GitOps
GitLab Previews Revamped DevOps Platform for the Agentic AI Era
At Transcend 2026, GitLab launched updates to optimize its DevOps platform for AI-generated code, featuring Next Gen Source Code Management, GitLab Orbit, and an AI Governance framework ...
Critical Microsoft GitHub Flaw Highlights Dangers to CI/CD Pipelines: Tenable
A critical vulnerability in a popular Microsoft GitHub repository could allow a threat actor to easily exploit its CI/CD infrastructure to run arbitrary code in the repository and gain access to secrets, ...
‘PackageGate’ Vulnerabilities Can Let Attackers Bypass Shai-Hulud Defenses
In the wake of the massive Shai-Hulud supply chain attack that ripped through npm late last year and compromised more than 700 packages and exposed 25,000 repositories, developers in the JavaScript world ...
Typosquat Supply Chain Attack Targets Go Developers
A backdoor that impersonates a widely used database module in the popular Go programming language can give hackers control of infected systems, according to a senior threat intelligence analyst with developer-focused platform ...
Fake Stars in GitHub a Growing Security Threat, Analysis Finds
There was a surge of inauthentic stars on code repositories in 2024, ramping up the threat of software supply chain attacks ...
Why and How to Go All-In on GitOps
When you can manage every cloud native deployment using a GitOps approach, as a consequence, declarative and automated processes become baked into your culture and transform your business. ...
GitLab Fixes Security Flaw That Lets Attackers Run Pipeline Jobs
If left unpatched, the vulnerability in the code repository could let threat actors run malicious code and access sensitive information ...
Security, Automation and Developer Experience: The Top DevOps Trends of 2024
If you want to know what's truly changing in the world of DevOps – as opposed to which conversations are most hype-worthy – these are the places to look ...
Best of 2023: ‘Scrum == Cancer’ ¦ Plus: Linux 6.5 Ships
In this week’s #TheLongView: Scrum sucks, sources say; and here comes the Linux 6.5 kernel ...
Microsoft kills Python 3.7 ¦ … and VBScript ¦ Exascaling ARM on Jupiter
In this week’s #TheLongView: VS Code drops support for Python 3.7, Windows drops VBScript, and Europe plans the fastest ARM supercomputer ...
Google’s Shiny New AI Dev Environment — the ‘Experimental’ Project IDX
In this week’s #TheLongView: Google’s full-stack, browser based development environment in the cloud. Project IDX is not just a Copilot clone, but aims to help you “get an app from zero to ...
Declarative Compliance With Policy-as-Code and GitOps
In recent times, the quest for greater agility, faster releases, enhanced scalability, security and performance brought forth the advent of several automation tools, technologies and frameworks. Software development has evolved considerably over ...

