State of TypeScript 2026

January 15, 2026

2025 marked a turning point for TypeScript's role in the JavaScript ecosystem, with TypeScript becoming GitHub's #1 language by contributor count. In August 2025, TypeScript became the most-used language on GitHub with 2,636,006 monthly contributors (+66% YoY), which GitHub called "the most significant language shift in more than a decade." Earlier in the year, Microsoft announced "Project Corsa", a native port of the TypeScript compiler and language service to Go, targeting ~10x faster builds and major editor responsiveness gains. Initial benchmarks showed the VS Code codebase compiling in 7.5 seconds versus 77.8 seconds, while Playwright dropped from 11.1s to just 1.1s. The JavaScript-based toolchain continues through TypeScript 6.0.x as the ecosystem transitions; Microsoft plans TypeScript 6.0 as the last JS-based major release.

Infographic titled "TypeScript 2026: The Native Era & Global Dominance" summarizing TypeScript's rise and architectural transformation from 2025 to 2026. The left section shows 2025 as a peak year, with TypeScript becoming GitHub's number one language, reaching about 2.6 million monthly contributors and growing 66% year over year. It highlights the birth of Project Corsa, Microsoft's Go-based port of the TypeScript compiler, delivering up to 10× faster build speeds, and native Node.js execution via type stripping that allows TypeScript files to run without a separate build step. A compilation speed comparison shows dramatic improvements, including the VS Code codebase compiling in about 7.5 seconds versus down from 77.8 seconds. The right section outlines 2026's native transition, featuring the TypeScript 7.0 launch with the Go-based compiler as the standard, major legacy deprecations such as ES5 and non-strict modes, and an AI-native ecosystem where TypeScript's type system serves as guardrails for AI-assisted development.
TypeScript 2026: The Native Era and Global Dominance

Simultaneously, the runtime environment underwent radical simplification. Node.js 23.6 and 22.18 enabled native TypeScript execution via "Type Stripping" by default, a feature that fundamentally bifurcated the language into "erasable" syntax (types, interfaces) and "runtime" syntax (enums, namespaces). By July 31, Node.js 22.18.0 enabled type stripping by default, Node removed warnings in v24.3.0/22.18.0, and later stabilized the feature in v25.2.0. Yet, this maturation occurred against a backdrop of severe security instability. The ecosystem faced sophisticated, automated threats across npm compromises in 2025, alongside critical serialization vulnerabilities in frameworks like Next.js, such as the "React2Shell" RCE (CVE-2025-55182), a CVSS 10.0 vulnerability forcing a reevaluation of security models governing full-stack JavaScript.

Actions for 2026: Audit npm dependencies affected by 2025 compromises and require publish-time 2FA plus granular tokens for maintainers where possible; enable --erasableSyntaxOnly to prepare codebases for Node.js native TypeScript execution; migrate enums to as const objects and namespaces to ES modules before adopting erasableSyntaxOnly / Node type stripping workflows; test TypeScript 7.0 preview (@typescript/native-preview) on CI pipelines to benchmark 10x compilation speedups; patch React/Next.js applications against CVE-2025-55182 and related RSC vulnerabilities; review Biome v2 for type-aware linting with lower runtime overhead; plan migration strategy for TypeScript 6.0 planned deprecations and defaults under consideration (e.g., strict-by-default, automatic @types inclusion disabled).

TypeScript 2025 Timeline

Timeline graphic titled "2025 Timeline: A Year of Velocity" highlighting major milestones across the JavaScript and TypeScript ecosystem in 2025. It begins in January with Node.js 23.6 unflagging native strip-types, followed by March's announcement of "Project Corsa," a Go-based port of the TypeScript compiler. In April, Pinterest completes a 3.7-million-line migration. June marks the release of Biome v2 and Vite 7. In August, TypeScript becomes the number one language on GitHub and Node.js 22.18.0 reaches stable status. November features the TS AI Conference with the theme "Python trains, TypeScript ships." The timeline concludes in December with major security incidents, including the React2Shell vulnerability and an Angular XSS issue, underscoring the tension between rapid innovation and security challenges.
JavaScript & TypeScript in 2025: A Year of Unmatched Velocity

January 2025

January 7
release

Node.js 23.6 Unflagged

Node.js 23.6 unflagged the --experimental-strip-types option, enabling direct execution of TypeScript files without external loaders like ts-node or tsx. This feature, powered by the SWC-based Amaro library, removed the need for a build step in Node.js core for the first time.
January 29
release

