This month's panel digs into the SpaceX Cursor acquisition rumor and what a $60 billion valuation means for AI coding tools. They debate Bun's million-line Rust rewrite generated entirely by AI, the tradeoffs of agentic coding at scale, and a sophisticated CI/CD cache poisoning attack targeting TanStack. Plus: practical takes on Claude token optimization, session forensics, local AI models, and why most Claude Code skills work best when tailored, not pulled off the shelf.
Resources
SpaceX/Cursor deal, CNBC: https://www.cnbc.com/2026/04/21/spacex-says-it-can-buy-cursor-later-this-year-for-60-billion-or-pay-10-billion-for-our-work-together.html
Fortune, Cursor's uncertain future: https://fortune.com/2026/03/21/cursor-ceo-michael-truell-ai-coding-claude-anthropic-venture-capital/
GitHub Copilot usage-based billing announcement: https://github.blog/news-insights/company-news/github-copilot-is-moving-to-usage-based-billing/
Developer backlash, Visual Studio Magazine: https://visualstudiomagazine.com/articles/2026/04/27/devs-sound-off-on-usage-based-copilot-pricing-change-you-will-get-less-but-pay-the-same-price.aspx
"The IDE Is Dead, Long Live the ADE", Indie Hackers: https://www.indiehackers.com/post/the-ide-is-dead-long-live-the-ade-0d81e9da3d
Companies spending crazy money on AI coding tools, Medium: https://medium.com/@Reiki32/companies-are-spending-crazy-money-on-ai-coding-tools-while-developers-burn-out-efe5908f3dda
The PR: https://github.com/oven-sh/bun/pull/30412
The Register writeup: https://www.theregister.com/devops/2026/05/14/anthropics-bun-rust-rewrite-merged-at-speed-of-ai/5240381
The 13,000 unsafe blocks piece: https://byteiota.com/bun-rust-rewrite-merged-the-13000-unsafe-block-problem/
TanStack postmortem: https://tanstack.com/blog/npm-supply-chain-compromise-postmortem
TanStack hardening follow-up: https://tanstack.com/blog/incident-followup
StepSecurity writeup (the researcher who caught it): https://www.stepsecurity.io/blog/mini-shai-hulud-is-back-a-self-spreading-supply-chain-attack-hits-the-npm-ecosystem
SOC Prime writeup: https://socprime.com/active-threats/active-supply-chain-attack-compromises-node-ipc-package
We want to hear from you!
How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend?
Fill out our listener survey! https://t.co/oKVAEXipxu
Let us know by sending an email to our producer, Elizabeth, at elizabeth.becz@logrocket.com, or tweet at us at PodRocketPod.
Check out our newsletter! https://blog.logrocket.com/the-replay-newsletter/
Follow us. Get free stickers.
Follow us on Apple Podcasts, fill out this form, and we’ll send you free PodRocket stickers!
What does LogRocket do?
LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understanding where your users are struggling by trying it for free at LogRocket.com. Try LogRocket for free today.
Chapters
00:00 Introduction
01:00 The $60B SpaceX Cursor deal
08:00 Token costs rising — the rug pull is real
09:30 Local models and sub-agent routing
12:00 Session forensics — cutting Claude token waste
15:00 Bun's AI-generated Rust rewrite
18:00 Should AI rewrite core infrastructure?
23:00 Does runtime choice even matter anymore?
29:00 The TanStack supply chain attack explained
33:00 How the GitHub Actions cache poisoning worked
36:00 Is GitHub Actions too flexible?
39:30 Ad break
40:00 Hot take — you'll be okay (local models and hardware)
42:30 Hot take — "They Will Kill You" (Jack's movie rec)
43:30 Hot take — stop hoarding Claude Code skills
46:00 Wrap-up
Special Guest: Jack Herrington.
España