#032

VS Code stuck Copilot in 4M commits, Uber blew its AI budget, Tesla owner won $10K via Zoom

VS Code silently appended Co-Authored-by: Copilot to 4M commits since v1.117. Uber burned its 2026 AI budget in 4 months. One Tesla owner won $10K over Zoom.

Listen to this edition

VS Code v1.117 silently flipped on a setting that auto-injects Co-Authored-by: Copilot into every commit, even for devs who set chat.disableAIFeatures: true. GitHub search now returns roughly 4 million commits with that trailer, all written in the 11 days since release. The fix lands in v1.119 but the existing git history is permanent.

The Linux kernel forbids Co-authored-by for AI tools and requires Assisted-by instead, so VS Code’s default may break DCO rules in any project that follows kernel-style attribution. The U.S. Copyright Office’s stance that non-human entities can’t hold copyright makes the trailer a real headache at acquisition or audit time.

In today’s indie hacker news:

  • VS Code stuck Copilot into 4M of your git commits
  • Uber blew its 2026 AI budget on Claude Code in 4 months
  • Tesla owner won $10,672 in small claims via Zoom
  • Open Design cloned Anthropic’s Claude Design in 15 days
  • Maryland banned grocery surveillance pricing, $25K per offense

TOP STORIES

CHECK YOUR GIT LOG

VS Code silently signed 4M of your commits with Copilot. The fix lands in v1.119.

VS Code silently signed 4M commits with Copilot

The story: PR #310226 (merged April 16) flipped git.addAICoAuthor’s default from off to all and shipped in VS Code v1.117.0 on April 22. Every commit made since with the Copilot extension installed gets Co-Authored-by: Copilot <copilot@github.com> appended to the trailer, even if no Copilot suggestion was used and even when chat.disableAIFeatures: true is set. Jitbit founder @jitbit called it “an ad in my commit just because I have a copilot extension installed.” VS Code engineer dmitrivMS later acknowledged on the PR: “It should never have been enabled when disableAIFeatures is on. It should not add attribution to changes that were not done by AI.”

The details:

  • v1.117.0 shipped April 22, ~4M commits with the trailer accumulated in 11 days per GitHub search cited by @jitbit.
  • The trailer never appears in the commit-message UI before commit, so most devs only see it after the fact in CI logs or git log output.
  • Issue #313064 was filed April 28, tagged “important,” and assigned to milestone v1.119 for the upstream fix.
  • Linux kernel norms forbid Co-authored-by for AI tools and require Assisted-by instead, so the default may break DCO rules for kernel-style projects (GitHub community discussion, 103 upvotes, 35 participants).
  • Quick check today: git log --format='%B' | grep -i copilot. Quick fix: set "git.addAICoAuthor": "off" in VS Code settings, then wait for v1.119.

Why builders care: If you ship to GitHub from VS Code with the Copilot extension installed, the past two weeks of your git history may carry false AI co-authorship. For solo founders the cosmetic version doesn’t matter much. For teams with IP-sensitive work, OSS contribution policies, or “max X% AI-generated code per file” rules, that line is now in the permanent record. Audit your tool defaults, any IDE extension with write access to your commit pipeline can quietly modify the public record of your work.

BUDGET TORCHED IN ONE QUARTER

Uber gave 5,000 engineers Claude Code and torched its entire 2026 AI budget by April.

Uber&#x27;s CTO is back to the drawing board

The story: The Information’s reporting, summarized in Briefs, pinned the moment Uber CTO Praveen Neppalli Naga said the line every CFO is waiting for: “I’m back to the drawing board, because the budget I thought I would need is blown away already.” Uber rolled Claude Code to its full 5,000-engineer org in December 2025. Adoption ran 32% in December, 63% by February, 84% by March. Per-engineer spend topped out at $500-$2,000 a month. The full annual AI tooling allocation inside Uber’s $3.4B 2026 R&D budget was exhausted by April.