TypeScript 5.8 Beta

TypeScript 5.8 Beta released, introducing the --erasableSyntaxOnly flag to align with Node.js's experimental type-stripping mode. This beta introduced checked return types for conditional/indexed access types.
Infographic titled "The Syntax Bifurcation: 'Erasable' vs. 'Runtime'" explaining a core rule of modern TypeScript: if you remove type annotations, the remaining code must be valid JavaScript. The left panel highlights erasable, native-safe syntax such as interfaces, type aliases, declare statements, and as assertions, illustrated with an interface example. The right panel warns against runtime or legacy constructs that require transpilation, including enums, namespaces, and parameter properties in constructors, shown with an enum example. A footer note explains the recommended fix: use the --erasableSyntaxOnly flag, convert enums to as const objects, and migrate namespaces to ES modules.
TypeScript's Syntax Bifurcation: Erasable vs. Runtime Constructs

February 2025

February 28
release

TypeScript 5.8 GA

TypeScript 5.8 reached general availability, featuring granular checks for conditional return expressions and improved require() support for ESM under --module nodenext. The --erasableSyntaxOnly compiler option generates errors for features requiring runtime transpilation (specifically enums, namespaces, and parameter properties), marking them as incompatible with erasable-only execution. The team pulled back conditional return type checking to iterate further for version 5.9.
event

TypeScript La Conf

The inaugural TypeScript La Conf took place in Paris, demonstrating growing interest in dedicated TypeScript events globally.

March 2025

March 11
announcement

Project Corsa Unveiled

In a landmark blog post titled "A 10x Faster TypeScript," Lead Architect Anders Hejlsberg unveiled "Project Corsa": porting the TypeScript compiler from TypeScript to Go. While the team considered Rust, they selected Go for superior compilation speed, efficient garbage collection for AST structures, and structural similarity to the existing codebase that facilitated a line-by-line port.
Infographic titled "Project Corsa: The 10× Performance Leap" illustrating the impact of porting the TypeScript compiler from JavaScript to Go. A bar chart compares compilation times, showing the VS Code codebase dropping from about 77.8 seconds with the old JavaScript compiler to roughly 7.5 seconds with the new Go-based compiler, and Playwright builds improving from about 11.1 seconds to 1.1 seconds. A technical deep-dive section explains the architectural shift from a V8/Node.js runtime to a native Go binary, citing Go's superior garbage collection for large AST structures and better parallelization. The impact highlights near-instant incremental builds and roughly eightfold faster editor startup times.
Project Corsa: Breaking the TypeScript Performance Ceiling with a Native Go Compiler

April 2025

April 15
announcement

Records & Tuples Withdrawn

TC39 officially withdrew the Records and Tuples proposal after consensus to stop pursuing new primitives via Records & Tuples.
April 16
milestone

Pinterest Migration Complete

Pinterest announced completing migration of 3.7 million lines of code from Flow to TypeScript in an 8-month effort, noting "the industry settled on TypeScript as the standard for JavaScript type checking."

May 2025

May 22
release

TypeScript Native Previews

Microsoft released TypeScript Native Previews via npm as @typescript/native-preview, providing a tsgo executable alongside a VS Code extension.
May 28
release

Angular 20.0.0

Angular released version 20.0.0, deepening Signals integration as the primary reactive primitive and simplifying the CLI by stopping generation of component suffixes.

June 2025

June 17
release

Biome v2 Launched

Biome v2 launched as the first JavaScript/TypeScript linter with type-aware rules that doesn't require the TypeScript compiler.
Infographic titled "Tooling Evolution: The Linter Wars" comparing traditional TypeScript linting with a new, faster approach. On the left, the traditional model shows typescript-eslint tightly coupled to the TypeScript compiler to enable type-aware rules, resulting in high CI overhead and slower pipelines. On the right, the new standard highlights Biome v2, which performs type-aware linting without invoking the TypeScript compiler, eliminating that dependency and delivering drastic speed improvements. A recommendation at the bottom advises teams to review Biome v2 to significantly reduce CI pipeline duration.
Tooling Evolution: The Linter Wars and the Rise of Biome
June 24
release

Vite 7 Released

The Vite team released Vite 7, continuing the Environment API introduced in Vite 6 and adding the experimental buildApp hook.

