PodRocket

TanStack, TanStack Start, and what’s coming next with Tanner Linsley

December 18th, 2025  |  45 mins 56 secs

tanstack

Jack Harrington sits down with Tanner Linsley to talk about the evolution of TanStack and where it’s headed next. They explore how early projects like React Query and React Table influenced the headless philosophy behind TanStack Router, why virtualized lists matter at scale, and what makes forms in React so challenging. Tanner breaks down TanStack Start and its client-first approach to SSR, routing, and data loading, and shares his perspective on React Server Components, modern authentication tradeoffs, and composable tooling. The episode wraps with a look at TanStack’s roadmap and what it takes to sustainably maintain open source at scale.

React got hacked with David Mytton

December 16th, 2025  |  37 mins 54 secs

react, security

In this episode, Noel sits down with David Mytton, founder and CEO of Arcjet, to unpack the React2Shell vulnerability and why it became such a serious remote code execution risk for apps using React server components and Next.js. They explain how server-side features introduced in React 19 changed the attack surface, why cloud providers leaned on WAF mitigation instead of instant patching, and what this incident reveals about modern JavaScript supply chain risk. The conversation also covers dependency sprawl, rushed patches, and why security as a feature needs to start long before production.

Shopify Winter ’26 Edition: building faster with the Dev MCP server with Eytan Seidman

December 11th, 2025  |  40 mins 22 secs

shopify

Eytan Seidman, VP of product at Shopify, joins the podcast to unpack Shopify's Winter '26 Edition and how AI is emerging into the market for developers and merchants.
They discuss the new Dev MCP server, showing how tools like Cursor and Claude Desktop can rapidly scaffold Shopify apps, wire up Shopify functions, and ship payment customization and checkout UI extension experiences that lean on Shopify primitives like meta fields and meta objects across online stores and point of sale.
Eytan also breaks down how Sidekick connects with apps, why the new analytics API and ShopifyQL open fresh analytics use cases, and more.

Whats new in React 19.2 with Shruti Kapoor

December 4th, 2025  |  22 mins 13 secs

react

Shruti Kapoor comes back onto the podcast to discuss React 19.2, how it builds on React 19 and React 18, and new features like Activity, View Transitions, useEffectEvent, and React server components improvements powered by cacheSignal. They explore partial pre rendering, Suspense boundary batching, the stable React Compiler for auto memoed apps, and new Chrome dev tools performance tracks. The episode also covers Next.js 16 framework support and the updated ESL plugin react hooks.

The useless useCallback: React performance myths unpacked, with Dominik Dorfmeister (Repeat)

November 27th, 2025  |  22 mins 55 secs

react, react hook, react usecallback

In this repeat episode, Dominik Dorfmeister unpacks the pitfalls of React’s useCallback and useMemo, revealing how these hooks often introduce more complexity than performance gains. He explores the promise of the React Compiler, the practical power of the “latest ref” pattern, and strategies to boost code readability and maintainability at scale.

Learn why overusing useEffect and manual memoization can do more harm than good, and how teams can level up their PR reviews and performance practices using tools like the ESLint React Compiler plugin.React useCallback, React useMemo, React memoization, React performance optimization, React compiler, React hooks best practices, React ref pattern, useEffect pitfalls, React readability, React ES Lint plugin, latest ref pattern React, React virtualized lists, React performance myths, useEffect overuse, React self review PRs, Dominik Dorfmeister React, Tans Stack Libraries

First look at Prisma ORM v7 with Will Madden

November 20th, 2025  |  23 mins 50 secs

prisma

Jack Herrington talks with Will Madden about how Prisma ORM is evolving in v7, including the transition away from Rust toward TypeScript, less magic, and a new Prisma config file for more predictable good DX. They dig into Prisma Postgres, improvements to Prisma Studio, better support for serverless environments, and how JavaScript ORM tools like Prisma as an object relational mapper will fit into future agentic coding workflows powered by LLMs.

GitHub’s Octoverse: TypeScript, Copilot, and Open Source Struggles

November 13th, 2025  |  49 mins 6 secs

octoverse

In this episode of PodRocket, Jack and Paige dive into the latest GitHub Octoverse report, covering trends like shipping faster with AI, the dominance of TypeScript as the top language, the rise of AI-generated pull requests, and the concerning drop in code review comments. They unpack the growing role of Copilot, the tension between OSS contributions and burnout, and the surge in AI infrastructure projects like Ollama. The discussion also touches on open source governance, the docs gap, prompt injection risks, and whether AI-powered browsers can succeed beyond the dev crowd.

Speeding up the web with the speculation rules API | Barry Pollard

November 6th, 2025  |  44 mins 33 secs

chrome, speculation rules, web perf optimization

Barry Pollard from the Chrome devrel team joins PodRocket to discuss the speculation rules API, a new browser feature designed to improve web performance through prefetch and pre-render techniques. Barry breaks down the history of speculative loading, contrasts SPA vs MPA behavior, and explains the nuances of hover prefetching, conservative prefetch, and the powerful new pre-render until script mode. Learn how Shopify and WordPress are adopting the API, what telemetry from Chrome Status reveals, and what developers need to know about potential pitfalls, caching behavior, and how the API is becoming a standard for static sites and e-commerce performance.

