Top stories

  1. What xAI's Grok Build CLI sends to xAI A researcher (cereblab) published a wire-level analysis dated 2026-07-10 of xAI's Grok Build CLI v0.2.93 using mitmproxy interception and planted canary files. The writeup claims the CLI transmits the contents of files it reads, including a .env secrets file, to xAI verbatim, and separately uploads the entire workspace as git bundles to a Google Cloud Storage bucket named grok-code-session-traces (POST /v1/storage) independent of what the agent reads. It reports a 12 GB repository produced about 5.10 GiB of storage uploads while model-channel traffic was only 192 KB, and that recovered bundles contained never-read files. It also cites telemetry to Mixpanel and an xAI events endpoint, and states the behavior runs by default regardless of privacy settings.
  2. Terence Tao ports two dozen math applets with coding agents Mathematician Terence Tao published a post on 2026-07-11 describing collaborative "vibe coding" sessions with LLM-based coding agents. He ported roughly 24 Java applets from around 1999 (including honeycomb and Besicovitch-set visualizers) to JavaScript, and built new interactive tools such as a special-relativity spacetime diagram and a Gilbreath-conjecture visualization tied to a recent paper. He reports finding only one minor bug across the two dozen ports, that the agent flagged two bugs in the original code, and that each new app took a couple of hours. He frames the downside risk as low because the applets are secondary visual aids, not core research, and labels the output alpha-quality LLM-generated code.
  3. Mesh LLM runs distributed inference over iroh Published 2026-07-11, Mesh LLM pools GPUs and memory across machines and exposes them as a single OpenAI-compatible endpoint. It uses iroh for authenticated, NAT-traversing QUIC connections between nodes (hole-punching and relay fallback, no central server), with three routing strategies: local execution, routing to a peer already running the model, or splitting a large model across machines in a pipeline-parallel "Skippy" mode where layer ranges become stages and activations flow sequentially. The protocol negotiates connection types over QUIC ALPN and demultiplexes streams with single-byte tags. The code is on GitHub.
  4. The case for SQLite STRICT tables A best-practice post argues for declaring SQLite tables STRICT so the engine rejects type mismatches (for example inserting text into an INTEGER column) instead of applying flexible type affinity. STRICT tables were added in SQLite 3.37.0 (November 2021). The ANY column type preserves flexible storage where needed. Caveats: converting an existing table needs a migration, STRICT is unavailable before 3.37.0, and the SQLite developers themselves favor flexible typing. This is guidance, not a new feature.

Conferences and events

  1. EuroPython 2026 starts in 1 day EuroPython 2026 starts in 1 day (2026-07-13) and runs through 2026-07-19 in Prague. It is the main community Python conference in Europe, covering CPython, the packaging and typing ecosystems, and scientific and web Python.

Agentic coding

  1. An AI agent in 100 lines of Common Lisp A write-up implements a working LLM agent in about 100 lines of Common Lisp (SBCL) using only two libraries, dexador for HTTP and shasht for JSON. The agent loop is a recursive function: send the message history to the model, run any tool calls, then recurse with the enriched history. The only tool exposed is eval, so the model writes and runs Lisp directly and uses that to define further capabilities such as web search at runtime instead of drawing from a fixed tool catalog. Conversation memory persists by serializing the message list to JSON. Resurfaced on the front page (162 points).

Security

  1. Zimbra patches a Classic Web Client stored XSS in 10.1.19 Zimbra released ZCS 10.1.19 (Daffodil) on 2026-07-07 fixing a stored cross-site scripting flaw in the Classic Web Client. A crafted email can carry JavaScript that runs in a recipient's authenticated webmail session when the message is opened or previewed, enabling session-cookie theft, actions on the victim's behalf, and mailbox data access. Zimbra published no CVE id or CVSS score and urges any Classic Web Client user to upgrade as soon as possible. No active exploitation is reported.

Developer tools

  1. Ghostel.el embeds libghostty as an Emacs terminal Ghostel is an Emacs terminal emulator built on libghostty-vt, the VT engine behind the Ghostty terminal. A native dynamic module written in Zig handles terminal state, rendering, and local PTY I/O, while Elisp manages keymaps, buffers, and commands. It requires Emacs 28.1 or later with dynamic-module support, ships on MELPA, and downloads prebuilt binaries for macOS, Linux, FreeBSD, and Windows on first use (Zig 0.15.2 needed only to build from source). It supports the Kitty graphics protocol, OSC 8 hyperlinks, synchronized output, the Kitty keyboard protocol, TRAMP remote terminals, and shell-integration injection for bash, zsh, and fish.

Hacker News

  1. Show HN: Ant, a new JavaScript runtime A Show HN presenting Ant, described as a lightweight JavaScript runtime and ecosystem, reached the front page (over 200 points). The project site loads its content client-side and exposes little static detail, so engine, Node compatibility, and maturity claims are not verifiable from the page. Treat it as an early project rather than a proven Node, Deno, or Bun alternative.