← Archive

May 29, 2026

Supabase MCP, TypeScript 6.0 beta, npm supply chain hit

Share:

Tool of the Week

Supabase ships MCP server, UI library, Postgres LSP

Official MCP server connects Claude/Cursor to Supabase; Postgres Language Server adds LSP tooling for SQL autocompletion and type-checking; UI library provides ready-made auth and realtime components.

Reduces boilerplate for AI-assisted database work and realtime features. LSP support eliminates SQL editor blind spots (syntax errors, type mismatches). MCP integration moves database operations into your AI workflow instead of context-switching.

MCP server is drop-in for Cursor/Claude users—no code changes needed. UI library replaces manual shadcn setup for auth and chat patterns; requires React/Next.js. Postgres LSP is optional but recommended if you write raw SQL in editors. All three are ready now. Start with MCP if you're already using Claude/Cursor.

  • You can use this server to connect your favorite AI tools (such as Cursor or Claude) directly with Supabase
  • A set of convenient components built on shadcn that can be dropped into any Next.js, React Router, Tanstack Start, or vanilla React application
  • Postgres Language Server provides a collection of language tools and a Language Server Protocol (LSP) implementation for Postgres, focusing on developer experience and reliable SQL tooling
  • Today, we support autocompletion, syntax error highlighting, type-checking, and a linter
supabasemcp-serverpostgres-lsprealtimetooling

Dev Signal

Get issues like this in your inbox — free, 3x a week.

Quick Signals

Gemini 3.5 Flash launches GA at 3x prior cost

Google ships Gemini 3.5 Flash into production across consumer and API surfaces with 1M token context, but pricing jumped 3–6x versus prior Flash variants.

Directly affects cost-per-inference for Gemini API users; the benchmark cost ($1,551.60) now exceeds Gemini 3.1 Pro Preview ($892.28), forcing re-evaluation of model selection for cost-sensitive workloads.

Replaces Gemini 3 Flash Preview and 3.1 Flash-Lite for production inference. Requires budget reassessment before migration. Worth testing for capabilities but skip if current Flash variant meets your latency/quality bar—price premium is steep and mirrors industry-wide cost creep.

  • Gemini 3.5 Flash is available today to billions of people globally
  • 1,048,576 input tokens and 65,536 maximum output tokens
  • The new 3.5 Flash is 3x the price of 3 Flash Preview and 6x the price of 3.1 Flash-Lite
  • At $1.50/million input and $9/million output
  • Running the benchmark for 3.5 Flash (high) cost significantly more than 3.1 Pro Preview
gemini-apipricingcost-analysisproduction-releasemodel-selection

Skybridge 1.0 stabilizes MCP app development

Single entry point (server.registerTool) and integrated dev tools eliminate the feedback loop friction of building inside AI assistants.

MCP app development forces a non-standard build pattern—local tunneling, manual platform testing, compliance audits. Skybridge 1.0 collapses this into one dev loop with playground testing and automated compliance scanning, cutting iteration time on tool-UI pairs significantly.

Replaces manual MCP server + view wiring boilerplate. Requires Node.js + TypeScript. Ready now—100k monthly downloads, powers 10% of Claude/ChatGPT app stores. Trade-off: locked into Skybridge patterns for type safety; mitigated by Docker template and Cloudflare Workers support for escape hatches.

  • one entry point: server.registerTool(config, handler)
  • 100k monthly downloads and powers over 10% of apps on the Claude and ChatGPT stores
  • Skybridge 1.0, a first-class framework with a stable API, a complete developer toolchain, and a clear commitment to the MCP Apps ecosystem
  • The dev tools are now a unified control panel for your entire development workflow
mcptypescriptdevtoolsai-agentsframework

TypeScript 6.0 beta ships, Go rewrite coming

TypeScript 6.0 is the last JavaScript-based release; type inference for this-less functions improves, and #/ subpath imports now work.

Better type inference reduces false positives in generic functions with method syntax. #/ subpath imports align TypeScript with Node.js 20+ conventions, cutting friction for monorepo aliasing.

Install via npm install -D typescript@beta to test. Method-syntax generics will infer correctly now without explicit types. Subpath imports require Node.js 20+. Worth upgrading for the inference fix alone; plan for TypeScript 7.0 (Go rewrite) before production migrations.

