Changelog Master Feed Astral has been acquired by OpenAI (Changelog News #184)
18 snips
Mar 27, 2026 Michael Greenwich, founder and CEO of WorkOS, explains AuthKit and CLI authentication in simple terms. He breaks down the device grant flow and why secure browser-based login matters for terminal apps. Short, clear takes on real-world use cases and developer tooling trends.
AI Snips
Chapters
Transcript
Episode notes
Astral Acquisition Shows Agents Are Eating Dev Tools
- Astral joining OpenAI signals developer tools gravitating into the coding agent stack.
- Adam Stacoviak notes Astral's UV, Ruff, and TY moving from standalone tools into Codex shows agents will absorb linters and dev workflows.
AI Middleware Now A Supply Chain Attack Surface
- LightLLM compromise demonstrates AI middleware is now a critical supply-chain risk.
- The attack used a malicious .pth file and stolen publishing tokens from an unpinned CI security scan, exposing API keys and dev machines.
Respond Immediately If You Installed Compromised LightLLM
- Treat installing compromised LightLLM versions as an incident and respond immediately.
- Adam advises checking where the package ran, rotate exposed credentials, and inspect CI and developer machines first.