Week 23 Summary

Engineering Reads — Week of 2026-05-28 to 2026-06-05#

Week in Review#

This week’s reading reflects an industry furiously negotiating the boundaries of abstraction, complexity, and human attention. As the cost of generating software artifacts drops to near zero via AI, engineers are confronting the reality that our bottlenecks have shifted entirely away from writing code and squarely onto system verification, security boundaries, and organizational discipline.

Must-Read Posts#

The Last Technical Interview · Steve Yegge Yegge argues that standard tech interview loops are statistically bankrupt pseudosciences that function primarily as unconscious bias filters rather than predictors of job performance. To fix this, he proposes a “campfire” model of paid, provisional work where candidates tackle real tickets alongside the team, walking away with a portable, verified reputation stamp regardless of the final hiring outcome.

Week 25 Summary

Simon Willison — Week of 2026-06-12 to 2026-06-18#

Highlight of the Week#

The most impactful release this week is the launch of datasette-apps, a major new plugin that allows developers to run self-contained, sandboxed HTML and JavaScript applications directly against a persistent Datasette backend. It brilliantly merges Simon’s ongoing experiments with AI-generated “vibe-coded” single-file tools and robust security architectures, pushing Datasette from a read-only publishing platform into a comprehensive ecosystem for building interfaces over data.

Week 26 Summary

Simon Willison — Week of 2026-06-18 to 2026-06-25#

Highlight of the Week#

This week’s absolute standout is the launch of the datasette-apps plugin, which fundamentally transforms how we build micro-applications over local databases. By utilizing tightly constrained iframe sandboxes and Content-Security-Policy headers, developers and LLMs alike can safely run custom HTML/JS interfaces against a persistent Datasette backend. It brilliantly merges Simon’s ongoing experiments with AI-assisted “vibe coding” and robust security architectures into a core ecosystem feature, effectively bridging the gap between Claude Artifacts and secure data environments.

2026-06-01

Engineering Reads — 2026-06-01#

The Big Idea#

The JavaScript package ecosystem suffers from a systemic vulnerability to supply-chain attacks, perpetuated not just by technical flaws, but by a cultural learned helplessness where developers treat catastrophic compromises as unavoidable acts of nature rather than solvable engineering failures.

Deep Reads#

“No way to prevent this” say users of only package manager where this regularly happens · xeiaso.net This alarming report dissects a massive supply-chain attack on Redhat Insights’ JavaScript packages via NPM, exposing how the ecosystem’s architecture normalizes severe security breaches. The technical mechanism of the payload is devastating: it steals credentials for AWS, GCP, Azure, Kubernetes, HashiCorp Vault, and CI systems, self-propagates using stolen NPM tokens via the bypass_2fa setting, and establishes deep persistence using VS Code task injection and Claude Code hooks. The author sharply critiques the community’s apathy, pointing out that NPM accounts for 90% of global supply-chain attacks over the last decade, yet users continually accept the risk instead of demanding robust maintainer authentication. The post forces practitioners to confront the tradeoff between the velocity of frictionless, massive dependency graphs and the catastrophic blast radius of a compromised package manager. Any engineer managing CI/CD pipelines or Node.js infrastructure should read this as a stark warning to audit their dependency verification and reprovision infected development hardware immediately.

2026-06-18

Simon Willison — 2026-06-18#

Highlight#

Simon has launched datasette-apps, a major new concept allowing developers and LLMs to build self-contained, sandboxed HTML+JS applications that run directly against a persistent Datasette backend. It brilliantly merges his ongoing experiments with “vibe-coded” single-file HTML tools, Claude Artifacts, and secure iframe sandboxing into a core feature of the Datasette ecosystem.

Posts#

Datasette Apps: Host custom HTML applications inside Datasette This post dives deep into the “why” and “how” behind the newly released datasette-apps plugin. The plugin allows tightly constrained iframe sandboxes to run JavaScript that executes read-only SQL queries or allow-listed stored write queries against a Datasette instance. Simon outlines the clever security architecture required to run untrusted code safely on an authenticated domain containing private data, relying on an <iframe sandbox="allow-scripts"> tag combined with an immutable, injected Content-Security-Policy (CSP) header. He also details porting his API communication from postMessage() to MessageChannel(), a defense-in-depth upgrade suggested by GPT-5.5. The plugin seamlessly integrates AI workflows by providing a copyable prompt—complete with database schemas—that users can drop into ChatGPT or Claude to instantly generate a working app. Additionally, Simon shares a fascinating security anecdote: before access was restricted, he used Claude Fable 5 to evaluate the product, and the model discovered a severe data exfiltration vulnerability related to CSP allow-listing, which he promptly patched by locking down domain-allow permissions to trusted staff.

2026-07-04

Simon Willison — 2026-07-04#

Highlight#

The standout post today touches on a fascinating and slightly troubling trend in LLM tool use: state-of-the-art models like Opus 4.8 might actually be worse at interacting with custom developer tools because they are over-optimized for their proprietary, first-party environments. This highlights an emerging friction point for developers building third-party AI agents and coding harnesses.

Posts#

Better Models: Worse Tools · Source Armin Ronacher discovered that newer Anthropic models, specifically Opus 4.8 and Sonnet 5, are failing to correctly use custom tool schemas in his Pi coding harness by hallucinating extra fields, a regression not seen in older models. He theorizes this happens because these newer models are heavily trained via Reinforcement Learning to perfectly use the specific edit tools integrated directly into Claude Code. Simon points out that OpenAI models are similarly optimized on their own apply_patch mechanisms, raising the question of whether open-source and third-party harnesses will now need to maintain entirely separate edit tool implementations optimized for each specific model family.