July 2025

July 8
release

TypeScript 5.9 Beta

TypeScript 5.9 Beta officially announced, introducing cleaner default tsconfig.json and new editor-oriented features like expandable JSX hover info. Under the hood, 5.9 included compiler optimizations and support for the import defer proposal for lazy module evaluation.
July 31
release

Node.js 22.18.0

Node.js 22.18.0 released with native TypeScript execution support. Developers can now execute TypeScript with node file.ts without a separate compile step, though type checking still requires running tsc.
Infographic titled "Native Execution & the 'Type Stripping' Paradigm" explaining how modern Node.js executes TypeScript files directly. It shows a .ts source file flowing into Node.js execution, where the Amaro (SWC) engine strips TypeScript type annotations in memory, producing plain JavaScript that runs immediately, without ts-node or a build step, using a simple node index.ts command. A timeline at the bottom notes key milestones: in January 2025, Node 23.6 unflags experimental strip-types; in July 2025, Node 22.18.0 enables type stripping by default; and today, warning flags are fully removed in Node 24.3.0, marking native TypeScript execution as a stable, mainstream capability.
Native TypeScript Execution: Node.js and the Type-Stripping Paradigm

August 2025

August 1
release

TypeScript 5.9 Stable

TypeScript 5.9 released as stable, featuring Import Defer Support (Stage 3), revamped tsc --init generating minimal best-practice configuration, support for --module node20, editor improvements with expandable hovers, and performance tweaks for huge union types.
milestone

TypeScript #1 on GitHub

TypeScript surpassed Python to become the #1 language by contributor count (as later reported in Octoverse).
August 26
security

s1ngularity Attack

The "s1ngularity" attack targeted the Nx build tool by exploiting a GitHub Actions CI vulnerability (specifically a misconfigured pull_request_target workflow), stealing credentials and publishing infected packages, with over 2,000 secrets/tokens leaked.

September 2025

September 8
security

debug/chalk Compromise

The debug/chalk compromise hit the ecosystem after phishing targeted maintainers of high-profile packages like chalk and debug. Packages in the set totaled roughly 2.6 billion weekly downloads, and the payload was a crypto-stealing mechanism downloaded over 2.5 million times before discovery. (Datadog Security Labs; Aikido)
September 14-15
security

Shai-Hulud Worm

The "Shai-Hulud" worm emerged September 14, reusing stolen tokens to compromise 500+ packages via self-replicating automation. CISA issued an advisory on September 23, prompting industry-wide audits and npm policy tightening around tokens and publish-time 2FA. A second wave in November compromised 796 more packages.
Timeline graphic titled "The Security Crisis: Dominance Draws Fire" summarizing major security incidents in 2025. It shows three key events across the year: on August 26, the "s1ngularity" incident exploited GitHub Actions to steal more than 2,000 secrets; on September 14-15, the Shai-Hulud worm carried out automated package compromises using stolen tokens; and on December 3, Wiz disclosed the React2Shell vulnerability (CVE-2025-55182), a CVSS 10.0 critical unauthenticated remote code execution flaw in React Server Components. The timeline emphasizes how widespread adoption and ecosystem dominance made popular platforms prime targets for increasingly sophisticated attacks.
The Security Crisis of 2025: When Ecosystem Dominance Became a Target

October 2025

October 1
release

React 19.2

React 19.2 released, introducing the <Activity> component for off-screen prioritization and useEffectEvent to solve dependency array pain points, aligning further with the concurrent rendering model.
October 28
announcement

Octoverse 2025

GitHub's Octoverse 2025 report released, confirming TypeScript's dominance and noting that 80% of new GitHub developers were using an AI coding tool within their first week.

November 2025

November 6
event

TypeScript AI Conference

The first TypeScript AI Conference (tsconf.ai) held in San Francisco, featuring talks on building AI agents in TypeScript, using GPT-4 to refactor large codebases, and AI-driven browser automation. The slogan "Python trains, TypeScript ships" resonated with attendees. GitHub published a Q&A with Anders Hejlsberg discussing TypeScript's rise in the AI era.
Infographic titled "AI & TypeScript" with the subtitle "Python Trains. TypeScript Ships." It contrasts two stages of the AI workflow. On the left, the training phase highlights the Python ecosystem used for model development and training. An arrow points to the right, showing the application and agent phase powered by the TypeScript ecosystem. This section emphasizes that TypeScript provides guardrails through strong typing to prevent LLM-generated hallucinated code, and that modern AI agent frameworks (such as Google ADK and Angular's MCP server) are TypeScript-first. More callouts note rapid adoption, with around 80% of new developers using AI coding tools in their first week, and a concluding statement that TypeScript has become the interface language for the AI era.
AI & TypeScript: From Model Training to Production Agents
November 19
release

Angular v21

Angular v21 dropped, bringing Zoneless Change Detection as default, Signal-based Forms overhaul, AI-Powered Developer Tools including an AI hub (angular.dev/ai), and Angular MCP Server for AI-assisted code generation. VS Code 1.107 added experimental TypeScript 7 native language server support.

