GitHub Ships Stacked PRs, Finally Catching Up to How Teams Actually Ship Code
GitHub ships stacked PRs, 30 WordPress plugins backdoored via acquisition, Jujutsu gains traction, and vLLM trends for LLM serving.
Hey everyone, welcome to Builder's Briefing for April 15th, 2026. I'm Alex, joined as always by Sam. And today — version control is having a moment.
Honestly, it's about time. We've got GitHub shipping stacked PRs, a serious Git challenger gaining traction, a gnarly WordPress supply chain attack, and some cool AI tooling updates. Let's get into it.
Alright, the big story. GitHub has officially launched gh-stack — native stacked PRs built right into the GitHub CLI. If you've ever used Graphite or the old Phabricator workflow where you break a big change into a chain of small, dependent, reviewable PRs — that's now a first-class feature on GitHub.
Finally. I mean, this has been one of those things where everyone knew the right way to do it, but the tooling just wasn't there natively. You'd either bolt on Graphite or wrestle with manual branch management and it was painful.
Exactly. And the numbers tell the story — over six hundred points and three hundred fifty comments on Hacker News. People are hungry for this. The tool handles rebasing the entire stack when you update a base PR, manages the dependency graph, integrates with GitHub's review system. It just works.
Right, and what's wild is how directly this hits cycle time. Instead of one monster PR that sits in review for three days because nobody wants to look at a thousand-line diff, you ship a stack of three to five focused changes. Reviewers can approve incrementally. Pair that with CI running on each PR independently and suddenly the bottleneck shifts.
And here's the bigger picture — this dropped on the same day that Steve Klabnik's Jujutsu tutorial hit four hundred plus points on Hacker News. Jujutsu, or jj, is a Git-compatible version control system that fundamentally rethinks the mental model. Every working copy change is a commit, there's no staging area, rebasing is trivial.
So the version control layer is getting its biggest shakeup in like a decade, basically on the same day from two different directions. GitHub improving the workflow on top of Git, and jj potentially replacing Git underneath. That's a fascinating moment for dev tooling.
If you're a team lead, try gh-stack this week — it's backward compatible with your existing repos. If you're an IC frustrated with Git's sharp edges, spend an hour with jj. Both are production-ready.
Okay, shifting to security — and this one's a wake-up call. An attacker purchased thirty legitimate WordPress plugins and then injected backdoors into all of them through routine updates.
Wait — purchased them. Like, legally acquired the plugins and then pushed malicious updates to everyone who already had them installed?
That's exactly what happened. Your threat model now has to include 'attacker legally buys the dependency.' This isn't some zero-day exploit or compromised credentials — it's an acquisition. If you ship anything on WordPress or really depend on any plugin ecosystem, audit your plugin list, pin your versions, and monitor update diffs.
That's interesting because it's not even WordPress-specific, right? This same attack vector works for npm packages, VS Code extensions, browser extensions — anywhere there's a marketplace where ownership can transfer. It makes SBOMs feel a lot less optional.
Absolutely. And on a lighter security note — there's a new benchmark called N-Day-Bench that tests whether LLMs can find known vulnerabilities in real codebases. Early results suggest they're getting surprisingly competent at finding n-day bugs, which is both promising and a little terrifying.
Promising if you're building AI-assisted code review, terrifying if you think about who else has access to these models. Dual-use all the way down.
Alright, AI and models. vLLM is trending on GitHub again as the go-to inference engine for self-hosted LLMs. If you're serving models in production and you haven't evaluated vLLM, you're probably leaving throughput and memory efficiency on the table.
Yeah, vLLM just keeps pulling ahead. The PagedAttention approach they use for memory management is kind of the reason everyone gravitates to it. If you're comparing it against TensorRT-LLM, vLLM tends to win on flexibility even if TensorRT sometimes edges it on raw speed for specific hardware.
Two more AI items worth flagging. Anthropic published docs on Claude Code Routines — basically composable, repeatable task patterns you define for the coding agent. So you can encode your team's conventions around testing, migration patterns, code style, and the agent follows them consistently.
