State of C++ 2026

January 29, 2026

2025 brought major changes to C++. C++26 achieved feature-complete status in June, delivering static reflection, what Herb Sutter called "more transformational than any 10 other major features combined", alongside contracts and the std::execution async framework. Meanwhile, WG21 rejected the Safe C++ proposal in favor of Profiles, sparking fierce community debate. CISA and FBI recommended publishing memory safety roadmaps by end of 2025 (non-binding guidance), and a Microsoft distinguished engineer outlined an ambitious _goal_ (later clarified as research, not a company-wide commitment) to remove C/C++ by 2030 (The Register, TechRadar). Visual Studio 2026 shipped with deep GitHub Copilot integration, GCC 15 bumped the default to C23, and CMake 4.0 marked 25 years of build system evolution.

Infographic titled "The State of C++: 2025 Recap & 2026 Roadmap" split into sections. "2025: A Year of Evolution" shows C++26 reaching feature-complete status in June 2025 with Static Reflection, Contracts, and std::execution async framework finalized at the June meeting. "The Great Memory Safety Debate" shows WG21 rejecting the Safe C++ borrow-checker approach and accepting the Profiles approach. "50% Massive Build-Time Optimization" highlights Activision achieving a 50% reduction in Call of Duty build times using MSVC. "2025 Ecosystem & Security Snapshot" shows vcpkg surpassing 2,691 library ports, 85% of developers regularly using AI tools, and memory issues causing approximately 70% of large-scale vulnerabilities. "2026: The Road to C++26" shows C++26 Final Technical Approval scheduled for the March 2026 WG21 meeting in London. Other sections cover "Mandatory Memory Safety Roadmaps" with CISA and FBI recommending organizations publish memory safety roadmaps by year-end 2025, and "Next-Gen AI Tooling Deployment" with Visual Studio 2026 and CLion Nova delivering deep symbol-aware AI integration.
The State of C++: 2025 Recap & 2026 Roadmap

Actions for 2026: Audit codebases for C++26 readiness, particularly reflection and contracts. Review the Profiles whitepaper when published. Publish or update memory safety roadmaps and execute against them. Test CLion Nova and VS 2026 AI features. Migrate Qt 5 projects to Qt 6.10 LTS.

C++ 2025 Timeline

Timeline infographic titled "2025: The Year in Review" showing key C++ events by quarter. Q1 January through March shows February's Bjarne's Call to Action warning of attacks on C++, February's Hagenberg Meeting where WG21 voted to focus on Profiles over Safe C++, and March's CMake 4.0 release. Q2 April through June shows May's Qt 5.15 Support Ends, June's C++26 Feature Complete status achieved at the Sofia meeting, and June's CISA/NSA Guidance on memory safety. Q3 July through September shows September's Safe C++ Rejected by the committee and September's CppCon featuring Herb Sutter's keynote on Reflection. Q4 October through December shows November's Visual Studio 2026 GA release, November's Herb Sutter stepping down as WG21 Convenor after serving since 2002, and December's Microsoft "Removal" Goal announcement. The legend indicates blue dots represent Standard/Language events, vermilion dots represent Security/Regulation events, and black dots represent Ecosystem events.
2025: The Year in Review

January 2025

January 23
milestone

vcpkg Surpasses 2,524 Libraries

vcpkg surpassed 2,524 libraries with 12 new packages, reflecting steady ecosystem growth.

February 2025

February 7
announcement

Bjarne Stroustrup's "Call to Action"

Bjarne Stroustrup issued an urgent "call to action" (paper P3651R0; published Mar 6, widely reported Mar 2), warning WG21 of "unprecedented, serious attacks on C++" from government mandates and characterizing them as a "credible threat."
February 10-15
event

WG21 Hagenberg Meeting

The WG21 meeting in Hagenberg, Austria served as effective feature freeze for C++26 core language features. WG21 adopted Contracts (P2900) and Trivial Relocatability (P2786). Critically, the Safety and Security working group voted to focus on Profiles over the Safe C++ borrow-checker proposal, sparking community debate.
February 26-28
event

C++Online 2025

C++Online 2025 virtual conference (plus workshops) kicked off the year of C++ knowledge-sharing events.