December 2025

December 1
security

Angular XSS Patched

Angular 21.0.2 patched CVE-2025-66412, a stored XSS vulnerability in DOM sanitization discovered by researcher AKiileX. Malicious SVG and MathML attributes could bypass Angular's sanitizer via <svg><animate href="javascript:..."> patterns.
December 2
announcement

TypeScript 7 Progress Update

The TypeScript team published "Progress on TypeScript 7 – December 2025", confirming TypeScript 6.0 will be the last release on the old codebase and that TypeScript 7.0 targeting mid-2026 will use the Go-based compiler with planned breaking changes (strict-by-default, ES5 target dropped, AMD/UMD/SystemJS removed, classic Node module resolution removed). Type-checking reached near-complete parity with only 74 test case gaps out of 20,000.
December 3
security

React2Shell Disclosed

The React core team disclosed CVE-2025-55182, dubbed "React2Shell," an unauthenticated RCE vulnerability in React Server Components rated CVSS 10.0. The flaw in RSC Flight payload decoding led to RCE; Next.js advisories listed fixes in the 15.x and 16.x lines (plus specific 14.x canary builds). Attackers could achieve RCE with a single HTTP request. Patches rushed out for React 19.0.1, 19.1.2, 19.2.1. Vercel deployed WAF rules to block malicious payloads.

Compiler + Runtime Shift

Project Corsa moves the TypeScript compiler and language service to a Go port, targeting major performance and memory gains while signaling a disruptive toolchain transition. In parallel, Node’s type-stripping support enables direct .ts execution in core, and the `--erasableSyntaxOnly` flag formalizes a “just-JS-at-runtime” path that pushes enums/namespaces toward as const objects and ES modules. The new reality: faster compiles, but stricter runtime constraints and a migration path that favors erasable syntax.

Ecosystem, Frameworks, and Tooling

Default TS scaffolding across major frameworks reinforces TypeScript's dominance and continued enterprise adoption. Framework updates (React 19.2, Angular 21, Vite 7 and Vite 8 with Rolldown) move the ecosystem toward faster builds and more consistent runtimes, while tooling shifts toward type-aware linting without TypeScript’s compiler (Biome v2) and stronger IDE performance via the Go language service. AI integrations are now standard: Google ADK, Angular’s AI hub and MCP server, and IDE copilots that make TS the default interface for codegen.

Security and Supply Chain Pressure

The npm ecosystem saw a chain of incidents (s1ngularity, debug/chalk, Shai‑Hulud) that exposed systemic weaknesses in maintainer auth and CI workflows. Security responses now emphasize granular tokens, publish-time 2FA, and stricter release policies. On the app side, React2Shell (CVE-2025-55182) and follow-on issues underscored the risks in RSC serialization, while Angular’s XSS and other runtime CVEs kept security upgrades at the top of 2025’s backlog.

Standards and Language Trajectory

TC39 withdrew Records & Tuples after the proposal failed to reach consensus, while Temporal began shipping in engines even as TypeScript’s standard libs still lack Temporal typings (track TypeScript issue #60164). The type-annotations proposal remains early-stage, but it frames the longer-term path: a JS runtime that can ignore type syntax while TS evolves as a superset. Combined with TypeScript 7's upcoming breaking changes and API shifts, the direction for standards is clear: consolidation, stricter defaults, and fewer "magic" features at runtime.

TypeScript 2026 Watchlist

Infographic titled "2026 Roadmap: A Tale of Two Compilers" outlining TypeScript's transition from its legacy JavaScript-based compiler to a new Go-based implementation. The left panel shows Q1 2026 with TypeScript 6.0 ("Strada"), described as the final release on the legacy JavaScript compiler, focused on surfacing and addressing deprecations such as disabling automatic @types resolution and removing baseUrl. An arrow points to the right panel, showing mid-2026 with TypeScript 7.0 ("Corsa"), which launches the Go-based compiler. This new compiler delivers approximately 10× faster compilation and around 50% lower memory usage. A recommended strategy highlights a hybrid workflow, using TypeScript 6 for plugins while adopting TypeScript 7 for builds to balance stability and performance during the transition.
2026 Roadmap: A Tale of Two TypeScript Compilers

1. TypeScript 6.0 Release

When: Q1 2026 (RC possibly January, final by February/March)
Context: Last version on old compiler codebase ("Strada"), transitional release to prep ecosystem for 7.0 with planned deprecations and defaults under consideration.
Action: Enable --deprecation flag to identify deprecated features; plan migrations for --baseUrl, moduleResolution: node, non-strict mode, ES5 targeting.