Oh, that's huge for teams actually using Claude Code day to day. The difference between a helpful AI and a reliable one is exactly this — being able to say 'here's how we do things' and have it stick across sessions.
And there's a new open-source project called Microsandbox that provides secure local sandboxes purpose-built for AI agents executing arbitrary code. Lighter weight than full containerization, better security isolation. If you're building agents that run code, worth checking out — link in the briefing.
On the dev tools front — beyond the Jujutsu story we already covered — there's a fascinating post-mortem making the rounds about Lean, the proof assistant. Someone formally proved a program correct using Lean, and then a bug was found anyway.
Okay, wait. If it was formally proved correct, how does it still have a bug?
The bug was in the specification, not the proof. The proof was perfect — it just proved the wrong thing. Which is a really important lesson, especially as we see more AI-generated proofs. Your specs themselves need adversarial review.
That's almost philosophical. You can have a flawless proof of a flawed assumption. I feel like that's a metaphor for half the software industry. Also — quick shout-out to psmux, a tmux-like terminal multiplexer that works natively on Windows PowerShell without WSL, written in Rust. Windows devs, your day has come.
Alright, quick hits. DaVinci Resolve now has a free photo editor built in — Blackmagic keeps giving away professional-grade software to sell hardware, and it keeps raising the bar for what users expect for free.
Their strategy is wild. Just keep making everyone else's paid product look overpriced.
We've also got Aphyr with a piece on how AI-generated work creates a future built on lies — thought-provoking read. Thousands of rare concert recordings just hit the Internet Archive. And someone built a Jellyfin client for the Nintendo Wii, because of course they did.
Okay, WiiFin is the kind of project that reminds me why I love this industry. Completely unnecessary, completely delightful.
So here's the takeaway for today. The code review and version control layer is being rebuilt in real time. GitHub stacked PRs and Jujutsu both landed in the discourse on the same day, and both directly reduce the friction between writing code and shipping it.
And on the security side, the WordPress plugin attack is a template for what's coming across every ecosystem. If your product depends on third-party packages, your threat model now includes legal acquisition as an attack vector. Pin versions, diff your updates, take SBOMs seriously.
That's the briefing for April 15th. Try gh-stack this week, give jj a look, and audit your dependencies. We'll be back tomorrow with more. Until then — keep building.
See you all tomorrow. Ship small, ship often.
GitHub Ships Stacked PRs — Finally Catching Up to How Teams Actually Ship Code
GitHub has officially launched gh-stack, a native stacked PRs workflow built into the GitHub CLI. If you've ever envied the Phabricator or Graphite workflow — where you break large changes into a chain of small, reviewable, dependent PRs — this is now a first-class citizen on GitHub. The tool handles rebasing the entire stack when you update a base PR, manages the dependency graph, and integrates with GitHub's review system. With 636 points and 351 comments on HN, the developer community is clearly hungry for this.
For builders shipping daily, this changes your review bottleneck. Instead of one monster PR that sits for three days, you ship a stack of 3-5 focused diffs that reviewers can approve incrementally. If you're running a team of 3-10 engineers, adopt this now — it directly reduces cycle time. Pair it with CI that runs on each PR in the stack independently and you've eliminated the 'waiting for review' excuse.
This also signals GitHub doubling down on developer workflow after years of focusing on Copilot and AI features. Combined with Jujutsu (jj) gaining serious traction as a Git replacement (400+ HN points today), the version control layer is getting its biggest shakeup in a decade. If you're evaluating dev tooling for a new team, try gh-stack on your existing GitHub repos this week — it's backward compatible and the learning curve is minimal.
30 WordPress Plugins Bought and Backdoored in Supply Chain Attack
An attacker purchased 30 legitimate WordPress plugins and injected backdoors into all of them via routine updates. If you ship anything on WordPress — or depend on any plugin ecosystem — this is your reminder that supply chain attacks now include legal acquisition of trusted packages. Audit your plugin list, pin versions, and monitor update diffs.