March 2025

March 4
release

LLVM 20.1.0

LLVM 20.1.0 released with full Armv9.6-A and SVE2.1 support and new GPU targets.
March 11
release

MISRA C:2025 Published

MISRA C:2025 published at Embedded World 2025 in Nuremberg as an incremental update with new, removed, and modified guidelines, plus a "disapplied" category and a rolling release model (Perforce).
March 19
announcement

C++ Dynamic Debugging at GDC

At GDC 2025, Microsoft unveiled "C++ Dynamic Debugging" enabling full debugging of optimized builds, a significant productivity boost for game development.
March 27
release

CMake 4.0.0

CMake 4.0.0 launched, marking 25 years since initial launch. Introduced CMAKE_POLICY_VERSION_MINIMUM, deprecated pre-3.5 compatibility, added CMAKE_LINK_WARNING_AS_ERROR, and improved C++20 modules support.

April 2025

April 1-4
event

ACCU Conference

ACCU Conference in Bristol, UK. Daisy Hollman keynoted on "Learning to stop writing code."
April 2
release

Qt 6.9

Qt 6.9 released with rendering performance enhancements and better SVG CSS animation support for embedded and automotive UI.
April 10
release

Boost 1.88.0

Boost 1.88.0 released with 2 new libraries and updates to 21 others.
April 23
announcement

GitHub Copilot C/C++ Support

GitHub Copilot code review added C/C++ support. JetBrains AI Assistant launched a free tier with unlimited local code completion for C++.
April 25
release

GCC 15.1

GCC 15.1 shipped, as LWN.net reported, adding a COBOL front-end, bumping default C to C23, and adding approximately two-thirds of C++26 features including pack indexing (P2662R3), = delete("reason") (P2573R2), variadic friends (P2893R3), and constexpr placement new (P2747R2).
milestone

Activision 50% Build Time Reduction

Activision revealed 50% build time reduction for Call of Duty (28 minutes to 14) using Microsoft's MSVC Build Insights.
April 28 - May 2
event

C++Now 2025

C++Now 2025 in Aspen, CO featured 48 presentations across 3 tracks. The Safe C++ rejection dominated corridor discussions.
April 30
event

Pure Virtual C++ 2025

Microsoft hosted Pure Virtual C++ 2025, a free virtual conference featuring meta::v1.0 and next-gen polymorphism talks.

May 2025

May 14
release

Visual Studio 2022 17.14

Visual Studio 2022 17.14 released with C++23/26 STL features and C++ Dynamic Debugging.
May 16
milestone

JetBrains Developer Ecosystem Survey

JetBrains Developer Ecosystem Survey 2025 published (24,534 developers, 194 countries). Found 27% of developers used C++ in the past 12 months, 85% regularly use AI tools, and released dedicated "State of C++ 2025" and "State of Embedded Development 2025" reports.
May 26
milestone

Qt 5.15 Standard Support Ends

Standard support for Qt 5.15 ends (subscription extension), moving Qt 5.15 into EoS/paid maintenance; migrate to Qt 6.

June 2025

June 16-21
milestone

C++26 Feature Complete

The Sofia, Bulgaria WG21 meeting completed C++26 feature freeze. InfoQ reported the final feature set: Static Reflection (P2996), Contracts with [[pre:]]/[[post:]]/contract_assert, std::execution sender/receiver framework, SIMD types from Parallelism TS 2, parallel algorithms for Ranges, and std::embed.
Slide titled "C++26 Achieves Feature Complete Status" showing the standardization timeline with February 2025 Hagenberg feature freeze, June 2025 Sofia feature complete, and July 2025 CD Ballot. The "Key Features" section lists Static Reflection enabling compile-time introspection, Contracts, Async Framework based on the std::execution sender/receiver model, and Performance improvements including SIMD types and parallel ranges. A highlighted quote from Herb Sutter states that Reflection is "more transformational than any 10 other major features combined" and calls it "C++'s decade-defining rocket engine."
June 23-27
event