2. TypeScript 7.0 Launch

When: Mid/Late 2026 (Summer anticipated)
Context: Go-based compiler ("Corsa") with 5-10x faster compiles, near-instant incremental builds, ~8x editor startup improvement, ~50% memory reduction.
Action: Test @typescript/native-preview on CI pipelines; audit third-party tools for Corsa API compatibility; prepare hybrid approach using tsc (6.x) for plugins and tsgo (7.0) for builds.

3. Breaking Changes Migration

When: Throughout 2026
Context: --strict on by default; --target ES5 dropped (ES2015+); AMD/UMD/SystemJS module outputs removed; classic Node module resolution (node/node10) removed; baseUrl gone.
Action: Use migration tools (ts5to6, ts6to7); update CI configurations; audit build pipelines for deprecated module formats.

Infographic titled "Preparing for the 'Strict' Future" outlining breaking changes introduced with TypeScript 7.0. The central panel lists technical debt items removed or enforced by default: TypeScript drops legacy module formats AMD, UMD, and SystemJS; the team removes classic Node and Node10 resolution modes; TypeScript removes the ES5 compilation target, making ES2015 the new baseline; and TypeScript enables --strict type checking by default. A strategy callout at the bottom advises teams to proactively enable strict mode and migrate baseUrl and paths configurations to modern standards in preparation for the new, stricter TypeScript baseline.
Preparing for the Strict Future: TypeScript 7.0 Breaking Changes

4. Rolldown 1.0 Stabilization

When: H1 2026
Context: Rust-based bundler becoming default for entire Vite ecosystem (Nuxt, SvelteKit, Astro), effectively retiring esbuild and Rollup for millions of users.
Action: Test Vite 8 beta with Rolldown-powered builds; benchmark production build times; review "Full Bundle Mode".

5. Node.js 26 LTS

When: October 2026 (projected)
Context: Built-in TypeScript support fully stable; erasable syntax paradigm as default for new projects.
Action: Migrate development workflows to native TypeScript execution; remove ts-node/tsx dependencies where possible.

6. Type Annotations Proposal Advancement

When: Mid-2026 TC39 meetings
Context: Stage 1 proposal for native type syntax in JavaScript; if Stage 3, browsers might add experimentally.
Action: Track proposal progress; review impact on toolchain if browsers begin experimental implementation.

7. Framework Major Releases

When: Late 2026
Context: Angular 22 likely to raise TypeScript baseline; React 20 might migrate from Flow to TypeScript; Vue 4 potential new reactivity system.
Action: Track framework announcements at Google I/O and React Conf; plan framework upgrade timelines.

8. AI-Native Tooling Maturation

When: Throughout 2026
Context: First generation of frameworks designed specifically for code generation; TypeScript's type system as guardrails for AI-generated code.
Action: Review Google ADK, Mastra AI, VoltAgent for AI agent development; integrate AI-assisted tooling into development workflows.

9. ESLint/TypeScript-ESLint Major Version

When: H1 2026
Context: New major version to support TypeScript 7 API; possibly faster TypeScript-aware linter emerges.
Action: Track typescript-eslint compatibility with Corsa API; review Biome v2 as alternative.

10. Supply Chain Security Hardening

When: Ongoing
Context: Post-2025 incidents tightened npm auth: granular, short-lived tokens and broader publish-time 2FA enforcement defaults.
Action: Audit all npm dependencies; require publish-time 2FA and granular tokens where possible; add package lockfile verification; consider private registry mirrors for critical dependencies.

Enjoyed this article?

Subscribe to get more deep-dives in your inbox.

Continue Reading

Cover image for State of Databases 2026
February 16, 2026

State of Databases 2026

Databricks bought Neon for $1B, AI agents created 80% of its databases, PostgreSQL hit 55.6%, and Valkey beat Redis 3x.

Read article
Cover image for State of Scala 2026
February 10, 2026

State of Scala 2026

Scala 3.8 requires JDK 17, Akka reverts to Apache 2.0, 43% struggle to hire developers, Metals MCP lets AI compile code.

Read article
Cover image for State of Ruby 2026
February 9, 2026

State of Ruby 2026

Ruby 4.0 shipped ZJIT and Ruby::Box, Rails 8 ditched Redis for Solid Trifecta, and a RubyGems crisis forced Matz to act.

Read article

Stay ahead of the curve

Weekly deep-dives into programming languages, frameworks, and the tools shaping software engineering.