Matt Kane
LightNews LightNews
banner
mk.gg
Matt Kane
@mk.gg
4.7K followers 1.7K following 1.8K posts
Frameworks at Cloudflare 🧡 Astro core team 🚀 Previously Netlify, Gatsby. Made Unpic. @ascorbic in most other places
Posts Replies Media Videos
Pinned
mk.gg
Matt Kane @mk.gg · Jan 3
I've joined the retro homepage team. My new site is going for the HyperCard on Mac System 6 vibe.
Matt Kane
Matt Kane's site that looks like it was built in 1991
mk.gg
mk.gg
Reading the replies to this and praying to the lord that I never have to work on a project where the users are as entitled as Bluesky users.
bsky.app Bluesky @bsky.app · 2d
v1.112 is live!

We’re launching Find Friends, a contact import feature that helps you find people you know on Bluesky.

Try it! In the mobile app, go to Settings → Find friends from contacts.

Read how we took a more secure approach to this than other platforms: bsky.social/about/blog/1...
December 17, 2025 at 7:15 AM
mk.gg
It's nearly two weeks til new year! Don't be that sucker editing all your footers at midnight.

Set it automatically with the power of ✨AI✨
December 16, 2025 at 10:10 PM
mk.gg
rip piss filter. ur with the angles now
The new ChatGPT Images is here
The new ChatGPT Images is powered by our flagship image generation model, delivering more precise edits, consistent details, and image generation up to 4× faster. The upgraded model is rolling out to ...
openai.com
December 16, 2025 at 8:34 PM
mk.gg
Finally undoing one of the most ridiculous self-inflicted injuries of Brexit
December 16, 2025 at 6:54 PM
mk.gg
Big improvement to frameworks on Cloudflare! You can now deploy most frameworks from the CLI with zero config. No adding adapters. No editing configs. No wrangler.toml! It's all done automatically. Experimental now, with 10 frameworks supported today.

developers.cloudflare.com/changelog/20...
December 16, 2025 at 3:50 PM
Reposted by Matt Kane
danabra.mov
made a thing rsc-playground.pages.dev
RSC Playground
rsc-playground.pages.dev
December 14, 2025 at 1:19 PM
mk.gg
I can't remember the last time a Safari release caused so much buzz in the web dev community. Half my feed seems to be excited posts about it. It's a good one!
jensimmons.bsky.social Jen Simmons @jensimmons.bsky.social · 6d
Safari 26.2 is here with 65 features + 165 bug fixes — including field-sizing, Navigation API, Largest Contentful Paint, command & commandfor, CHIPS opt-in partitioned cookies, scrollend event, random(), WebGPU in WebXR, scrollbar-color, hidden=until-found and much more! webkit.org/blog/17640/w...
WebKit Features for Safari 26.2
Safari 26.2 is a big release.
webkit.org
December 13, 2025 at 8:17 AM
mk.gg
ECMA has just published the first edition of ECMA-429: the Minimum Common Web API, defining a baseline set of platform APIs for browser and JavaScript server runtimes. An important milestone. Well done to @jasnell.me and WinterTC for getting this across the line.
ECMA-429 - Ecma International
This Standard defines the 2025 snapshot of the Minimum common web API, a curated subset of APIs defined by web platform standards from W3C and WHATWG, which is intended to define a minimum set of capa...
ecma-international.org
December 12, 2025 at 3:04 PM
mk.gg
Annual reminder that Time Person of the Year isn't supposed to be the best person of the year, it's the person who influenced the events of the year "for better or worse". By that criterion, 2001 was the worst decision, and 1938 was correct.
December 12, 2025 at 8:45 AM
mk.gg
A chance to hire an Astro core maintainer! Yan would be an incredible hire for anyone who needs an Astro expert, or someone with experience leading a very active OSS community. He'll also track down every tiny error in grammar or punctuation in your docs. Those misused commas don't stand a chance.
yanthomas.dev Yan @yanthomas.dev · 7d
👋 I'm looking for a full-time software/DX engineer role.

With 3 years of experience as an open-source maintainer, I am a great fit if your team needs an expert in Astro/Starlight, tooling, documentation, accessibility, i18n, and empowering OSS communities.

RTs appreciated! ♻️
December 12, 2025 at 6:41 AM
mk.gg
The @cloudflare.social threat intelligence team have published this great blog with a really detailed breakdown on the exploitation activity against React and Next.js. Some massive numbers of attempts, as well as confident attribution of the attacks as mostly coming from Chinese state actors.
React2Shell and related RSC vulnerabilities threat brief- early exploitation activity and threat actor techniques
Early activity indicates that threat actors quickly integrated this vulnerability into their scanning and reconnaissance routines and targeted critical infrastructure including nuclear fuel, uranium a...
blog.cloudflare.com
December 11, 2025 at 9:51 PM
mk.gg
You know the drill: upgrade right now. These aren't as serious as last week's RCE, but they're still bad. Platforms are blocking these, but once again you shouldn't rely on it.
react.dev react.dev @react.dev · 7d
Researchers have found two new vulnerabilities in React Server Components while attempting to exploit the patches last week.

