💬 Editor’s Note

This is the first issue under the new shape. If you missed why I restructured the whole thing, and what’s actually live versus what I’m still building, Update Night isn’t one thing anymore is the map. This is the part where we get back to the news.

The week’s angle picked itself. GitHub spent four days quietly undoing developers’ work, then shipped a critical RCE on top of it, then Mitchell Hashimoto walked Ghostty off the platform. That’s not a bad news cycle. That’s the substrate moving.

Underneath all of that, Microsoft and OpenAI rewrote their partnership in public, Google parked forty billion dollars at Anthropic, and Stripe’s CLI started orchestrating people’s entire backends. None of those moves are reversible by Friday.

📰 Top News

GitHub silently reverted merged PRs

For 4.5 hours on April 24, merging a PR could randomly undo previously merged commits with no warning. GitHub’s own status page confirms it, and engineers like Elliott Pinkus and David Xia walked through the blast radius on X. The fun part: there’s no clean way to detect what got rolled back unless you were watching the diff in real time, which means an unknown amount of “lost work” is right now sitting silently in main on someone’s repo.

https://www.githubstatus.com/incidents/zsg1lk7w13cf

Microsoft and OpenAI redrew their partnership

Microsoft is ending its exclusive license to OpenAI’s tech, and the two are restructuring the relationship to give OpenAI more freedom on infra, hardware, and consumer products. Reuters confirmed the exclusivity sunset; Microsoft’s own post calls it the “next phase”. Translation: OpenAI now gets to ship competitive consumer hardware and pick its own clouds, which is a big deal for everyone who built on Azure-only OpenAI thinking that was a forever assumption.

https://blogs.microsoft.com/blog/2026/04/27/the-next-phase-of-the-microsoft-openai-partnership

Google is putting up to $40B into Anthropic

Forty billion in cash and compute. The cash half is just the cash half. The compute half is the part nobody’s pricing in: Google gets to lock more Anthropic workloads onto TPUs, which quietly boxes Nvidia out of one of its biggest near-term customers and gives TPU a credible second flagship tenant after Gemini.

https://techcrunch.com/2026/04/24/google-to-invest-up-to-40b-in-anthropic-in-cash-and-compute

China blocked Meta’s $2B local deal

Yahoo Finance confirms regulators killed Meta’s $2B deal inside China. The framing in most coverage is “another China tech block”, but the more interesting read is that Meta tried to land anything inside China at all in 2026, after a decade out. The block was the expected outcome. The attempt is the news.

https://finance.yahoo.com/sectors/technology/articles/china-blocks-meta-2-billion-095700004.html

Stripe’s CLI now replaces your backend

projects.dev is built into the Stripe CLI and orchestrates infra across multiple providers. It’s not “deploy a function”. It’s “scaffold the database, the queue, the auth, and the payments layer in one command, with Stripe as the spine.” Stripe is no longer a payments company doing dev tools on the side. It’s a backend platform that happens to own checkout.

https://projects.dev

🕵️ Undercovered

Wiz dropped a 9.x GitHub RCE the same week

CVE-2026-3854: a remote code execution vulnerability in GitHub itself, disclosed by Wiz. Sandwich it between the merge-revert bug and the multi-day availability issues GitHub blogged about, and the picture is bleaker than any single one of those incidents. If you run a GitHub-backed CI pipeline, this is the patch-now item.

https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854

Mitchell Hashimoto is moving Ghostty off GitHub

The HashiCorp co-founder wrote a long, calm post explaining why he’s pulling Ghostty (his terminal project) off the platform. It’s not a tantrum. It’s a procedural list of incidents that compounded, which is more damning. Combined with this week’s outages and the Wiz RCE, it reads like the first crack in the “you have to be on GitHub” assumption.

https://mitchellh.com/writing/ghostty-leaving-github

Chrome’s TPM-bound cookies are quietly here

Chrome 130+ requires expired session cookies to sign a server challenge with a TPM-held private key before getting refreshed. In English: stolen cookies stop working the moment they leave the device they were minted on. Nobody else supports it yet, and most websites haven’t implemented the server side. But it’s shipping in Chrome stable, which is how this kind of thing always wins.

https://security.googleblog.com/2026/04/protecting-cookies-with-device-bound.html

Someone published a serious GitHub fake-stars investigation

awesomeagents.ai walked through how widespread fake-starring still is on GitHub, with concrete examples and patterns. The repo-trending leaderboards everyone uses to vibe-check projects are, more often than anyone wants to admit, fiction. Worth reading if you’ve ever made a “300 stars in a week, must be hot” decision.