The details:

  • 32% → 63% → 84%: Claude Code adoption among Uber engineers from December to March; 95% of engineers now use AI tools monthly.
  • 70% of committed code at Uber originates from AI; 11% of live backend updates ship with no human in the loop, roughly 1,800 AI-written changes per week to production (byteiota recap).
  • Per-engineer Claude Code spend hit $500-$2,000/month at peak. Consumer Claude Pro is $20, Claude Max is $100. The gap is token-based pricing on parallel agentic workflows.
  • Uber’s 2026 R&D budget is $3.4B, up 9% from 2025; AI-related costs rose ~6x since 2024. Uber is now testing OpenAI’s Codex alongside Claude Code as a hedge.
  • Internal leaderboards rank teams by AI tool usage. Classic Goodhart trap: “highest token burn” doubles as “best engineer” until the line item is the entire budget.

Why builders care: Claude Code isn’t priced like a SaaS seat, it’s metered tokens, and usage scales nonlinearly the moment engineers run parallel agentic workflows. Every indie hacker giving themselves or a team uncapped Claude Code access should set a monthly token ceiling before rollout, not after. Uber’s $3.4B problem is the enterprise version. You can hit it personally on a $200 Claude Max plan if you spin up 5 parallel agents. Adoption beating your forecast is exactly what you want, until the pricing model punishes the win. (If usage-based AI tooling makes you nervous, see Trending for Qwen3.6-27B running 72 tok/s fully local on a single 3090.)

ZOOM COURT BEATS TRILLION-DOLLAR CO

He sued Tesla over FSD lies via Zoom and walked away with $10,672. Tesla is still stalling the writ.

Tesla owner won $10K in court for FSD lies

The story: Electrek broke the case on May 2: Ben Gawiser bought Full Self-Driving for his 2021 Model 3 for $10,000, sat through five years of Tesla pushing the FSD release date, and finally filed in Travis County small-claims court for $72.88 in fees. The court issued a $10,672.88 default judgment on April 1 after Tesla missed the April 22 response deadline and skipped the video hearing. Same day Tesla’s window closed, Musk admitted on Q1 earnings that “Hardware 3 simply does not have the capability to achieve unsupervised FSD.” Gawiser filed a $240 writ of execution May 1 authorizing Texas sheriffs to seize Tesla property until the judgment is paid.

The details:

  • $10,672.88 default judgment April 1; $72.88 filing fee, $240 writ on May 1; case is Travis County Justice of the Peace, Texas.
  • Musk’s April 22 admission landed the same day Tesla’s response deadline closed. Tesla then filed a late extension claiming it never got the hearing notice but submitted no defense.
  • Aggregate Tesla FSD lawsuit exposure runs $2.7B-$14.5B across 21 active legal tracks per Electrek’s deep dive. The In re Tesla ADAS class action (N.D. Cal.) was certified August 2025 on a full-refund theory.
  • Roughly 4 million HW3 vehicles were sold with the FSD promise that Musk now confirms needs a factory-level hardware swap Tesla isn’t building at scale.
  • 3,000 European HW3 owners from 29 countries have signed hw3claim.nl, representing €6.5M in FSD purchases.

Why builders care: This is the cleanest live test of “promised feature, never delivered” liability for any subscription or licensed-software founder. Gawiser paid $10K for a named feature (“Full Self-Driving”), the feature never shipped, and a one-person small-claims filing over Zoom recovered the full purchase price plus fees with no lawyer required. If your marketing names a specific capability you don’t yet ship, you own that gap legally, not metaphorically. The class certification on a full-refund theory is the precedent that scales it: counsel only has to prove the marketing claim was false, not that each customer was confused.

CLOSED-SOURCE HALF-LIFE: 15 DAYS

Open Design cloned Anthropic’s Claude Design in 15 days. Apache-2.0, BYOK, runs on 12 coding-agent CLIs.

