The Changelog: Software Development, Open Source

Astral is joining OpenAI, which says a lot about where the center of gravity is moving for developer tools, LiteLLM got hit by a nasty supply-chain attack, and OpenCode blew up as the latest serious open source swing at the coding-agent stack. We've also got Rust doing a very public reality check on its own pain points, WorkOS pushing AuthKit into CLI auth, Ryan Lizza using AI to build an open source TurboTax alternative, and a fresh httpx fork that turns open source maintenance drama into a real dependency story. If nothing else, this week was a good reminder that tools, trust, and control all move together.

Adam talks with Tailscale co-founder and Chief Strategy Officer David Carney about where Tailscale is headed next: TSIDP, TSNet, multiple tailnets, and Aperture. They get into clickless auth (via TSIDP), TSNet apps, multiple tailnets for isolation and control, and Aperture, Tailscale’s private AI gateway for API key management, observability, and agent security.

This week's been wild — Iran bombed AWS data centers to take down Claude, OpenAI dropped GPT-5.4 (and it's seriously good for coding), and living brain cells are literally playing DOOM. We've also got a heartfelt take on what it feels like to be a 10x engineer in the age of AI, plus some cool new tools like Handy for speech-to-text and web haptics. Oh, and new MacBook Pros with M5 Pro and M5 Max are up for pre-order. Try not to impulse buy (or do).

Adam and Jerod get into the news, Jerod officially retires from the pod (and Changelog), plus a bonus for our Changelog++ subs!

Burke Holland works on GitHub Copilot by day and codes with his AI agents always. Early January, Burke posted about how Opus 4.5 changed everything. We were all still buzzing from the holiday-season 2x usage bump Claude gave us, and Opus 4.5 felt like a genuine step function in capability. Burke and I get into all the details. Opus 4.5 may have started the fire, but GPT-5.3 Codex is certainly living up to the hype.

Wes McKinney on the mythical agent-month, install Peon Ping to employ a Peon today, Andreas Kling explains why Ladybird is adopting Rust, Cloudflare has a new MCP server that's quite efficient, and Elliot Bonneville thinks the only moat left is money.

Steve Ruiz joins us for a deep-dive on tldraw (a very good free whiteboard) and the business he's built selling SDKs that help others build very good whiteboards (and more) with tldraw's high-performance web canvas. Along the way, we discuss the excitement/fear we share about keeping our agents busy, how SDK and infra companies are affected differently by agentic software than SaaS companies, how Steve is approaching the coming era of internal tooling, what will happen when we equip LLMs with an infinite canvas, and more.

Peter Steinberger joins OpenAI, ZeroClaw is "claw done right", MimiClaw runs on a $5 chip, Steve Yegge on managing the AI Vampire, and the day the telnet died.

Our ol' friend, Brett Cannon, is back to talk all things Python. But first! Star Wars, Machete Order, Lost, Babylon 5, Game of Thrones, Murderbot, Ted Lasso, Project Hail Mary, David Attenborough, perpetual voice rights, and the AI uncanny valley.

Paul Dix joins us to discuss the InfluxDB co-founder's journey adapting to an agentic world. Paul sent his AI coding agents on various real-world side quests and shares all his findings: what's going to prod, what's not, and why he's (at least for a bit) back to coding by hand. Update: He's back to letting the AIs write code, but with a lot more oversight. For now…

Mitchell Hashimoto's trust management system for open source, Nicholas Carlini has a team of Claudes build a C compiler, Stephan Schwab recounts the history of attempted developer replacement, NanClaw is an alternative to OpenClaw, and Sophie Koonin can't wrap her head around so many people going so hard on LLM-generated code.

Amal Hussein returns to tell us all about her new role at Istari, what life is like outside the web browser, how she's helping ambitious orgs in aerospace, what the SDLC looks like in 2026, and a whole lot more. Wait, moon vacuums?!

In May of 2025, Docker launched Hardened Images, a secure, minimal, production-ready set of images. In December, they made DHI freely available and open source to everyone who builds software. On this episode, we're joined by Tushar Jain, EVP of Engineering at Docker to learn all about it.

Jason Willems believes the tech monoculture is finally breaking, Don Ho shares some bad Notepad++ news, Tailscale's Avery Pennarun pens a great downtime apology, Milan Milanović explains why you can only code 4 hours per day, and Addy Osmani on managing comprehension debt when leaning on AI to code.

We discuss the buzz around Clawdbot / MoltBot / OpenClaw, how app subscriptions are turning into weekend hacking projects, why SaaS stocks are crashing on Wall Street, and what it all means.