Weeknotes #70 (March 07, 2026)

Posted on: Mar 07, 2026

Things I found, read, did, and produced this past week.

Things I worked on

• I wrote a post about Co-Authored-By: Claude being fine and trying to write down my opinons on attributing git commits to coding agents.

Things I consumed

• There was an exploit via GitHub Actions titled by the attacker Hackerbot-claw. At the core, an OpenClaw instance was able to exfiltrate GITHUB_TOKEN env vars via the pull_request_target trigger from CI pipelines of many large repos and therefore comprimised the entire repo. GitHub does have some protections to block things like this, but it is a mentality that if you expose a place in your repo to run untrusted code without any security guardrails, you are asking for these bots to exfiltrate anything from your CI environment.
• Lego released a Eevee set last week as part of the 30th anniversary of the franchise and I built it over the last weekend over the course of 2-3 sessions. Relatively simple build but I do appreciate how they did with it.
• Cassidy Williams posted a video that resonated with me this week: Is SaaS actually dead? (...no). It is going over the situation of "If I can just vibe code apps that I would otherwise have to pay for a subscription for, are SaaS products just going to be dead, and the answer is of course no, as Cassidy comments that yes you can technically do such, but then do you want to maintain that app, which gets to the build vs buy mentality when thinking about integrating software into your personal or professional workflows.
• OpenAI's released both GPT 5.3 Instant and GPT 5.4 this week, where I feel 5.3 instant is for minimal token usage / quick chat responses, while 5.4 is for more professional usage whether it is deep reasoning or usage in coding agents.
• Apple released a bunch of new products this week, but the most interesting one in my opinion is the Macbook Neo, a $600 macbook powered by the a18 pro chip, the same one in the iPhone 16 Pro and Pro Max. Its definitely not a machine for people who ever think about specs at all, but I feel it is going to be a good machine for either K-12 education or the flipside of people who just want a good machine that gives them macOS but their main use cases is for browsing the web, watching videos, sending email, etc.