OSS Feed: 2026-04-21

A lively day across the React / TanStack / MSW ecosystem — TanStack shipped CLI fixes, MSW landed several bugfixes, and the React core team chimed in on long-standing issues.

@acdlite

• Commented on Implement react-server-dom-rspack — ongoing work to bring Rspack support to React Server Components.

@gaearon

• Revisited the long-running useId() not working inside <Suspense> bug — still a rough edge for folks mixing streaming SSR with id generation.

@sebmarkbage

• Also chimed in on useId() not working inside <Suspense> — Sebastian and Dan tag-teaming on the same thread is usually a sign something is landing soon.

@tannerlinsley

Tanner had the busiest day by far — three PRs opened plus a wave of reviews across TanStack repos.

• Opened fix(docs-cache): sync refresh + nightly prune of orphaned rows on tanstack.com — keeping the docs cache tidy.
• Opened fix(cli): default to interactive mode and add missing prompts — better first-run experience for @tanstack/create.
• Opened fix(create): strip all demo/example files when users opt out — a proper opt-out for scaffolding noise.
• Reviewed Create migration guide from AI SDK to TanStack.
• Reviewed Remove fast async nodent runtime on TanStack Query.
• Weighed in on payloadcms' admin framework adapter pattern and tanstack support.
• Reviewed fix(types): Add missing params for mutation types.
• Reviewed fix(create): exclude demo files and better-auth integrations when demo is disabled.
• Reviewed feat: AG-UI core interop - spec-compliant event types.
• Reviewed RFC - define query types.

@leerob

A quiet day.

@timneutkens

• Replied on Memory leak fix from canary still not in any 16.x stable release — production OOMs on Next 16.2.4 are a painful one to be tracking.
• Commented on Handle edge runtime in places that import node:stream.

@bvaughn

A quiet day.

@t3dotgg

A quiet day.

@TkDodo

Dominik continues deep inside Sentry's page-frame refactor.

• Opened fix(pageFrame): integration layout header.
• Opened fix(pageFrame): remove muted variant from InfoTip.
• Plus reviews/comments across a handful of Sentry PRs: topbar offset for sticky headers, sticky event nav, eslint extends cleanup, trace breadcrumbs in top bar, releases feedback slot, duplicate dynamic sampling title, projects endpoint to apiOptions, monitors edit breadcrumbs, explore saved queries endpoint.

@phryneas

Lenz had a security-flavored day.

• Commented on Enforce global type declaration for defaultOptions on Apollo Client.
• Raised the alarm on Security: bare mui npm namespace held by third party — baitsquatting risk.
• And the matching Security: bare redux-toolkit npm namespace held by third party — baitsquatting risk. A good reminder to double-check the exact package names you npm install.
• Reviewed Update client codegen doc to match v6 release.
• Also on feat: add block-no-verify PreToolUse hook to .claude/settings.json.

@markerikson

• Reviewed PRO-2387 forward REPLAY_CLIENT_SOURCE env as request header on replay-cli.
• Reviewed Update jest config and add more unit test coverage on replay devtools.

@kettanaito

Artem shipped a notable MSW batch.

• Opened issue Consider network.pause() in NetworkApi — interesting API surface proposal.
• Opened fix: reset generator state on .resetHandlers()/.restoreHandlers().
• Opened fix: await in-flight requests from closing clients — addresses the "MSW still handling requests after worker stopped" class of bugs.
• Opened fix: support an array as the orderBy value on @mswjs/data.
• Plus reviews on in-flight requests after worker stopped, persistent + one-time responses in one handler, Blob serialization in capnweb, test: prevent handling in-flight after stop, network.pause() proposal, sorting config array in mswjs/data, and reject duplicate setupWorker calls.

@dinwwwh

• Commented on Support return ReadableStream<binary> in .handler.
• Commented on feat(server,openapi): support ReadableStream<Uint8Array> as handler return value — oRPC is steadily growing its streaming story.

Today's Highlight

Security heads-up from @phryneas: the bare mui and redux-toolkit npm namespaces are held by third parties — a baitsquatting risk for anyone fat-fingering an install. Always install scoped package names (@mui/material, @reduxjs/toolkit). See the MUI issue and the Redux Toolkit issue.

Runner-up: @kettanaito tightening up MSW worker lifecycle — the "still handling requests after stop" fix should quietly resolve a bunch of flaky-test reports in the wild.