C++ on Sea 2025

C++ on Sea 2025 in Folkestone, UK. Herb Sutter keynoted on reflection, Timur Doumler on safety and contracts.
June 24
announcement

CISA/NSA Memory Safety Guidance

CISA and NSA released joint guidance to strengthen national cybersecurity through memory-safe languages (NSA press release). Separately, the CISA/FBI "Product Security Bad Practices" guidance recommends publishing memory safety roadmaps by the end of 2025. In large codebases, memory safety issues can account for ~70% of reported vulnerabilities (for example, Microsoft historically) (Microsoft).
June 26
security

Chrome V8 Zero-Day

CVE-2025-5419: Critical out-of-bounds read/write in Chrome V8 with exploit in the wild (Chrome Releases).

July 2025

July
milestone

C++26 CD Ballot

C++26 working draft circulated for national body review comments (CD ballot) following the June feature freeze.
July 10
announcement

Meta's C-to-Rust Migration

InfoQ published Meta's messaging migration deep-dive: rewriting legacy C to Rust, with developer experience as the primary driver.
July 20-23
event

CppNorth 2025

CppNorth 2025 in Toronto showcased C++ in fintech, game development, and scientific computing.
July 25
release

vcpkg license-report Command

vcpkg 2025.07.25 added the license-report command for SPDX/SBOM reporting.

August 2025

August 8
release

GCC 15.2

GCC 15.2 released as a bug-fix update.
August 12
announcement

Dependabot vcpkg Support

Dependabot added vcpkg support. JetBrains AI Assistant brought Claude 4 Sonnet and GPT-5 support; Junie coding agent integrated across JetBrains IDEs.
August 13
release

Boost 1.89.0

Boost 1.89.0 released with bug fixes and C++23 compatibility updates.
August 14
announcement

NASA Software Testing Deep-Dive

InfoQ reported on NASA's testing process for Space Shuttle and Orion flight software.
August 26
release

LLVM 21.1

LLVM 21.1 launched with AMD GFX1250 target for next-gen accelerators, "fat LTO" objects (bitcode + machine code), and C++26 feature additions. ARM detailed the new features.

September 2025

September 13-19
event

CppCon 2025

CppCon 2025 in Aurora, CO, the largest annual C++ conference with 100+ sessions. Bjarne Stroustrup presented "Concept-Based Generic Programming," Herb Sutter delivered "Reflection: C++'s Decade-Defining Rocket Engine," and Matt Godbolt reminded the community of C++'s low-level roots in "C++: Some Assembly Required."
September 15
announcement

VS Insiders C++ Copilot Preview

Microsoft announced VS Insiders build with deep GitHub Copilot integration for C++, showcasing "whole-program refactoring" tools in private preview.
September 16
milestone

Safe C++ Proposal Abandoned

Safe C++ Extensions proposal abandoned. Committee voted 19 for Profiles, 9 for Safe C++, 11 for both. Sean Baxter responded: "Profiles won the argument… I would have added profiles if profiles had a chance of working. But they will not ever work." His detailed analysis "Why Safety Profiles Failed" argued C++ lacks necessary aliasing and lifetime annotations for static enforcement without a borrow checker.
Strategic Intelligence Dossier titled "The Safety Civil War: Profiles vs. Borrow Checking" with decision point at the Hagenberg Meeting in February 2025. Zone 1 shows the WG21 Safety & Security Group Vote results: Profiles P3081 received 19 votes shown as a green bar, Both received 11 votes, and Safe C++ Borrow Checker received 9 votes shown as a red bar. The decision was to focus strictly on Profiles with the Safe C++ proposal abandoned in September 2025. Zone 2 shows the friction with a prominent quote from Sean Baxter, author of Safe C++, from September 2025: "Profiles won the argument... I would have added profiles if profiles had a chance of working. But they will not ever work." The Technical Dispute sidebar explains that critics argue without strict aliasing and lifetime annotations of a borrow checker, Profiles cannot statistically enforce memory safety, and that the committee prioritized backward compatibility and gradual adoption over the strict safety guarantees of the Safe C++ extension.
September 28-30
event

Embedded C++ World 2025

Embedded C++ World 2025 focused on C++ in IoT and automotive systems, including MISRA C++ guidelines and constexpr on microcontrollers.