Open Design ships 15 days after Claude Design

The story: Open Design v0.1.0 shipped May 1 from Tom Huang (@tuturetom) and 22 other contributors, 15 days after Anthropic’s Claude Design launch on April 17 (cloud-only, Anthropic-models-only, paid). Apache-2.0, BYOK, no Anthropic account required. Open Design auto-detects 12 coding-agent CLIs on your $PATH (Claude Code, Codex, Cursor Agent, Gemini, OpenCode, Qwen Code, Copilot CLI, Hermes, Kimi, Pi, Kiro, Devin Terminal) and routes the same artifact-first design loop through whichever you already pay for. Tom Huang summed it up on X: “Claude Design eats tokens. Open Design is BYOK on whatever CLI you already pay for. So no double subscription.”

The details:

  • 16,500 GitHub stars and 1,900 forks within days of the May 1 launch; v0.2.0 shipped May 2 with “45 PRs · 23 contributors · 24 hours.”
  • 31 composable Skills (27 Prototype Mode, 4 Deck Mode) ship as droppable SKILL.md files; users can fork or replace them.
  • 72 brand-grade Design Systems bundled, covering Claude, Cohere, Mistral, Cursor, Vercel, Linear, Supabase, PostHog, Stripe, Coinbase, plus 60+ more.
  • Imports Claude Design export ZIPs and parses them into real projects, so any agent can keep editing where Anthropic’s tool left off.
  • nexu-io is the same collective behind nexu (2.8K stars), a desktop client bridging AI agents to WeChat, Feishu, Slack, and Discord.

Why builders care: Every closed-source agent product now has a roughly 15-day open-source shadow. Open Design proves the pattern: take a viral Anthropic Labs launch, strip the lock-in, add BYOK plus multi-agent routing, ship Apache-2.0. Builders already paying for Claude Code, Cursor, or Codex get the same artifact-first design loop with no second bill. The deeper signal is architectural: nexu-io built agent adapters, not a new agent, so any CLI that ships tomorrow gets supported without a breaking change. Closed-source moats on agent UX products are now measured in days, not months. (Speaking of harness-level architecture, see Trending for the agent-harness essay that landed the same week.)

ONE PRICE FOR EVERYONE

Maryland banned AI-driven surveillance pricing in grocery stores. $25K per offense, five states copying the bill.

Maryland bans grocery surveillance pricing

The story: Governor Wes Moore signed HB 895 (Protection From Predatory Pricing Act) on April 28, effective October 1, 2026. The law bans grocers larger than 15K sq ft and any third-party delivery service from setting personalized prices using consumer surveillance data. “Personal data” sweeps in IP address, geolocation, device type, browsing history, and purchase behavior. First-offense fines hit $10,000, repeats up to $25,000. California (AB 446), Colorado (HB26-1210), Illinois (HB 4248), and New Jersey (S3732 + A4085) all have copy-paste bills in flight per Inside Privacy’s tracker.

The details:

  • HB 895 covers food retailers ≥15,000 sq ft and any third-party delivery service. Restaurants and small grocers under 15K sq ft are entirely exempt.
  • “Surveillance data” explicitly covers IP address, geolocation, device type, browsing history, and purchase behavior, the exact signals most dynamic-pricing engines use.
  • $10,000 first offense, $25,000 repeats. Enforcement is by the Maryland AG only (no private right of action), with a 45-day cure period before any filing.
  • Voluntary loyalty programs open to all consumers are exempt; gating personalized pricing behind an opt-in consent flow is the clearest current safe harbor.
  • Consumer Reports flagged a real loophole: the ban only triggers when data sets a higher price without a baseline, so framing all data-driven prices as “discounts” may sidestep the law.

Why builders care: Maryland’s “personal data” definition reads like a feature list for any e-commerce, last-mile delivery, loyalty app, or ad-tech yield product doing dynamic pricing. The grocery scope is narrow today, but Colorado HB26-1210 covers wages alongside prices, and the “price you see is the price you pay” framing is bipartisan, so the copy-paste bills will not die in committee. If your SaaS sets personalized prices on consumer signals, audit whether your pricing inputs map to “surveillance data” before your state’s copy lands. The loyalty-program safe harbor is the cleanest exit, opt-in consent flows that gate personalization survive intact.

