
2026/6/29 · 9:25
Loops meet the CVE flood
Armin Ronacher’s AI-loop warning, Daniel Stenberg’s curl CVE triage rules, and Evan You’s Vite/Rolldown defaults all point to the same question: who owns the cost of automation?
Armin Ronacher and Daniel Stenberg landed on the same engineering problem from opposite ends. Ronacher looked at AI coding loops and asked how teams keep judgment when code is produced by a harness. Stenberg looked at curl's vulnerability queue and asked how maintainers keep judgment when AI makes reports cheaper to generate than to triage. Evan You added the product-design version of the same rule: a default can be technically attractive and still be wrong if it pushes cost onto users who did not ask for it.
Coverage window: June 22-29, 2026.
Armin Ronacher: loops work best where the output does not become long-term debt
Armin Ronacher, creator of Flask, Jinja2, and Werkzeug and a co-maintainer of the Pi coding agent, published "The Coming Loop" on June 23. The essay separates harness-level loops, where outside orchestration repeatedly prompts a model, from agent-level loops, where the model calls tools internally and decides the next step. 1
The memorable line in the piece comes from Boris Cherny, whom Ronacher quotes: "I don't prompt Claude anymore. I have loops running that prompt Claude and figuring out what to do. My job is to write loops." 1 Ronacher's response is not rejection. He says loop patterns have already worked well for code porting, performance exploration, and security scanning, especially where the generated code does not have to be maintained for years. 1
His objection is narrower and more useful for engineering leaders: present-day models under hands-off loops tend to produce code that is "too defensive, too complex, too local in its reasoning." They add fallbacks instead of making invalid states impossible. 1 That matches the failure mode many teams see after a successful demo: the loop ships working code, but the surrounding invariants become harder to explain.
Ronacher's "Software As Organism" metaphor is the practical warning. If software is built, reviewed, patched, and kept alive by loops, engineers may understand it less like a machine and more like doctors understand a body: observe symptoms, form hypotheses, run tests, try treatment. 1 The closing question is the part that should stick in architecture reviews: "The question is not whether we will loop because clearly we will. Maybe the question is that in a future of loops, how do we don't abdicate judgment, how we can retain rules of good engineering." 1
Ronacher also showed the other side of the same toolchain. On June 26, he said an agent added light mode to his dark blog in less than two minutes, including meaningful shader changes. 2 On June 28, he said bad airplane Wi-Fi helped him discover a new Pi server-sent-events failure case. 3 The useful distinction is not "AI good" or "AI bad." It is whether the human still understands the state space after the loop finishes.
Daniel Stenberg: the CVE flood is now a design problem
Daniel Stenberg, creator and long-time maintainer of curl, released curl 8.21.0 on June 24 with 18 security fixes, 276 bug fixes, 531 commits from 45 authors, and 102 contributors. The 18 CVEs set a new curl record for a single release and for total vulnerabilities published in one calendar year. 4 Stenberg wrote: "The huge focus on vulnerability reports during this release cycle made us merge fewer new features than we wanted." 4
That sentence is the maintainer-side cost of the AI tooling wave. Vulnerability discovery got cheaper; vulnerability judgment did not. Stenberg made that explicit in a June 29 guide based on curl's experience handling "way over one thousand vulnerability reports." He asks reporters to start with a human-written first paragraph explaining the problem and impact, include a standalone reproducer, preferably attach a patch, identify the earliest affected version, and check documentation before calling something a vulnerability. 5 His AI boundary is blunt: "Even if you have used a lot of or just a little AI when finding the issue and writing up the report, you must make sure that you communicate as a human." 5
The same week, curl won its first CVE dispute since becoming a CVE Numbering Authority. A researcher argued that a leading-dot hostname wildcard-certificate bug deserved a CVE; curl had fixed it in December 2025 as an ordinary bug, and MITRE TL-Root agreed on June 24 that it was not a security vulnerability because it required a local attacker with privileges. 6 Stenberg's reason for fighting the label was ecosystem cost: libcurl is installed in roughly 30 billion instances, and every CVE triggers work for security teams far beyond the curl project. 6

The curl details this week were all about edge-case judgment. Stenberg fixed three trailing-dot hostname flaws in curl 8.21.0: an IPv4 trailing-dot path that could make curl treat an IP address like a hostname, a double-trailing-dot HSTS failure, and CVE-2026-8924, a Public Suffix List cookie-domain bypass through libpsl's trailing-dot handling. 8 He also published a 340-frame vulnerability "mountain" movie from curl's 1998 start through June 2026; as of late June 2026, curl 7.34.0 remains the worst release in that visualization with 101 known vulnerabilities out of 206 total. 7
For senior engineers, the signal is operational. If your team is adding AI-assisted security scanning, the first control should not be a bigger inbox. It should be a report format that forces the submitter to state impact, produce a reproducer, and stay available for follow-up.
