AI companies are picking sides

Alright, the biggest story in AI this week is about what happens when AI companies negotiate with the U.S. military.

Here's what happened. Talks between Anthropic and the Department of Defense collapsed on Friday over the Pentagon's demand for "any lawful use" of Claude. Within hours, OpenAI swooped in with its own deal. The backlash was swift. ChatGPT uninstalls spiked roughly 200-300%, which is catastrophic when your investors are operating based on vibes. On the other side, Claude hit #1 on the App Store, and Sam Altman admitted the company "shouldn't have rushed" the announcement, calling it "opportunistic and sloppy."

Yup.

Since then, OpenAI has amended the contract to add language saying the system "shall not be intentionally used for domestic surveillance of U.S. persons and nationals" and that intelligence agencies like the NSA would need a separate agreement. Sounds good, right? Here's the problem. The contract language largely restates existing legal obligations, such as the Fourth Amendment, FISA, the National Security Act).

The autonomous weapons language is also soft. It only prevents use where "law, regulation, or Department policy requires human control," which is not an actual ban. And here's the most important detail from the whole saga: Dario Amodei revealed in a staff memo that near the end of negotiations, the Pentagon offered to accept Anthropic's terms if they just deleted a specific phrase about "analysis of bulk acquired data." Amodei said that phrase "exactly matched the scenario we were most worried about." He also accused the Pentagon and OpenAI of spreading "just straight up lies" about the issues at stake.

As of today, the Financial Times reports that Amodei is back at the negotiating table with Emil Michael. He's the under-secretary of defense who publicly called him a "liar" with a "God complex" just last week. A tech industry coalition including Nvidia, Google, and Anthropic sent a letter to Defense Secretary Hegseth expressing concern over designating a U.S. company as a supply chain risk, which has reportedly never been done to an American company before.

Anthropic has since confirmed the supply chain risk designation is official. They received the official letter on March 4. They're challenging it in court, but indicate the scope is narrow. The designation only applies to Claude usage as a direct part of DoW contracts, not all use of Claude by companies that happen to have those contracts. Amodei also walked back the tone of his leaked memo, apologizing and calling it an out-of-date reflection of a difficult day. The overall tone is apologetic. Anthropic is offering to keep providing models to the military at nominal cost during any transition, and Amodei emphasized that the company has "much more in common with the Department of War than we have differences."

I made a full video breaking down the timeline of Sam Altman's weekend contradiction on this deal. Check it out here.

OpenAI released GPT-5.4, and this one claims to pull together their recent advances in reasoning, coding, and computer use into a single frontier model. The headline capability is native computer use. The release notes states that GPT-5.4 can operate desktop and browser environments through screenshots and keyboard/mouse commands.

It incorporates the coding capabilities from GPT-5.3-Codex, supports up to 1M tokens of context, and introduces something called "tool search" in the API. Instead of stuffing every tool definition into the prompt upfront, the model gets a lightweight list and looks up definitions on demand.

Tool search is the most interesting thing here for developers. The "stuff every tool definition into the context window" approach has been an ugly scaling problem for anyone building agents with large tool ecosystems, and solving it at the model level rather than forcing developers to build their own routing is a real improvement.

Payload had two releases this week, and both deserve a closer look.

v3.78.0 upgrades the Lexical rich text editor dependency from v0.35.0 to v0.41.0. This is a big version jump that brings in upstream fixes including normalizeMarkdown. Good news: Payload handles all Lexical breaking changes internally, so no action is required for standard usage. If you installed lexical manually alongside Payload, you'll need to update it to 0.41.0, though the team recommends using the re-exported versions from @payloadcms/richtext-lexical/lexical/* instead.

Block icon configuration for Lexical now supports separate images for the inline block icon (20×20px) and the block drawer thumbnail. Previously, imageURL served both contexts, so you had to pick one image that worked at both sizes, but now the images property accepts distinct icon and thumbnail values with automatic fallback. Fully backwards compatible; imageURL still works but is deprecated. The modular dashboards feature also picked up full i18n translation support, covering all widget buttons and error messages that were previously hardcoded in English.

One breaking change: Widget.ComponentPath is now Widget.Component, retyped as PayloadComponent. It's a quick find-and-replace.

v3.79.0 is the bigger feature release. The headliner is a new TypeScript plugin (@payloadcms/typescript-plugin) that validates PayloadComponent import paths directly in your IDE. It checks that referenced files and exports actually exist, gives you autocomplete for file paths and export names, supports go-to-definition on component path strings, and understands all Payload path conventions. Previously, a typo in a component path string was a runtime surprise.

Trash graduated from beta and ships with a genuinely useful refinement: granular delete access control that distinguishes between soft-deleting and permanently deleting. You can now let regular users trash documents while restricting permanent deletion to admins, using the presence of data.deletedAt to determine which operation is being attempted. Dashboard widgets gained configurable fields similar to Blocks, with full type generation, and there's a new drawer UI for editing widget configuration directly in dashboard editing mode.

The MCP plugin (@payloadcms/plugin-mcp) also graduated from beta to stable, with a fix that strips virtual fields from MCP tool input schemas so non-stored fields don't leak into accepted parameters. On the rich text side, upload nodes now properly convert to markdown instead of being dropped.

Query presets can now be created and edited directly from the document form view using a full WhereBuilder, column picker, and groupBy selector. So, no more switching to the list view to build queries first.