October 2025

October 3
security

Qt SVG Critical Vulnerabilities

Qt issued security advisory for two critical SVG module vulnerabilities: CVE-2025-10728 (uncontrolled recursion) and CVE-2025-10729 (use-after-free). Both fixed in Qt 6.8.5 and 6.9.3.
October 7
release

Qt 6.10 LTS

Qt 6.10 LTS released with Android 15/16 support and 16K page sizes for modern ARM64 performance.
October 17
release

vcpkg 2,691 Ports

vcpkg reached 2,691 ports with VS 2026 partial support and NetBSD platform support. Conan 2.24.0 released with VS 2026 and Xcode 26 support.
October 25
event

C++ Day Italy

C++ Day Italy in Pavia celebrated C++'s 40th birthday.
October 30
announcement

GitHub Copilot Build Analysis

GitHub Copilot added build performance analysis and MSVC toolset upgrade help for C++.

November 2025

November 3-8
event

WG21 Kona Meeting

WG21 Kona meeting resolved 70% of ballot comments, with no new features added; the committee finalized contracts semantics and std::execution API details. Safety White Paper editors appointed. WG21 removed Trivial Relocatability due to a "showstopper bug." Herb Sutter stepped down as WG21 convenor after serving since 2002; Guy Davidson selected as new convenor effective January 1, 2026.
November 6
security

OWASP Top 10 Supply Chain

Software supply chain failures debuted at #3 in OWASP Top 10:2025 Release Candidate. The Shai-Hulud 2.0 attack compromised 500+ npm package versions; security researchers showed Conan typosquatting proof-of-concepts. Separately, Cybersecurity Ventures estimated $60 billion in supply chain attack costs by 2025 (Cybercrime Magazine). In response, Conan Audit launched JFrog-powered vulnerability scanning before compilation.
Slide titled "Maturing the Supply Chain Pipeline" with subtitle "Linear progression and hardening of the development lifecycle (2025)." It shows a four-stage pipeline flow from CODE to BUILD to PACKAGE to SECURE. The BUILD stage highlights CMake 4.0 from March 2025 which deprecated pre-3.5 compatibility and introduced CMAKE_LINK_WARNING_AS_ERROR. The PACKAGE stage shows vcpkg surpassing 2,691 ports and adding a license-report command for SBOM/SPDX generation. The SECURE stage highlighted in red shows Compliance concerns with OWASP Top 10 placing "Supply Chain Failures" at number 3, and Conan partnering with JFrog to launch pre-compilation vulnerability scanning.
November 17
security

Chrome V8 Type-Confusion Zero-Day

CVE-2025-13223: Critical type-confusion vulnerability in Chrome V8, actively exploited in the wild (Chrome Releases).
November 6-8
event

Meeting C++ 2025

Meeting C++ 2025 hybrid event from Berlin. Keynotes by Anthony Williams, Frances Buontempo, and James McNellis. Discussions on constexpr heap allocation and C++ in a memory-safe world.
November 11
release

Visual Studio 2026 GA

Visual Studio 2026 reached General Availability alongside MSVC 14.50. Microsoft branded it the "first intelligent developer environment" with deep Copilot integration, Profiler Agent, Debugger Agent, C++20 as default, and +6% Unreal Engine gains. New cadence (MSVC): updates every 6 months with an LTS release every 2 years (Microsoft).
Slide titled "The AI-Augmented Developer Workflow" showing three columns of AI-enhanced development tools. The first column shows Visual Studio 2026 as the first Intelligent Developer Environment with deep Copilot integration, Profiler Agent, Debugger Agent, C++20 as default, and plus 6% Unreal Engine performance gains. The second column shows GitHub Copilot Integration with C++ becoming only the second language after C# with deep integration including symbol-aware multi-file editing, reference viewing, inheritance visualization, and call chain tracing. The third column shows JetBrains Ecosystem with CLion Nova delivering up to 4x faster performance, a Constexpr Debugger for compile-time evaluation insights, and the Junie coding agent integrated across JetBrains IDEs. A warning callout highlights "AI Patch Reject" risk noting that the GCC community debated AI-generated patches after an Intel engineer submitted a 123-line GPT-5 CodeX fix, with most maintainers opposing fully LLM-written patches citing copyright uncertainty and bug risk.
November 15
announcement

