InfoQ - DevOps

Podcast: How eBPF Empowers Developers to Observe Inside the Linux Kernel in a Safe and Unintrusive Way

Dan Fineran — Mon, 22 Jun 2026 11:00:00 GMT

Dan Fineran explores how eBPF has evolved far beyond its roots in packet filtering into a robust, safe way to extend the Linux kernel. He explains how the eBPF "verifier", the security guardrail, enables implementation of deep observability and networking without the risks of traditional kernel modules or the slow upstreaming process.

By Dan Fineran

AWS Graviton5 Reaches General Availability with 192 Cores and Formally Verified VM Isolation

Steef-Jan Wiggers — Mon, 22 Jun 2026 10:05:00 GMT

AWS made Graviton5-powered EC2 M9g and M9gd instances generally available with 192 ARM cores, formally verified VM isolation via the Nitro Isolation Engine, and DDR5-8800 memory. ClickHouse reported 36% better performance with zero code changes. Meta committed tens of millions of cores. On-demand pricing is 9% above Graviton4, translating to roughly 15% better price-performance.

By Steef-Jan Wiggers

Behind the Scenes: Block 450 JVM Repositories into Monorepo to Reduce Dependency Drift

Leela Kumili — Fri, 19 Jun 2026 14:47:00 GMT

Block, Inc. describes migrating ~450 JVM repositories into a monorepo across Cash App and Square engineering to reduce dependency drift and coordination overhead. The system supports ~8,800 weekly builds with ~10 min p90 CI time. The approach improves cross-service changes, build visibility, and developer experience through dependency graph–based builds, selective CI, and custom IDE tooling.

By Leela Kumili

CircleCI Introduces Chunk Sidecars to Bring CI Validation Directly into AI Coding Workflows

Craig Risi — Fri, 19 Jun 2026 12:00:00 GMT

CircleCI has launched Chunk Sidecars, a new capability designed to bring CI-style validation directly into an AI coding agent's inner development loop.

By Craig Risi

Article: Designing Continuous Authorization for Sensitive Cloud Systems

Venkata Nedunoori — Fri, 19 Jun 2026 09:00:00 GMT

Most cloud systems make one authorization decision at login. Everything after runs on trust established at authentication time. For systems handling regulated data, that gap is where breaches happen. This article presents a continuous authorization architecture covering risk-tiered evaluation, behavioral baselines, privacy-preserving audit trails, and a phased and incremental rollout.

By Venkata Nedunoori

Azure Functions Ships Serverless Agents Runtime at Build 2026

Steef-Jan Wiggers — Fri, 19 Jun 2026 08:57:00 GMT

Azure Functions shipped a serverless agents runtime in public preview at Build 2026. Agents are defined in .agent.md markdown files with YAML triggers, MCP server access, 1,400+ connectors, and sandboxed execution. The Functions team confirmed to InfoQ that the runtime adds no cold start overhead and no billing premium beyond standard Flex Consumption.

By Steef-Jan Wiggers

Windows Platform Security and the Race to Secure AI Agents

Matt Saunders — Fri, 19 Jun 2026 08:00:00 GMT

In a new Windows Developer Blog post titled "Windows platform security for AI agents", Microsoft positions Windows as the trustworthy operating system for autonomous agents and introduces the Microsoft Execution Containers (MXC) SDK as the core of that strategy. The post argues that containment, identity and manageability must be built into the operating system.

By Matt Saunders

GitLab 19.0 Embeds Agentic AI in Secrets, Merge Requests, and Supply Chain Security

Mark Silvester — Fri, 19 Jun 2026 08:00:00 GMT

GitLab 19.0 extends agentic AI beyond code generation into securing credentials, reviewing and merging changes, and scanning dependencies, adding a public beta Secrets Manager, a full merge request Developer Flow, usage-based GitLab Duo billing, and generally available SBOM dependency scanning.

By Mark Silvester

Presentation: Write-Ahead Intent Log: a Foundation for Efficient CDC at Scale

Vinay Chella, Akshat Goel — Thu, 18 Jun 2026 13:13:00 GMT

Vinay Chella and Akshat Goel discuss the challenges of running traditional CDC across heterogeneous databases during peak order traffic. They explain how Debezium hit limits under high load and share how they built Write-Ahead Intent Log (WAIL) - a custom architecture that utilizes a dumb producer proxy and a smart consumer pattern to cleanly separate the intent from the state payload.

By Vinay Chella, Akshat Goel

VS Code 1.123 Adds Two-Hour Extension Update Delay to Limit Supply Chain Attacks

Steef-Jan Wiggers — Thu, 18 Jun 2026 10:15:00 GMT

VS Code 1.123 adds a two-hour delay before auto-updating extensions to newly published versions, creating a revocation window against supply chain attacks. The delay does not apply to trusted publishers like Microsoft, GitHub, and OpenAI. Similar cooldown mechanisms have now spread across pip, RubyGems, npm, pnpm, Yarn, and Bun.

By Steef-Jan Wiggers

Athena Coalition Brings Coordinated Defence to Open Source Security

Matt Saunders — Thu, 18 Jun 2026 08:00:00 GMT

Cybersecurity firm Chainguard has announced the launch of Athena, an industry coalition to use artificial intelligence to find and fix vulnerabilities in widely-used open-source software before attackers can exploit them. The coalition focuses on libraries, containers and other components that underpin web browsers, data centres, smartphones and payment systems.

By Matt Saunders

GitHub Copilot Desktop App Targets Parallel Agentic Workflows

Matt Saunders — Wed, 17 Jun 2026 08:00:00 GMT

GitHub has introduced the GitHub Copilot app, a desktop control centre for agent-native development that aims to keep engineers in charge while AI agents handle more coding work. Mario Rodriguez writes on the GitHub blog that the recent wave of coding agents has brought faster delivery but also "disjointed workflows, more context switching, and too much time spent reviewing agent-generated code".

By Matt Saunders

Presentation: Automating the Web with MCP: Infra that Doesn’t Break

Paul Klein — Tue, 16 Jun 2026 13:13:00 GMT

Paul Klein discusses the distributed systems challenges of scaling cloud-hosted browser infra for AI agents. He explains how to manage bursty, stateful multi-tenancy and secure Chromium environments against remote code execution using Firecracker. He also shares how to leverage the Model Context Protocol (MCP) to turn complex websites into accessible agentic tools.

By Paul Klein

Coinbase Postmortem Reveals How a Localized AWS Failure Triggered a Multi-Hour Trading Outage

Craig Risi — Tue, 16 Jun 2026 12:00:00 GMT

Coinbase has published a detailed postmortem of its May 7, 2026, outage, revealing how a localized cooling failure inside an AWS data center escalated into a multi-hour disruption that halted nearly all trading activity across the cryptocurrency exchange

By Craig Risi

AI Coding Agents Get a Stack Overflow of Their Own

Matt Saunders — Tue, 16 Jun 2026 08:00:00 GMT

Stack Overflow has announced Stack Overflow for Agents, a beta API-first knowledge exchange aimed at AI coding agents rather than human developers. The service is presented as a way to close what the company calls the Ephemeral Intelligence Gap, where agents repeatedly rediscover the same fixes and patterns in isolation instead of sharing them through a common memory.

By Matt Saunders