Next in Dev

Sam Altman told CNBC he shares Anthropic's safety principles. Less than 24 hours later, OpenAI signed a government contract without those principles and posted about it like a win. Here's why that matters if you build with AI.

Vercel's CEO called Cloudflare's new Next.js reimplementation "vibe-coded," and I have thoughts. Plus Cursor agents now get their own virtual machines, ChatGPT is serving ads on the first prompt, and Anthropic drops version 3 of its Responsible Scaling Policy.This is Next in Dev. It's a weekly roundup of everything happening in web development, AI tooling, and the platforms developers actually use.https://nlvcodes.com0:00 - Introduction0:22 - Cloudflare rebuilt Next.js in a week1:45 - Vercel's response (glass houses)2:37 - Cloudflare's 6-hour outage3:06 - Figma Make connectors3:26 - Next.js 16.2.0 canary roundup4:10 - Cursor agents get virtual machines4:56 - ChatGPT ads on first prompt5:12 - Anthropic Responsible Scaling Policy v36:04 - Railway DDoS protection + domains7:15 - Claude Code auto-memory + updates8:09 - Closing Thoughts

Anthropic's Pentagon contract is on the rocks, Figma now connects directly to Claude Code, and Tailwind CSS finally ships v4.2.0 after months of silence. Plus Payload CMS v3.77, Perplexity dropping ads, Cursor's new plugin marketplace, and more from the modern web dev world.This is Next in Dev, a weekly roundup of everything happening in web development, AI tooling, and the platforms developers actually use.0:00 - What's Coming Up0:13 - Payload CMS v3.771:27 - Figma + Claude Code2:17 - Next.js canary updates2:49 - Dokploy3:23 - Tailwind CSS v4.2.04:01 - Perplexity drops ads4:31 - OpenClaw founder joins OpenAI4:46 - Cursor 2.5 plugin marketplace5:19 - Anthropic vs the Pentagon5:52 - Claude Sonnet 4.66:18 - Anthropic & Infosys6:39 - Claude Code updates7:17 - Gemini AI music generation7:50 - Railway updates8:18 - Final Thoughts and Next Steps

This week in web development: Payload patches critical SQL injection vulnerabilities affecting Drizzle-based database adapters, Next.js ships 10 canary releases focused on Turbopack infrastructure and server-side HMR, and Anthropic commits to covering electricity cost increases caused by their AI data centers. Payload issued critical security patches for SQL injection vulnerabilities in version 3.73 and 3.74. This affects Drizzle-based adapters with JSON/rich text fields with read access set to anything but false in Postgres/SQLite with serial IDs. OpenAI is beginning to test ads in ChatGPT's free and Go tiers. Cursor released Composer 1.5 with 20x more reinforcement learning than v1, and Railway launches one-click Cloudflare DNS integration plus horizontal scaling without deployment cycles.0:00 Payload CMS Security Patches1:17 Payload v3.7.6 Release1:47 Shadcn/ui Blocks Update2:00 Next.js Canary Releases3:15 Cloudflare Markdown for Agents4:32 AWS Infrastructure Updates5:39 Dokploy v0.27 Stability Release6:12 OpenAI Ad Testing in ChatGPT6:49 Cursor Composer 1.57:55 Anthropic Nonprofit Access & Energy Commitment9:24 Claude Code Updates10:03 Google Gemini 3 Deep Think10:37 Railway Deployment Improvements12:00 Closing Thoughts

In this episode of Next in Dev, I cut through the noise of the latest AI agent arms race to find what actually matters. - Anthropic releases Claude Opus 4.6- OpenAI counters with the GPT-5.3 Codex and a dedicated macOS app- Payload 3.74/3.75 - shadcn’s new first-class RTL support Payload's skill live: https://youtube.com/live/3UDiLVe0PFA00:00 Payload CMS 3.74 & 3.75:02:00 Figma news02:50 Shadcn news03:27 Next.js news 03:54 Cloudflare news 04:34 The OpenClaw Experiment: A Security Nightmare? 05:15 OpenAI news06:29 Anthropic’s Ad-Free Promise07:11 Claude Opus 4.6 08:07 Claude Code & Xcode08:36 Gemini’s Ad Strategy 09:10 Railway Postgres Metrics & Flow Visualizer 09:55 Closing Thoughts

Payload 3.73 is here with Next.js 16 support, SQLite performance upgrades, and a new migration command for relational databases. We also dive into the latest Next.js security patches, Figma’s new glass effects, and Cursor’s sub-agent architecture for faster execution. Plus, all the latest news about the AI that matters.Chapters:00:00 Payload News 02:13 Figma News 02:47 Shadcn News 03:08 Next.js News 03:42 OpenAI News 04:19 Cursor News 05:27 Anthropic News 05:50 Claude Code News 06:17 Gemini News 06:53 Railway News 07:23 Astro News07:51 Closing Thoughts

Payload 3.72, Next.js 16, and Claude Code updates headline this week’s breakdown of essential web development news and security vulnerabilities. We explore Payload's new experimental per-locale publishing and the addition of depth parameters to MCP tools. On the performance side, Next.js continues its relentless focus on Turbopack and memory management. The industry is also grappling with significant security scares: a two-character filtering error that nearly compromised the AWS console and a Cloudflare firewall bug related to certificate renewal. Meanwhile, OpenAI introduces the ChatGPT Go plan at $8 USD/month, powered by GPT 5.2 instant, while pivoting toward an ad-supported model for free users. Finally, we compare the latest CLI enhancements from Cursor and Claude Code, and look at Railway’s intuitive CLI overhaul. Live stream mentioned: https://youtube.com/live/dDYkQ-fXJvwChapters:00:00 - Payload News00:50 - Shadcn News01:12 - Next.js News01:35 - Cloudflare News02:01 - AWS News02:26 - OpenAI News03:22 - Cursor News04:13 - Anthropic News05:26 - Claude Code News06:28 - Railway News07:26 - Closing Thoughts and Next Steps

In this video, I’m sharing my 2026 bold predictions for the web development ecosystem and some major personal updates for the channel. We'll discuss the potential future of Payload CMS, the ever-changing AI landscape, and the rising challenges of cloud infrastructure complexity.Here’s what I cover:- My potential expansion into content beyond Payload CMS. I’m looking at TanStack, Astro, and general coding advice.- Why I believe Payload will remain open source and how it will eventually power fully AI-generated sites in Figma.- My thoughts on why copyright lawsuits and plagiarism accountability might finally slow down the current AI hype cycle.- Why we should expect more internet outages in 2026 due to increasing system complexity and unvetted AI tools.- Why Next.js will maintain its industry dominance throughout 2026, despite strong new competition.Chapters: 00:00 - Introducing My Bold Predictions00:26 - What will 2026 look like for me and my channel?06:55 - My 2026 Predictions for Payload CMS09:58 - My 2026 Predictions for Figma11:17 - My 2026 Predictions for AI13:03 - My 2026 Predictions for Internet Outages13:55 - My 2026 Prediction for TanStack14:32 - Closing Thoughts