GCC C++20 Default Proposal

A GCC proposal suggested changing the default C++ dialect to gnu++20.
November 30
release

GCC Algol 68 Front End

GCC added an experimental Algol 68 front end.

December 2025

December 1
security

Red Hat Qt 3D Security Advisory

Red Hat issued RHSA-2025:22414 for qt5-qt3d on RHEL 9, addressing CVE-2025-11277 (heap overflow in Assimp library bundled in Qt 3D).
December 8
release

CLion 2025.3

CLion 2025.3 released, "one of the largest updates ever." CLion Nova engine became default with up to 4x faster performance. Introduced Constexpr Debugger for compile-time evaluation insights, Debug Adapter Protocol support, and VS 2026 toolchain support.
December 9
announcement

Microsoft C/C++ Elimination Goal

Microsoft Distinguished Engineer Galen Hunt outlined a personal goal to remove all C/C++ code by 2030 (later clarified as a research effort, not a company-wide commitment) (The Register, TechRadar). He cited a target of "1 engineer, 1 month, 1 million lines" through AI-assisted translation. Azure CTO Mark Russinovich confirmed Microsoft is "all-in" on Rust (The New Stack).
December 15
announcement

GCC AI Patch Debate

GCC community debated AI-generated patches after an Intel engineer submitted 123-line GPT-5 CodeX fix. Phoronix reported most maintainers opposed "fully LLM-written" patches citing copyright uncertainty and bug risk.
December 12
security

cpp-httplib Header Spoofing

CVE-2025-66570: High-severity metadata spoofing vulnerability in cpp-httplib via reserved headers.
December 16
release

GitHub Copilot C++ Public Preview

C++ Code Editing Tools for GitHub Copilot entered public preview. InfoWorld reported C++ became only the second language (after C#) with deep Copilot integration: symbol-aware multi-file editing, reference viewing, inheritance visualization, and call chain tracing.
December 18
announcement

Kernel Rust Experiment Update

LWN's coverage of the "state of the kernel Rust experiment" captured maintainers' evolving stance on Rust in the kernel. The experiment is now considered a success and Rust is here to stay.
December 21
release

Meson 1.10.0

Meson 1.10.0 released. Git 2.48 now supports Meson as a build system.
December 31
milestone

GitHub Octoverse 2025

GitHub Octoverse 2025 showed C++ remains among GitHub's top languages by contributor counts (alongside Python, JavaScript, TypeScript, Java, C#).

C++ 2026 Watchlist

Slide titled "2026 Watchlist: What to Expect" showing three categories of upcoming events. "The Standard" section shows C++26 Final Approval scheduled for the March 2026 WG21 London meeting with late 2026 formal publication. "Safety Strategy" section shows the Profiles Whitepaper expected in 2026 with implementation timeline unclear, following the committee's rejection of Safe C++ in favor of incremental Profiles. "Tooling Releases" section shows LLVM 22 expected in February 2026, GCC 16 expected in April 2026 with potential C++20 as default, and CppCon 2026 scheduled for September 12-18 in Aurora, Colorado to celebrate the finalized C++26 standard.
2026 Watchlist: What to Expect

1. C++26 Final Approval

When: March 23-28, 2026 (London WG21 meeting); late 2026 formal publication
Context: Feature-complete C++26 includes static reflection, contracts, std::execution, SIMD types, and parallel Ranges. The London meeting will finish technical approval after national body comment resolution.
Action: Track isocpp.org for final wording; begin planning adoption of reflection for serialization and RPC; review contracts for production use.