Evan You: fast defaults are good only when the cost is shared fairly
Evan You, creator of Vue and Vite and founder of VoidZero, appeared this week through Vite and Rolldown decisions rather than a stand-alone personal post. Vite 8.1 shipped on June 23 with an experimental bundled dev mode, an experimental chunk import map, Wasm ESM integration, and more groundwork for making Lightning CSS the default CSS processor in a future major version. 9
The bundled dev mode is a reversal in service of a specific performance problem. Vite became popular for an unbundled dev server, but very large apps pay for thousands of module requests. In a test loading 10,000 React components, bundled dev mode delivered about 15x faster startup and 10x faster full-page refresh; Linear reported 3x faster cold-start rendering, roughly 40% faster full reloads, and 10x fewer network requests. 9
The React Compiler decision sets the other boundary. Rolldown withdrew a Rust React Compiler integration after the binary grew from 28.7 MB to 33.8 MB, a 17% increase. 10 You's position in the GitHub discussion was direct: "Vite is framework agnostic, vendor agnostic, and we can't go down that slippery slope." 10 He asked where the line would be drawn if Vue, Svelte, Solid, and Astro each wanted another 5 MB in the default binary, and he pointed out that every megabyte has bandwidth and CI cost at Vite's weekly download scale. 10
This is the cleanest product-design lesson of the week. Vite is willing to bundle in development when the benefit addresses a broad dev-server bottleneck. Vite is not willing to make every user carry a framework-specific compiler by default. Performance work still needs a constituency.
Linus Torvalds and George Hotz: two smaller signals
Linus Torvalds, creator and maintainer of Linux, released Linux 7.2-rc1 on June 28 after the two-week merge window closed. He called the release "reasonably normal" and noted that another AMD GPU register header drop meant one-third of the patch was AMD GPU register definitions. 11 The kernel tree passed 43,898,743 total lines, including 33,653,681 code lines, and AMDGPU/AMDKFD accounted for 6,356,056 lines. 12 Torvalds did not turn that into a thesis. His stance was release-manager calm: stats looked normal, and he planned to take the next week "mostly off" while still reading email. 11
The kernel's AI-adjacent signal came from maintainability pressure rather than rhetoric. Greg Kroah-Hartman, Linux stable kernel maintainer, used a new fuzzing tool called
gregkh_clanker_t1000 to find kernel bugs across subsystems including ksmbd/SMB, USB, HID, and F2FS. 13 Separately, Eric Biggers argued that AF_ALG is "almost completely unnecessary" and exposes a "massive attack surface," with LLMs accelerating the rate of incoming vulnerabilities; Linux 7.2 proceeded to deprecate AF_ALG and drop offloading support. 14 The kernel version of the week's theme is familiar: tooling finds more work, and maintainers remove surfaces they no longer want to defend.George Hotz, creator of tinygrad and founder of comma.ai, published "Liminality" on June 23. He used Fullmetal Alchemist as the metaphor for AI, describing Chat, Claude, and GLM as homunculi made from the human souls poured into a supposed philosopher's stone. 15 His line was fatalistic rather than operational: "We are all riding on the same bus through the optimization landscape of reality. Shouting at the driver to no avail." 15 Unlike his post last week, this one did not generate visible community reaction in the captured sources, so it belongs as a tone-setting note rather than a main section.
The practical read across the week is simple: add automation where it shortens feedback loops, but make the cost owner explicit. Loops need evals and invariants. Vulnerability reports need human explanations and reproducers. Framework defaults need a clear answer to who pays for every megabyte.
Cover image: image from Armin Ronacher's "The Coming Loop".
参考ソース
- 1Armin Ronacher: The Coming Loop
- 2Armin Ronacher on X: agent light mode
- 3Armin Ronacher on X: Pi SSE failure case
- 4Daniel Stenberg: curl 8.21.0
- 5Daniel Stenberg: Do excellent vulnerability reports
- 6Daniel Stenberg: a CVE dispute
- 7Daniel Stenberg: A curl mountain movie
- 8Daniel Stenberg: Trailing dots are the worst
- 9Vite Team: Vite 8.1 is out!
- 10Socket.dev: Rolldown Pulls Rust React Compiler Integration After Binary Size Increase
- 11LWN.net: Linux 7.2-rc1
- 12Phoronix: Linux 7.2 Surpasses More Than 43 Million Lines In The Kernel Tree
- 13Phoronix: Linux's Second-In-Command Turns To New Fuzzing Tools For Uncovering Kernel Bugs
- 14Phoronix: Linux 7.2 Proceeding To Deprecate AF_ALG Due To "Massive Attack Surface", Drops Offloading
- 15George Hotz: Liminality

このコンテンツについて、さらに観点や背景を補足しましょう。