🧰 The agent harness belongs outside the sandbox - 60 HN points. Core thesis: harness owns orchestration, credentials, and run state; the sandbox is stateless cattle. A wave of harness-layer launches piled on the same week. Fabrica is a Rust TUI coding agent (99.6% Rust, multi-provider). HiveTerm hit Product Hunt running Claude Code, Codex, Gemini, and Cline side-by-side via hive.yml plus a “Queen” MCP server for inter-agent messaging. If you’re building any dev-tool product on top of Claude/Codex/Gemini, the harness (agent loop, tool routing, approvals, run state) is now the layer to own, not the model wrapper.

Qwen3.6-27B is having a LocalLLaMA moment - 1,108 combined upvotes across three threads. 72 tok/s on a single RTX 3090 via native Windows vLLM (no WSL, no Docker), confirmed in the devnen/qwen3.6-windows-server project. Apache-2.0, fits in 17GB at Q4. Community-reported 95.7% SimpleQA with agentic search running fully local. The April “Best Local LLMs” roundup crowned it the new default. For anyone selling a “private/local-only” tier, the cost-quality argument just collapsed. A used 3090 plus Qwen3.6-27B plus agentic search hits frontier-API quality on most non-extreme-reasoning queries.

FIRST DOLLAR

AI SAAS FLOPPED, BORING WEBSITES WIN

u/NoGround511 quit his job, watched his AI SaaS flop, then started billing more per month from 7-day fixed-price websites than he used to make in a year.

u/NoGround511 posted on r/SaaS (265 upvotes, 163 comments): a performance-marketing dev quit his stable job to test two ideas. Idea 1: AI tool generating product photoshoots and thumbnails. Idea 2: 7-day fixed-price small-business websites with no fancy stack. The “smart” AI SaaS flopped. The “boring” website ladder now bills more per month than the previous annual salary (India-based, so geography arbitrage matters). Free homepage preview is the risk reversal. $500+/month Meta ads after old-job contacts dried up. His own line: “The idea that felt too simple, too obvious, too unsexy was the one that actually had demand behind it.”

VOREMI: 110 DAY-ONE DOWNLOADS, $0 ADS

u/Much_Pomegranate6272 shipped Voremi, a voice-reminder app. Speak “Call mom at 6 PM” and it sets the calendar event in 3 seconds.

110 organic downloads in 24 hours with no following and no ad spend. 78 upvotes, 77 comments, 96% upvoted. Free on Android (Google Play, com.appcial.reminder). His post: “Just posted it quietly and went to sleep. Woke up to 110 downloads in a single day.” The bare-minimum-broadcast playbook still works for genuinely useful utility apps. The core insight is real: people forget things between thinking them and typing them, and voice closes that 8-second gap.

STACK OF THE DAY

🗺️ Photon by komoot. Open-source geocoder + autocomplete on OpenStreetMap data, served from photon.komoot.io/api/ with no API key required. Mapbox’s Temporary Geocoding runs $0.75/1K requests after the first 100K free; Search Box API is $1.00/1K after 50K. Photon’s public instance is $0, fair-use throttled at high volume. Self-host the planet DB from github.com/komoot/photon if you need SLAs (~95GB disk, 64GB+ RAM). Apache-2.0 server, OSM ODbL data, multilingual, search-as-you-type, reverse geocoding. @levelsio’s tweet pulled 688 bookmarks in a day, the loudest “stop paying Mapbox” signal in months.

Not sponsored. We just feature tools builders would actually use.

BOOKMARKED TODAY

🧯 Anthropic’s Claude Code post-mortem - Anthropic’s own writeup on the late-April Claude Code quality regression (covered Editions #28-#30): the bug, the fix, what they changed in eval coverage. 942 HN points. Required reading for anyone with Claude Code in their critical path.

🏗️ A Couple Million Lines of Haskell: Production Engineering at Mercury - Mercury’s eng team explains how they run ~2M lines of Haskell in production: monorepo, GHC upgrade pipeline, deploy cadence, hiring funnel. Counter-evidence next time someone says “nobody runs Haskell in prod.” 154 HN points, 89 comments.

Curated by AI, built by a human.