Top Stories

VS Code inserting ‘Co-Authored-by Copilot’ into commits regardless of usage

1226 points · github.com/microsoft

A pull request to VS Code has detonated on HN after developers discovered that the editor was silently appending a Co-Authored-by: Copilot trailer to git commits — even on commits where Copilot was never invoked. The 634-comment thread is a window into how raw the developer-trust nerve has become in 2026: people are calling it everything from a benign telemetry bug to deliberate attribution-laundering for Microsoft’s AI metrics.

The deeper anxiety is that “Copilot touched this” trailers create reputational and licensing exposure for contributors to projects that ban or restrict AI-assisted code, with no clear opt-out signal. Expect a hotfix and probably a corporate apology blog post by Monday.

Kimi K2.6 just beat Claude, GPT-5.5, and Gemini in a coding challenge

296 points · thinkpol.ca

Moonshot’s open-weights Kimi K2.6 reportedly took first place in a multi-language programming benchmark, edging out Anthropic’s Claude, OpenAI’s GPT-5.5, and Google’s Gemini. The headline alone is enough to revive the every-three-months HN ritual debate over whether open-weights models from Chinese labs are quietly closing — or have already closed — the gap with the frontier US labs.

The comments section is the usual mix: skeptics picking apart the benchmark methodology, optimists pointing at the weights being on Hugging Face right now, and a smaller group noting that “winning a coding challenge” and “being the model people actually ship to production” are still very different things.

A couple million lines of Haskell: Production engineering at Mercury

241 points · haskell.org

Banking startup Mercury wrote up what it’s like to operate a multi-million-line Haskell codebase in production. It’s the kind of post HN loves: a real company sharing the unglamorous parts (build times, hiring, refactoring at scale, the GHC upgrade treadmill) of betting an entire business on a language the broader industry mostly doesn’t use.

Mercury has long been the standard-bearer for “yes, you can run a serious fintech on Haskell,” and this piece is essentially a check-in on that thesis several years and a few hundred engineers later.

This Month in Ladybird – April 2026

350 points · ladybird.org

The independent browser project’s monthly newsletter continues to draw HN’s enthusiasm — partly because Ladybird is the only credible non-Chromium-or-Firefox browser engine being built from scratch, and partly because its progress reports keep showing concrete wins on real-world sites. April’s update covers more web platform conformance gains, JavaScript engine work, and the ongoing march toward an alpha release.

In a year where the browser monoculture conversation has only gotten louder, Ladybird’s existence is, for a lot of HN readers, a small bit of structural hope.

Specsmaxxing – On overcoming AI psychosis, and why I write specs in YAML

131 points · acai.sh

A widely-shared post arguing that the way to actually get reliable output from coding agents in 2026 is to stop chatting with them and start writing dense, structured YAML specifications. The author frames “AI psychosis” as the failure mode of long, vibes-driven prompt sessions where the model loses the plot — and pitches specsmaxxing as the discipline that fixes it.

The 127-comment thread is split between “yes, this matches my experience” practitioners and a vocal contingent arguing that if you’re writing this much YAML, you’ve basically reinvented programming. Both sides are right.

State of the Art of Coding Models, According to Hacker News Commenters

116 points · hnup.date

A meta-analysis that scrapes HN comments to figure out which coding model the community currently considers state of the art. It’s both genuinely useful (a rolling, crowd-sourced leaderboard that’s harder to game than benchmarks) and mildly cursed (you are looking at a chart of HN’s collective vibes).

Worth a click for anyone trying to pick what to wire into their editor this week.

Maryland to ban A.I.-driven price increases in grocery stores

165 points · nytimes.com

Maryland is moving to outlaw “surveillance pricing” — the practice of using AI to set individualized grocery prices based on what a retailer thinks a specific shopper will tolerate. It’s one of the first state-level laws targeting algorithmic price personalization in physical retail, and likely a template for other blue-state legislatures.

HN is debating whether this is overdue consumer protection or a category error that will end up banning ordinary dynamic pricing as a side effect.

The agent harness belongs outside the sandbox

109 points · mendral.com

An architectural argument that the orchestration loop for AI agents (the “harness” — tool dispatch, retries, memory, the whole control plane) should live outside the sandboxed execution environment, not inside it. The post is a reaction to a year of agent frameworks shipping their entire control logic inside the same container the LLM-generated code is running in, with predictable security and reliability problems.

Required reading if you’re building agent infrastructure right now — and the comments include some good back-and-forth from people running this in production.

Do_not_track

347 points · donottrack.sh

A new project around the rebooted “Do Not Track” idea — basically a fresh attempt to give users a real signal they can send to sites and an ecosystem that respects it. The original DNT header died of indifference a decade ago, but with privacy regulation catching up in many jurisdictions, the comments are debating whether this attempt has any more teeth than the last one.

Dav2d

489 points · code.videolan.org

VideoLAN dropped Dav2d, a successor effort in their AV1 decoder lineage following dav1d. For a project announcement with essentially no marketing copy, it pulled 489 points and 135 comments — a reminder that HN still rewards “serious people shipping serious infrastructure” over basically any other category.