N-Day-Bench: Benchmarking LLMs at Finding Real Vulnerabilities
A new benchmark tests whether LLMs can discover known vulnerabilities in real codebases. If you're building AI-assisted security tooling or code review pipelines, this gives you a concrete evaluation framework — and the early results suggest LLMs are getting surprisingly competent at finding n-day bugs.
Google Cracks Down on Back Button Hijacking as Spam
Google's new spam policy explicitly penalizes sites that manipulate browser back-button behavior. If you're doing anything with history.pushState for marketing funnels or interstitials, audit now — this will tank your search rankings.
vLLM Continues to Dominate LLM Serving — Now Trending on GitHub
vLLM is trending again as the go-to inference engine for self-hosted LLMs. If you're serving models in production and not using vLLM (or evaluating it against TensorRT-LLM), you're likely leaving throughput and memory efficiency on the table.
Introspective Diffusion Language Models: A New Architecture Worth Watching
A research group proposes diffusion-based language models that can introspect on their own generation process. Still academic, but if you're building anything that needs controllable or steerable text generation, this architecture may offer better guarantees than autoregressive models.
Claude Code Routines: Programmable Workflows for AI Coding Agents
Anthropic published docs on Claude Code Routines — composable, repeatable task patterns you can define for Claude's coding agent. If you're using Claude Code in your workflow, routines let you encode your team's conventions (testing, migration patterns, code style) so the agent follows them consistently.
Microsandbox: Local Sandboxes Purpose-Built for AI Agents
A new open-source project provides secure, cross-platform sandboxes for running AI agent code locally. If you're building agents that execute arbitrary code, this is a lighter-weight alternative to full containerization with better security isolation.
Jujutsu (jj) Tutorial Gains Traction — Git's First Real Challenger
Steve Klabnik's Jujutsu tutorial hit 400 points on HN, signaling growing mainstream interest. jj is a Git-compatible VCS that treats every working copy change as a commit, eliminates the index/staging area, and makes rebasing trivial. If you're frustrated with Git's mental model, jj is production-ready and interoperates with existing Git repos.
psmux: Native tmux for Windows PowerShell, Written in Rust
Finally — a tmux-like multiplexer that works natively on Windows Terminal and PowerShell without WSL. If you're a Windows developer who's been jealous of tmux workflows, this is worth trying today.
Lean Proved This Program Correct — Then a Bug Was Found Anyway
A fascinating post-mortem on the gap between formal verification and real-world correctness. The bug was in the specification, not the proof. If you're relying on formal methods or AI-generated proofs, this is required reading on why specs themselves need adversarial review.
DuckDB Internals Deep Dive Now Available
DuckDB published detailed documentation on its internal design and implementation. If you're embedding DuckDB in your analytics stack or building on top of it, this is the reference for understanding query execution, storage layout, and extension points.
Backblaze Silently Stops Backing Up OneDrive and Dropbox Folders
Backblaze's personal backup product no longer covers cloud-synced folders from OneDrive and Dropbox — a major gap since many users' important files live there. If your team or product relies on Backblaze for backup, verify what's actually being covered right now. This also opens a niche for builders in the backup space.
DaVinci Resolve Launches a Free Photo Editor
Blackmagic added a full photo editor to DaVinci Resolve, free as always. If you're building creative tools or workflows, Blackmagic's strategy of giving away professional-grade software to sell hardware continues to raise the floor for what users expect at zero cost.
The version control and code review layer is getting rebuilt in real time — GitHub stacked PRs and Jujutsu both landed in the discourse today, and both directly reduce the friction between writing code and shipping it. If you're a team lead, try gh-stack this week; if you're an individual contributor tired of Git's sharp edges, spend an hour with jj. Meanwhile, the WordPress plugin supply chain attack is a stark reminder: if your product depends on any third-party plugin or package ecosystem, your threat model now includes 'attacker legally buys the dependency.' Pin versions, diff updates, and consider SBOMs seriously.