Cloudflare used AI to quickly create V-Next, a supposed Next.js replacement, but the project was misleadingly marketed, as it only passed a small fraction of the real Next.js tests and was mostly a wrapper around existing tools. The video warns that open-source transparency makes it easier for AI to clone projects superficially, raising concerns that maintainers might restrict openness to protect their work, which could undermine the open-source ecosystem.
Cloudflare recently announced that it had used AI tools to “vibe-code” a drop-in replacement for the popular React framework Next.js, called V-Next, in just one week with a single engineer and about $1,100 in API costs. This follows a trend where companies use AI to rapidly replicate complex software projects, as previously seen with Cursor’s AI-built browser. The announcement was positioned as a major achievement, highlighting impressive-sounding metrics like 94% API coverage and faster build times, and was widely publicized as a demonstration of AI’s capabilities in software development.
However, the video points out that these claims are misleading. The 94% API coverage touted by Cloudflare was measured against V-Next’s own, much smaller test suite, not the comprehensive 13,000-test suite used by Next.js. When independent developers ran V-Next against the actual Next.js tests, it passed only a small fraction of them. Furthermore, much of V-Next is essentially a wrapper around the existing Vite build tool, rather than a true ground-up reimplementation of Next.js. This exposes the reality that the AI-generated project is far from a complete or reliable replacement.
The rivalry between Cloudflare and Vercel (the company behind Next.js) is at the heart of this story, with both companies vying for the same developer and infrastructure market. The competition quickly escalated, with Vercel’s CEO publicly disclosing security vulnerabilities in V-Next and using the opportunity to promote migration back to Vercel. Ironically, this mirrors past incidents where Cloudflare had previously called out Vercel for security issues, highlighting how both companies use security disclosures as marketing tactics in their ongoing battle.
A deeper concern raised by the video is the impact of open-source transparency on the ease of AI-driven replication. Open-source projects are encouraged to have comprehensive tests, clear documentation, and well-defined APIs to foster trust and community contributions. However, these very qualities make it easier for AI agents to clone projects by simply targeting the test suites and iteratively making them pass, without truly understanding the software or its edge cases. This leads to clones that may superficially work but are riddled with vulnerabilities and lack the nuanced judgment of experienced developers.
The video concludes by warning that this trend could incentivize open-source maintainers to make their test suites and documentation private to prevent easy AI replication, undermining the openness and trust that make open source valuable. The presenter questions whether the benefits of transparency outweigh the risks of rapid, AI-driven cloning, and calls for a community discussion on how to balance openness with the new challenges posed by AI in software development.