2. Memory Safety Roadmaps

When: End of 2025 (publish); 2026 execution/follow-through
Context: CISA and NSA urged adoption of memory-safe languages, while "Product Security Bad Practices" recommends publishing memory safety roadmaps by the end of 2025. Microsoft has a research-stated goal (not a company-wide commitment) to remove C/C++ by 2030. In large codebases, memory safety issues can represent ~70% of reported vulnerabilities (e.g., Microsoft historically).
Action: Publish internal memory safety roadmaps; review hardened containers and static analysis; document use of bounds-checking, sanitizers, and safe coding guidelines.

3. Profiles Whitepaper

When: Expected 2026 publication; implementation timeline unclear
Context: The committee rejected Safe C++ borrow-checker in favor of Profiles (P3038/P3081). The committee appointed Whitepaper editors at the November Kona meeting. Critics argue Profiles lack implementation and cannot enforce strict safety without aliasing/lifetime annotations.
Action: Track whitepaper progress; review whether Profiles meet organizational security requirements; consider alternative safety strategies (Rust interop, static analysis).

4. GCC 16 and LLVM 22

When: GCC 16 expected April 2026; LLVM 22 February 2026
Context: GCC 16 adds an Algol 68 front-end and Intel AVX10 support; a proposal to make C++20 the default dialect is under discussion (gcc-patches). LLVM continues rapid C++26 feature adoption and hardware enablement.
Action: Test codebases with GCC trunk/LLVM main; update CI for C++20 default; review AVX10 for SIMD-heavy workloads.

5. AI Tooling Maturation

When: Throughout 2026
Context: GitHub Copilot C++ integration reached public preview with symbol-aware editing. CLion Nova delivers 4x performance. VS 2026 ships Profiler and Debugger Agents. GCC community opposed fully LLM-written patches.
Action: Review VS 2026 and CLion 2025.3 AI features; establish policies for AI-assisted code review; document AI contribution guidelines for open-source projects.

6. CppCon 2026 and C++26 Celebration

When: September 12-18, 2026 (Aurora, CO)
Context: CppCon 2026 will celebrate the finalized C++26 standard. Guy Davidson's first year as WG21 convenor. C++Now 2026 (May 4-8) features "Beyond C++" tracks on Rust interoperability.
Action: Submit conference proposals; plan C++26 adoption presentations; engage with post-C++26 proposals (pattern matching, trivial relocatability).

7. Package Manager Evolution

When: Throughout 2026
Context: vcpkg reached 2,691 ports (Oct 2025 update) with Dependabot support. Conan launched MCP Server for AI agent integration. C++ Package Manager (CppPM) standardization effort ongoing.
Action: Review Conan Audit for vulnerability scanning; add Dependabot for vcpkg manifests; track CppPM standardization progress.

8. Qt 6 Migration Completion

When: Urgent. Qt 5.15 standard support ended May 26, 2025
Context: Qt 5.15 standard support ended May 26, 2025. Qt 6.10 LTS shipped with Android 15/16 and 16K page support. Critical SVG vulnerabilities (CVE-2025-10728/10729) required immediate patching.
Action: Complete Qt 5 to Qt 6 migrations; update to Qt 6.8.5+/6.9.3+/6.10.1+ for security patches; review commercial vs. open-source licensing implications.

Enjoyed this article?

Subscribe to get more deep-dives in your inbox.

Continue Reading

Cover image for State of C 2026
January 17, 2026

State of C 2026

Half a century of C: GCC 15 made C23 default as DRM becomes the first kernel subsystem to mandate Rust over C by 2027.

Read article
Cover image for State of TypeScript 2026
January 15, 2026

State of TypeScript 2026

Python trains, TypeScript ships: TS became #1 on GitHub, compiler ported to Go for 10x builds, and Node ran TS natively.

Read article
Cover image for State of Kotlin 2026
January 13, 2026

State of Kotlin 2026

K2 became default with 40% faster builds, Compose iOS reached stable, and JetBrains killed Fleet to pivot to agentic AI.

Read article

Stay ahead of the curve

Weekly deep-dives into programming languages, frameworks, and the tools shaping software engineering.