GitHub's 2025 Hits: Agent Mode, MCP, and Spec-Driven Dev
GitHub's most-read posts of 2025 reveal a clear shift: agent mode, coding agents, and MCP dominated developer attention. Here's what actually matters for your workflow in 2026.
AI Dev Stack
Why Continuous Fuzzing Still Misses Critical Bugs
GStreamer was fuzzed for 7 years and still had 29 critical bugs. Poppler had 60% coverage and a 1-click RCE in a dependency. Here's why continuous fuzzing fails without human oversight — and how to fix it.
WRAP: GitHub's Framework for Getting Real Work Done with Copilot
GitHub engineers spent a year testing Copilot coding agent in production. Their takeaway: treat it like a junior dev, not magic. Here's the WRAP framework they built to actually clear backlog debt.
Windsurf Wave 13: Parallel Agents & Git Worktrees
Windsurf Wave 13 brings parallel agents, Git worktrees, multi-pane Cascade, and free access to SWE-1.5 for faster, safer coding workflows.
How Shai-Hulud Rewrote the Rules of Supply Chain Attacks
Shai-Hulud evolved from credential theft to self-replicating CI worms in weeks. The second wave added endpoint C2 and cross-victim credential harvesting. npm is shipping staged publishing with MFA approval to close the gap.
OpenSpec v0.17.2: Fix --no-interactive Flag
OpenSpec v0.17.2 fixes the --no-interactive flag to prevent spinner hangs in CI and pre-commit hooks.
OpenSpec v0.17.1: CLI Import Fix
OpenSpec v0.17.1 patches a CLI import issue in the config command. Quick fix for @inquirer/prompts initialization.