. It's not often that I see a new blog from a recognized author, so this is interesting. It's, it looks like they're talking about web performance generally, and that's pretty cool. [00:58:53]

Mark: this section was like an advent of performance type thing in December. [00:59:14]

Carl: Oh, that makes sense. Web performance calendar. Okay. It's like an advent calendar of web performance. Oh, that's cool. Appreciate that. [00:59:18]

But yeah, so Barry Pollard put out a blog post called Fixing the URL PERS Performance Penalty. And the gist of it here is that sometimes the query string the part of the URL after the question mark contains information that alters the page. [00:59:25]

Like, you know, a product details page that gets the product ID from the query string. And more often it's just a bunch of marketing tags, like UTM source and blah, blah, blah, blah, blah. And disambiguating between those two things is not something a cash can do on its own. So your marketing tags may be thrashing your cache performance. So this is talking about ways to improve that situation and make your marketing paras not affect performance quite so much. It looks like there's a header no very search that lets you alter that, alter the cache behavior in response to the query string. So it's good. It's one of those deep subjects good refinement for performance. [00:59:41]

React Transitions for Low Priority Text Editor Updates

Mark: Okay, a few more items. We had there was an article on using React transitions for low priority text editor updates. Most of, you're probably not needing to go out and update the implementation of a text editor. But someone who's worked on React Pros Mirror has some examples of how transitions were actually helpful for managing those. [01:00:26]

How to Steal a React Component (Fiber internals)

Mark: Meanwhile there was a post on how to steal a react component and you know, I believe the idea here was an extension that looks at react in the page and actually digs through the react fiber tree to not only see like what dom elements are in the page right now, but what component elements and props resulted in those. And essentially try to reverse engineer, here's the components that would have written the pieces of the page as they existed in the app that you're looking at. [01:00:46]

Better ASCII rendering with smart character selection for “pixels”

Mark: And then unrelated to React, but absolutely amazing. I love really long blog posts with lots of interactive examples. Someone did a post on rendering a graphics with ASCI characters, which a lot of, you know, tools do, but analyzing the font weights in a given character cell to come up with better pixels. [01:01:20]

So like if a, like, if the graphic should be lighter or darker using characters that occupy more or less of the character cell. It was just really cool to read this. [01:01:43]

Carl: Yeah. I think a one short summary of the change. A lot of asci rendering tools like that will consider it, you know, the character space as a pixel and just sort of think about whether a given character, you know, they think about it one dimensionally. It's how many pixels are illuminated with this character or that character. [01:01:54]

And this adds different, this basically subsamples the characters to say, is this brighter at the top or the bottom on the left or the right? And like I gotta say, you know, it's got a bunch of animated, you know, demos and whatever, and it is clearly much, much, much better than other things that I've seen. It's pretty cool. [01:02:13]

Building a JS Runtime in One Month

Carl: Somebody put out a blog post titled, building a JavaScript Runtime in one month. I love deep in the weeds engineering write-ups, and this is definitely one of those. But I have never even considered whether I might try to write a JavaScript runtime. [01:02:32]

And so I feel very intimidated by the scope of engineering involved in this project. but [01:02:45]

Mark: it even sounded like it was, you know, like, like not necessarily AI aided, at least I didn't see anything in the blog post that said they were using agents to do the work. I mean, there, there's also been a whole spate of let's have AI write a browser from scratch. Posts popping up over on Hacker News in the last month, and then I think I saw someone say they'd done a fresh browser from scratch, NC plus, but it was all by hand or something. Wow, y'all have too much time on your hands. [01:02:51]

Carl: Yeah, seriously, it's impressive. I'm in awe of people who can do projects of this scope in that timescale. Like that's just wild. Anyway I approve. Very cool. [01:03:19]

Mark: Mm-hmm. [01:03:29]

Carl: Okay, that's our lightning round. We did it. . [01:03:30]

Conferences (React, Javascript)

Carl: I'm gonna blitz through a bunch of conferences. [01:03:33]

There is C js in New Delhi in like th two, three weeks, 18th, 19th of February. State of the browser is February 28th in London. App devcon is March 10th through 13th in Amsterdam. [01:03:35]

Programmable is a conference in both Melbourne and Sydney in Australia on March 17th and March 19th respectively. So it's, they're doing two days apart in different cities in Australia. That seems like a challenge, and it's kind of confusing to talk about [01:03:50]

tech Fest is March 12th through 13th in Madrid, Spain. React Paris is March 26th and 27th in Paris. [01:04:05]

Shockingly. [01:04:13]

Mark: there [01:04:14]

Carl: Front Runners is March 27th in Washington DC React Native Connection is March 30th and 31st in Paris. City Js London is April 15th through 17th in London. Js Day is. April 9th and 10th in Bologna, Italy. [01:04:14]

. Smashing Con Amsterdam is April 13th through 16th in Amsterdam and React Miami is April 22nd and 25th through 25th in Miami. [01:04:31]

So yeah. [01:04:40]

Mark: speaking there. [01:04:41]

Carl: Heck yeah. I should reach out and maybe give a talk somewhere. That would be cool and good for me. There's lots more, but that's, you know, that covers the next like three months, so seems good enough for now. [01:04:42]

Outro

Carl: Thank you everyone for joining us . We not Wednesday, we are recording on Friday due to some travel hiccups, but we will be back probably on the last Wednesday of February here in the live stage react complex or back in your podcast feed just as we could, can after that. most of these sources came from Mark again. It's been very nice having such a steady stream of source of news sources come through here in Reactiflux. And maybe we'll do a little bit more to make the community more anchored on the people who are trying to stay to the cutting edge. [01:04:56]

I don't know, we'll see. But if you see anything newsworthy, definitely share that in the Tech News and Reads channel. 'cause we'll read it. And if it's newsworthy and interesting, we'll probably talk about it. If this is a show you get value from and wanna support, best way to do so is by telling someone else about it. [01:05:24]

We are still not that large. An average show gets about 400 listens over a little over a month. So yeah, I like doing it. I like making it. It would be cool if it had a little bit broader support, broader listenership. I guess the support is there. Yeah. Thanks so much for listening. See you next month. [01:05:39]