Remix v3, React 19.2, H-1B fees and Firefox fanboys

October 30th, 2025  |  49 mins 49 secs

panel

This months panel dives into Remix v3 without React, exploring its DIY VDOM framework and manual reactivity approach. We discuss the latest React Foundation governance changes and what React 19.2 brings, from the Activity component to useEffectEvent and server streaming support. The conversation also covers how the proposed H-1B $100,000 fee could affect tech hiring, thoughts on Firefox, the Perplexity and Washington Post paywall, and a spicy Tailwind vs CSS debate.

Ripple.js with Dominic Gannaway

October 23rd, 2025  |  31 mins 43 secs

framework, ripplejs

Dominic Gannaway joins us to talk about RippleJS, a new TypeScript-first UI framework built with its own templating language and a focus on clarity and reactivity. We explore how RippleJS handles fine-grained updates through its track and block system, why it avoids global state, and how context plays a key role. Dominic also walks us through the developer experience, from the language server and VS Code integration to syntax highlighting and the Prettier plugin, plus how the framework handles error boundaries, server-side rendering, future plans, and more.

Source maps: how does the magic work? with Nicolo Ribaudo

October 21st, 2025  |  25 mins 51 secs

css, javascript, source maps, typescript

Ever wondered how source maps actually work? In this episode, Nicolo Ribaudo, Babel maintainer and TC39 delegate, breaks down how source maps connect your JavaScript, TypeScript, and CSS back to the original code — making debugging, stack traces, and observability smoother in Chrome dev tools.

We dive into how source maps help in both development and production with minified code, explore tools like Webpack, Rollup, Next.js, and Svelte, and share when you should turn off source maps to avoid confusion.

WASM 3.0 with Andreas Rossberg

October 16th, 2025  |  40 mins 11 secs

wasm

Andreas Rossberg unpacks WASM 3.0, covering new capabilities like garbage collection, exception handling, tail calls, and support for 64-bit addressing with multiple memories. The discussion explores deterministic profiles following relaxed sim, WebAssembly’s capability-based security model, and advances in sandboxing and module design. Andreas connects these features to practical use cases in JavaScript engines and applications like Google Sheets, then looks ahead to experimental work on threading, stack switching, and async programming models shaping the next phase of the WebAssembly ecosystem.

Semantic HTML still matters with Jono Alderson

October 8th, 2025  |  26 mins 52 secs

html

Jono Alderson joins the podcast to discuss why semantic HTML still matters today. He shares how thoughtful markup can improve accessibility and performance, from using the picture tag and responsive images to optimizing with content-visibility CSS. The conversation dives into common pitfalls like div soup, the shift toward more template-centric design, and techniques for improving the critical rendering path. Jono also discusses preloading, HTTP early hints, and the evolving role of structured data, LLMs, and Google’s trust signals in shaping a more meaningful and efficient web.

State of CSS in 2025 with Adam Argyle and Kevin Powell

October 1st, 2025  |  43 mins 26 secs

css

In this episode of PodRocket, Adam Argyle and Kevin Powell discuss the results of the latest State of CSS survey and share how new capabilities like functions, mixins, nesting, and container queries are changing the way developers approach styling. We dive into the ongoing conversation around Tailwind and pre-processors, and look at the practical impact of features such as scroll driven animations, view transitions, and cascade layers. Adam and Kevin also explain how advances like relative color syntax and app property are making CSS variables more dynamic and reliable. Along the way, we touch on browser interoperability and imagine what’s ahead for CSS, from motion blur to fit text and beyond.

Google’s antitrust win, AI mandates, npm attacks and robots.txt

September 25th, 2025  |  41 mins 10 secs

ai, browsers, panel, security

Is the web breaking under the weight of AI crawlers, platform consolidation, and nonstop security breaches? We dive into the state of browsers, developer burnout, and whether tech regulation can actually keep up.

In this panel discussion:

• We debate if robots.txt and AI licensing standards like RSL can realistically control how AI scrapes the web.

• The fallout from DIA’s acquisition by Atlassian and what it means for indie browser innovation in a Chromium-dominated world.

• Why Google’s antitrust victory might embolden other tech giants, and what that means for competition.

• How supply chain attacks like the NPM malware and Shai Hulud worm are exploiting GitHub workflows and package vulnerabilities.

• The pushback against AI mandates at work, including Coinbase’s controversial policy requiring developers to use Copilot.

Unpacking the NPM supply chain attacks with Feross Aboukhadijeh

September 23rd, 2025  |  40 mins 9 secs

security

Feross Aboukhadijeh, founder of Socket, joins us to break down the recent wave of NPM supply chain attacks hitting the JavaScript ecosystem, including how attackers used phishing to target developers, snuck malware into popular packages like Prettier and "is", and even abused tools like Claude, Gemini, and TruffleHog.
We dig into how GitHub Actions vulnerabilities were exploited, what makes postinstall scripts risky, and and what you can do to protect yourself from future attacks.