The bug fix list is substantial too, with the standout is protection against silent data overwrites on concurrent edits.

This one is big. The Drizzle ORM team is joining PlanetScale, the database company that pivoted from MySQL/Vitess to Postgres last year. PlanetScale CEO Sam Lambert says the alignment is around a shared obsession with performance and developer experience. Drizzle will remain an independent open source project with its own roadmap.

This is the most significant ORM news since Prisma started losing mindshare to Drizzle in the first place. Drizzle became the default TypeScript ORM precisely because it was independent, lightweight, and didn't try to be a platform.

I believe we will see more acquisitions like this moving forward. Payload and Bun were similar acquisitions where open source is still the driving force behind these projects. Now, they just have resources backing them up.

Cursor had a big week with three announcements, and the JetBrains integration is the one that matters most.

Through the Agent Client Protocol (ACP), Cursor is now available as a plugin in JetBrains IDEs. You keep your existing JetBrains environment with all its deep language support, and you get Cursor's agent capabilities and frontier model selection on top. You don't need a JetBrains AI subscription, either.

Cursor gets distribution into JetBrains' massive install base, and JetBrains gets a popular AI tool validating their ACP protocol.

Cursor Automations is the second announcement. These are always-on agents that run on schedules or fire in response to events like Slack messages. Each automation spins up a cloud sandbox, follows your configured instructions using MCPs and models you choose, and can verify its own output. Custom webhooks are supported for anything the built-in integrations don't cover.

Rounding it out, MCP Apps and Team Marketplaces bring interactive UIs like charts, diagrams, and whiteboards directly inside agent chats, plus team marketplaces for admins to share private plugins internally.

The JetBrains move is the most strategically significant of the three. JetBrains users have been underserved by AI coding tools. The built-in AI assistant hasn't kept pace with what's available in VS Code, and switching editors just for better AI wasn't realistic for teams deep in the IntelliJ ecosystem. Cursor showing up as a plugin rather than demanding you switch editors leads to something bigger. Cursor sees itself less as an IDE and more as the AI layer that can sit on top of any editor. That's a much larger addressable market.

Next.js 16.2.0 has burned through canary.64 through canary.80 in the past week, and the most significant thread running through them is an aggressive cleanup of PPR (Partial Prerendering) internals. Canary.78 alone replaces PPR config helpers with cacheComponents checks, removes isRoutePPREnabled from render options, deletes the PrerenderStorePPR type and all its switch cases, removes the legacy PPR postpone cluster, and cleans up PPR references across test fixtures. This is consolidating how caching and prerendering work under the hood as the cacheComponents model takes over.

The other major story is "Cached Navigations," which also landed in canary.78. The client-side router will now cache visited fully static pages in the segment cache, cache the static stage of partially static initial HTML, and cache runtime stage data from navigation requests.

Next.js spent the last two years building PPR as the future of rendering, and now the internals are being ripped out and replaced with cacheComponents as the foundational primitive. That's not necessarily bad. PPR's mental model was always hard to explain, but it's a reminder that betting early on Next.js experimental features means signing up for architectural headaches.

Railway introduced Smart Diagnosis. This is an AI agent that runs against your failed deployments. It reads through build logs, config, recent code changes, and repo context to figure out what went wrong, then suggests fixes including one-click config patches. You can either copy the fix instructions and hand them to your coding agent of choice, or open a conversation with Railway's canvas agent to dig deeper and work through the fix interactively. Code-level PR fixes aren't supported yet, but they're on the way.

Railway also consolidated its agent skills from 13 separate domain-specific skills down to a single use-railway skill. Previously, coding agents had to evaluate 13 skill descriptions on every request, and new users faced a wall of options before understanding what any of them did. The unified skill matches your intent to the right reference and loads only what's needed, so multi-step workflows compose into a single response.

Use my affiliate code to sign up for Railway if you want.

Claude Code pushed a massive v2.1.69 release, and the theme is memory management. The changelog lists dozens of memory leak fixes alongside a 16MB reduction in baseline memory.

On the feature side, the headline is a /claude-api skill for building applications with the Claude API and Anthropic SDK directly from within Claude Code. Voice STT expanded to 20 languages, and the plugin system gained /reload-plugins, new hook events, and HTTP hooks that POST JSON to a URL instead of running shell commands.

Claude Code auto mode is launching in research preview no earlier than March 11. Auto mode lets Claude handle permission decisions during coding sessions so you can run longer tasks without getting interrupted by manual approval prompts. It's designed as a safer alternative to --dangerously-skip-permissions, which, let's be honest, most developers use anyway to avoid being blocked during long tasks.

Cloudflare Workers AI added customization options to its Markdown Conversion service. You can now use CSS selectors to extract specific HTML content, set the language for AI-generated image descriptions, and exclude metadata from PDF output.

Dokploy v0.28.3 added cross-router search with member access controls, additional columns for project and environment services, formatted request logging, and organization-level deployment visibility.

Astro posted its February 2026 roundup with strong adoption numbers. HTTP Archive shows usage up 11.8% on mobile and 14.6% on desktop, and the 2025 State of JS results have Astro at #1 in interest, satisfaction, and positivity for three to four consecutive years. Astro 6.0 beta 17 is available with a draft upgrade guide.