https://awesomeagents.ai/news/github-fake-stars-investigation

SGLang has a 9.8 CVE that hands attackers your inference host

CVE-2026-5760, CVSS 9.8. SGLang is one of the most-used open-source inference servers, and the exploit lets an attacker pop the host running your model. If you’re self-hosting LLM inference and haven’t patched, this is the single most important link in this issue.

https://thehackernews.com/2026/04/sglang-cve-2026-5760-cvss-98-enables.html

OpenAI explained where the goblins came from

OpenAI published a writeup tracing the recurring fictional characters and tonal ghosts that show up inside its models across versions; the “goblins” of the title. It’s the first time a frontier lab has talked publicly about its models containing coherent personas that survive training runs. Read it for the specifics, not the hand-waving.

https://openai.com/index/where-the-goblins-came-from

🗄️ The Vault

Flow (Google’s music app)

Google shipped a music generation and editing app that’s actually different from Suno. Per-track fine controls, individual stem editing, real timeline-style arrangement. Not to be confused with the other Google Flow, the one for video. This one’s at flowmusic.app and gets surprisingly close to “Logic Pro for prompts.”

https://www.flowmusic.app

e2b-dev/surf

E2B’s open-source agent that browses the web, fills forms, and clicks buttons inside one of their sandboxes. The interesting part is the harness: the sandbox is the durable bit, and surf is just the agent-shaped UI on top. If you’ve been hand-rolling browser-use, this is the cleanest reference implementation right now.

https://github.com/e2b-dev/surf

claude-context

Zilliz’s drop-in context pipeline for Claude. Indexes your codebase into Milvus, surfaces the relevant chunks to Claude Code or any Claude API caller. It’s the open answer to “why does my Claude not know my repo?” without paying for a third-party indexer.

https://github.com/zilliztech/claude-context

lightpanda

A headless browser written for AI agents, not for humans. Drops the rendering work browsers do for end users (compositing, animations, font shaping) and keeps the DOM and JS surface agents actually need. Faster, lighter, and built specifically so an LLM can reason about the page without spinning up a 1.5GB Chrome image.

https://lightpanda.io

Cursor’s TypeScript SDK

Cursor shipped a TypeScript SDK for programmatic agent control. You can drive Cursor from your own scripts, automate refactors, or run agents in CI. This is the move that turns Cursor from “an editor with AI” into a platform other tools build on.

https://cursor.com/blog/typescript-sdk

vercel-labs/portless

Vercel’s experiment in dev tunnels that don’t require exposing local ports. Useful if you’ve been duct-taping ngrok and tailscale together for webhook testing.

https://github.com/vercel-labs/portless

🔥 This Week’s Pick

GitHub spent the week breaking the substrate

The merge-revert bug landed first. For 4.5 hours on April 24, merging a PR could silently undo previously merged commits, and there was no clean way to tell which ones got rolled back unless you were watching the diff in real time.

Then GitHub posted “an update on availability.” That’s the corporate phrasing for admitting the platform was unstable for a meaningful chunk of the week. Then Wiz dropped CVE-2026-3854, a remote code execution vulnerability in GitHub itself. Then Mitchell Hashimoto wrote a calm, procedural post about pulling Ghostty off the platform. Then someone published a fresh investigation showing GitHub’s star counts are partially fake.

That’s five separate stories about the same surface in seven days. None of them on their own moves the needle. Together, they’re the first time in a long time that “you have to be on GitHub” stopped feeling like a tautology.

The reason this matters isn’t moral. It’s structural. GitHub is the substrate developers, AI agents, and CI systems all assume is just there. When the substrate randomly reverts your work, exposes RCE, and a senior open-source maintainer publicly walks, the assumption starts to crack. The next year of self-hosted Forgejo, Gitea, and Sourcehut adoption probably traces back to this week.

https://github.blog/news-insights/company-news/an-update-on-github-availability

🧪 This Week’s Experiments

• Audit any PRs you merged into a critical repo on April 24, and diff them against your expected state

• If you self-host SGLang, patch CVE-2026-5760 today, before doing anything else this week

• Install the Stripe CLI and run projects.dev against one side project to see how much glue code it actually replaces

• Reread Mitchell’s Ghostty post and write down the one thing about your own GitHub dependency that worries you most

• Try flowmusic.app for one track, and see whether stem-level controls actually beat Suno for what you make