These are new issues, separate from the critical CVE last week. The patch for React2Shell remains effective for the Remote Code Execution exploit.
December 11, 2025 at 9:47 PM
mk.gg
My clever wife has written a book that's being published in the UK by Faber in April. As one of the few people who has already read it, I can say in a totally unbiased way that it's really good and interesting. Wolves and hares and will-o'-the-wisps!
Pre-order it from your local bookshop! #booksky
faberbooks.bsky.social Faber Books @faberbooks.bsky.social · 10d
When was Britain last truly wild? And what, if anything, remains?

We're thrilled to publishing Wilderlands by @eloi.se next April, an unexpectedly human history of wild Britain. Available to pre-order now 🦌

linktr.ee/wilderlandsb...
December 9, 2025 at 4:04 PM
mk.gg
This is great! Built with Astro too 🚀
una.im Una Kravets @una.im · 10d
🎉 And we're live! 🎉

We just launched CSS Wrapped 2025: our annual recap of all things CSS & web UI that landed in Chrome over the course of the year. 🚀

This is a big one! We highlighted 22 new features to help you build better on the web.

Check out: chrome.dev/css-wrapped-2025
CSS Wrapped 2025
Sculpt dynamic interfaces, stretch your imagination, and play with these 22 powerful new CSS features that landed in Chrome this year.
chrome.dev
December 8, 2025 at 10:17 PM
mk.gg
Why yes, I did spend £50 to go to the cinema yesterday to watch a movie that's going to be on Netflix on Thursday. I have no regrets.
December 8, 2025 at 8:04 PM
mk.gg
If you are running a vulnerable Next.js or RSC app behind Cloudflare or other WAF, but your origin is still accessible directly from the internet then you are not protected! Attackers are iterating IP addresses so you will probably be found. Upgrade right now!
December 8, 2025 at 9:42 AM
mk.gg
The original React2shell PoC is now public. This is as bad as it gets – full RCE. You must upgrade now. There are mitigations in place in CDNs including Cloudflare, Netlify, Vercel and AWS (and sites on Workers aren't vulnerable to this sort of attack), but there are variants in the wild now.
GitHub - lachlan2k/React2Shell-CVE-2025-55182-original-poc: Original Proof-of-Concept's for React2Shell CVE-2025-55182
Original Proof-of-Concept's for React2Shell CVE-2025-55182 - lachlan2k/React2Shell-CVE-2025-55182-original-poc
github.com
December 5, 2025 at 11:13 AM
mk.gg
Cloudflare was down for half an hour this morning, and it was caused by work we were doing to try to mitigate the React CVE. (Seriously, people: upgrade Next.js/React Router etc right now)
Dane Knecht 🦭 on X: "We are aware of the issue impacting the availability of Cloudflare’s network. It was not an attack; root cause was disabling some logging to help mitigate this week’s React CVE. Will share full details in a blog post today. Sites should be back online now, but I understand the" / X
We are aware of the issue impacting the availability of Cloudflare’s network. It was not an attack; root cause was disabling some logging to help mitigate this week’s React CVE. Will share full details in a blog post today. Sites should be back online now, but I understand the
x.com
December 5, 2025 at 10:36 AM
mk.gg
A monster PR
+13,500 −10,204 Conversation 28 Commits 134 Checks 23 Files changed 379
December 4, 2025 at 2:12 PM
mk.gg
Instead of using low-paid gig economy workers, they're replacing humans with robots.
November 29, 2025 at 2:28 PM
mk.gg
Well, I'm certainly consistent

anisota.net/harvest
My most-used words in 2025: 1. "astro" (102×) 2. "find" (39×) 3. "useful" (31×) 4. "code" (29×) 5. "those" (25×)
November 27, 2025 at 6:45 PM
mk.gg
Loved BASIC and HyperCard as a kid but didn't know coding could be a job. Trained and worked as a pastry chef. Got 1st gen iMac and discovered web dev and PHP. Quit the chef job and founded a startup at the peak of the dotcom bubble.
recurse.com Recurse Center @recurse.com · Nov 11
What’s the lore behind choosing your career path ?
November 23, 2025 at 8:44 AM
mk.gg
Whoa. This would be incredible for frameworks like Astro. Enough to make me reconsider my dream of removing streaming support.
webdevs.firefox.com Firefox for Web Developers @webdevs.firefox.com · 29d
Out-of-order HTML patching, another proposal from TPAC, lets HTML be presented non-linearly, and a single file can update multiple parts of the page.

Would this feature be useful to you?
November 19, 2025 at 6:09 PM
Reposted by Matt Kane
sifu.tweety.fish
cloudflare's on-duty IT staff bangs on the doors which I have padlocked from the inside as I calmly break open lava lamp after lava lamp and drink the contents
November 18, 2025 at 1:59 PM
mk.gg
This is a great post mortem, and as someone who only joined Cloudflare last month it's a hell of a lot more understandable than our internal incident channel
November 19, 2025 at 8:54 AM