  • npm install -D typescript@beta
  • TypeScript 6.0 is a unique release in that we intend for it to be the last release based on the current JavaScript codebase
  • we are working on a new codebase for the TypeScript compiler and language service written in Go that takes advantage of the speed of native code and shared-memory multi-threading
  • If this is never actually used in a function, then it is not considered contextually sensitive
  • This is supported in newer Node.js 20 releases, and so TypeScript now supports it under the options node20, nodenext, and bundler for the --moduleResolution setting
typescripttype-inferencemodule-resolutionnode-modulesbreaking-changes

npm account atool publishes 637 malicious packages

Compromised atool account injected Bun-based credential harvester into 317 packages (size-sensor, echarts-for-react, @antv scope) via preinstall hooks and orphan GitHub commits, exfiltrating AWS/GCP/Vault/GitHub tokens through dual channels and installing persistent C2 backdoors.

Semver ranges auto-resolve to malicious versions; the payload hijacks CI/CD pipelines (npm OIDC token exchange, Sigstore signing with stolen identities), compromises AI agent sessions (Claude Code, VS Code), and establishes persistent backdoors that poll GitHub for remote commands. Any developer with these packages in their dependency tree and unvetted lockfile updates is exposed.

Immediate: pin exact versions in lockfiles, audit for preinstall script execution during install, scan for IoCs (kitty-monitor systemd service, .claude/settings.json SessionStart hooks, codeql.yml injection with 'Run Copilot' name). Medium-term: deploy Package Manager Guard (pmg) as install proxy with dependency cooldown to block packages published in burst windows. Check git history for imposter commits (antvis/G2 orphan commits with forged authorship). If any atool package was auto-updated between 2026-05-19 01:39-02:06 UTC, treat the machine as fully compromised: rotate all secrets, inspect CI logs for gh-token-monitor polling, search GitHub for repos named {fremen,mentat}-{sandworm,ornithopter}-{0-999}.

  • The npm account atool ([email protected]) was compromised on May 19, 2026. The attacker published 637 malicious versions across 317 packages in a 22-minute automated burst.
  • Affected packages include size-sensor (4.2M downloads/month), echarts-for-react (3.8M), @antv/scale (2.2M), timeago.js (1.15M)
  • The payload is a 498KB obfuscated Bun script that matches the Mini Shai-Hulud toolkit used in the SAP compromise three weeks earlier
  • It harvests credentials across the full AWS chain (env vars, config files, EC2 IMDS, ECS container metadata, Secrets Manager), Kubernetes service account tokens, HashiCorp Vault, GitHub PATs, npm tokens, SSH keys, and local password manager vaults
  • Any package published by atool ([email protected]) on 2026-05-19 between 01:44 and 02:06 UTC
  • preinstall script: bun run index.js
  • Payload SHA256: a68dd1e6a6e35ec3771e1f94fe796f55dfe65a2b94560516ff4ac189390dfa1c
supply-chain-attackcredential-harvestingnpm-securityci-cd-compromisepersistence

Forge lifts 8B models to agent-class reliability

Drop-in guardrails middleware + proxy server that rescues malformed tool calls, enforces step ordering, and manages VRAM context for self-hosted agentic workflows — no model retraining required.

Local inference teams hit a wall with multi-step tool use — models fail at parsing, skip steps, or blow context. Forge's composable middleware (validator, step enforcer, retry nudges) plugs directly into existing orchestration or works as a transparent OpenAI-compatible proxy, letting developers upgrade reliability without refactoring agents.

Replaces manual response validation + retry logic in your agentic loop. Requires Python 3.12+, a running llama.cpp/Ollama/Anthropic backend, and either direct integration (WorkflowRunner) or proxy interception (minimal code). Ready now — 26-scenario eval suite validates real workflows; top config (Ministral-3 8B Q8) scores 86.5% baseline, 76% on hard tier. Proxy path has zero integration cost if you already use OpenAI-compatible clients (Continue, aider, opencode).

  • Ministral-3 8B Instruct Q8 on llama-server) scores 86.5% across forge's 26-scenario eval suite — and 76% on the hardest tier
  • guardrails (rescue parsing, retry nudges, step enforcement) and context management (VRAM-aware budgets, tiered compaction)
  • Drop-in OpenAI-compatible proxy (python -m forge.proxy) that sits between any client (opencode, Continue, aider, etc.) and a local model server
  • Supports Ollama, llama-server (llama.cpp), Llamafile, and Anthropic as backends
self-hosted-llmtool-callingguardrailsagent-reliabilityllama-cpp

Enjoying Dev Signal? Get every issue in your inbox.

Free forever · 3 issues a week · One-click unsubscribe

Refer a friend →

Earn rewards for every developer you bring in.

Go premium →

Sponsor-free feed · full archive search · $149 lifetime.