InfoQ Homepage DevOps Content on InfoQ
-
Copy Fail and Dirty Frag: Linux Page-Cache Exploits Target Every Major Distribution
Two recent Linux kernel vulnerabilities have been disclosed: Copy Fail (CVE-2026-31431) on April 29, 2026, and Dirty Frag (CVE-2026-43284 and CVE-2026-43500) on May 7, 2026. Both allow local users to gain root access, affecting multiple Linux distributions. These vulnerabilities exploit flaws in the page cache via different subsystems, necessitating immediate patching by affected organizations.
-
New DORA Report Claims Strong Engineering Foundations Drive AI Return on Investment
Google Cloud's DORA team released a report detailing a framework for assessing the ROI of AI in software development. It emphasizes that successful AI implementation depends on organizational systems rather than just tools. The report introduces a J-Curve model for value realization. It also discusses the importance of workforce retention and process redesign for achieving long-term gains.
-
MySQL 9.7: First Major LTS Since 8.4 Brings Enterprise Features to Community Edition
Oracle has announced the general availability of MySQL 9.7.0, marking the start of a new 9.7 LTS release series and the first major one since MySQL 8.4. The release arrives amid community concerns about declining MySQL development activity and Oracle's long-term commitment to the project.
-
Cloudflare Ships Dynamic Workflows, Bringing Durable Execution to Per-Tenant and Per-Agent Code
Cloudflare released Dynamic Workflows, an MIT-licensed library that extends its durable execution engine so workflow code can differ per tenant, agent, or request at runtime. Built on Dynamic Workers, the library enables platforms to serve millions of unique durable workflows at near-zero idle cost. CI/CD and agent plan execution are the headline use cases.
-
How GitHub Is Securing Agentic Workflows in Modern CI CD Systems
GitHub detailed a defense-in-depth security architecture for agentic workflows in CI/CD pipelines, focusing on isolation, constrained execution, and auditability. The design aims to safely integrate autonomous AI agents while mitigating risks like prompt injection, privilege escalation, and unintended actions, using sandboxed environments, restricted permissions, and full execution traceability.
-
Cloudflare Launches “Artifacts” Beta, Introducing Git-Like Versioning for AI Agents
Cloudflare has announced the beta release of Artifacts, a new system designed to bring Git-style version control to AI agents, enabling developers to track, manage, and evolve agent-generated outputs with the same rigor as traditional code.
-
Google Announces GKE Agent Sandbox and Hypercluster at Next '26
Google announced GKE Agent Sandbox and hypercluster at Cloud Next '26. Agent Sandbox uses gVisor kernel isolation for secure agent code execution at 300 sandboxes per second, built as an open-source Kubernetes SIG Apps subproject. It is currently the only native agent sandbox among the three major hyperscalers. Hypercluster manages a million chips from a single control plane.
-
Leading Open Source Author Calls for Verification over Trust in Software Supply Chains
In a blog post published in March 2026, Daniel Stenberg, creator and lead developer of curl, makes the case that the software industry's default position of trusting well-known components is no longer adequate. Stenberg argues that users and organisations should actively verify the software they consume, and he uses curl's own practices as a concrete example of how that can be done.
-
Grafana's Kubernetes Monitoring Helm Chart v4 Brings Multiple Fixes
Grafana Labs has released version 4 of its Kubernetes Monitoring Helm chart, describing it as the most significant update the chart has received since its introduction. The release, announced in April 2026 by Pete Wall and Beverly Buchanan, addresses a range of configuration problems that had accumulated as users scaled to larger and more complex deployments.
-
GitHub Enhances CodeQL with Declarative Security Modeling for Faster, More Flexible Analysis
GitHub has introduced a significant update to its CodeQL engine, enabling developers to define custom sanitizers and validators directly through "models-as-data," a move that simplifies how teams extend security analysis across their codebases.
-
Figma Builds In-House Redis Proxy to Hit Six Nines Uptime
Figma has published a detailed account of how it built an in-house Redis proxy service called FigCache, replacing a fragmented caching stack that had become a liability for site availability. The system, described in a post by Kevin Lin, has been in production since the second half of 2025 and has delivered what the company describes as six nines of uptime across its caching layer.
-
Cloudflare Introduces Flagship: an Edge-Native Feature Flag Service Built on OpenFeature
Cloudflare recently announced the closed beta of Flagship, a new feature flag service built directly into its global edge platform. The service lets teams control feature rollouts and experiment with changes without redeploying code, while evaluating flags locally in Cloudflare Workers rather than calling external flag services.
-
Meta Deploys Unified AI Agents to Automate Performance Optimization at Hyperscale
Meta has unveiled a new AI-driven capacity efficiency platform that uses unified AI agents to automatically detect and resolve performance issues across its global infrastructure, marking a significant step toward self-optimizing systems at hyperscale.
-
Broadcom Donates Velero to CNCF, Shifting Kubernetes Backup to Community Governance
Broadcom has announced the contribution of Velero, its Kubernetes-native backup, restore and migration project, to the Cloud Native Computing Foundation (CNCF) as a Sandbox project. Velero It operates at the Kubernetes API layer, capturing cluster state through Custom Resource Definitions (CRDs) rather than through hypervisor or storage-layer snapshots.
-
Cloudflare Announces Agent Memory, a Managed Persistent Memory Service for AI Agents
Cloudflare announced Agent Memory in private beta, a managed service that extracts structured memories from AI agent conversations and retrieves them on demand using five-channel parallel retrieval with Reciprocal Rank Fusion. Shared memory profiles let teams of agents access common knowledge. Competitors include Mem0, Zep, LangMem, and Letta.