InfoQ Homepage News
-
Fonttrio Launches as Open-Source Font Pairing Registry for shadcn/ui
Fonttrio is an open-source font pairing registry designed for shadcn/ui projects, featuring 49 curated font combinations that can be installed via a single command. Developed by Dima Kapish, it streamlines font selection and configuration for web applications. The tool integrates seamlessly with shadcn CLI, generating CSS variables and typography scales automatically.
-
Cloudflare Ships Dynamic Workflows, Bringing Durable Execution to Per-Tenant and Per-Agent Code
Cloudflare released Dynamic Workflows, an MIT-licensed library that extends its durable execution engine so workflow code can differ per tenant, agent, or request at runtime. Built on Dynamic Workers, the library enables platforms to serve millions of unique durable workflows at near-zero idle cost. CI/CD and agent plan execution are the headline use cases.
-
AWS Improves Aurora Serverless: 45% Faster Ramp-Up, 30% Higher Throughput
AWS has recently announced that WorkMail will be discontinued and that App Runner will stop accepting new customers and move into maintenance mode. Several other less popular services and features are also entering maintenance or sunset phases, triggering concern and debate across the AWS community.
-
How GitHub Is Securing Agentic Workflows in Modern CI CD Systems
GitHub detailed a defense-in-depth security architecture for agentic workflows in CI/CD pipelines, focusing on isolation, constrained execution, and auditability. The design aims to safely integrate autonomous AI agents while mitigating risks like prompt injection, privilege escalation, and unintended actions, using sandboxed environments, restricted permissions, and full execution traceability.
-
Cloudflare Launches “Artifacts” Beta, Introducing Git-Like Versioning for AI Agents
Cloudflare has announced the beta release of Artifacts, a new system designed to bring Git-style version control to AI agents, enabling developers to track, manage, and evolve agent-generated outputs with the same rigor as traditional code.
-
OpenAI Introduces Websocket-Based Execution Mode to Reduce Latency in Agentic Workflows
OpenAI introduces a WebSocket-based execution mode for its Responses API to improve agentic workflow performance in coding agents and real-time AI systems. The update reduces latency by up to 40 percent by replacing HTTP request-response cycles with persistent connections, improving streaming, tool execution, and multi-step orchestration in production-scale AI systems.
-
Applying Best Simple System for Now for Software Design
Choosing between building up technical debt and missing delivery deadlines is a false dichotomy, Daniel Terhorst-North argued in his talk Best Simple System for Now. Programmers love to generalize rather than solve the immediate problem at hand, which can make future changes difficult. Instead, we need to build the skills and instincts for keeping things simple.
-
Google Announces GKE Agent Sandbox and Hypercluster at Next '26, Positioning Kubernetes as AI Agent
Google announced GKE Agent Sandbox and hypercluster at Cloud Next '26. Agent Sandbox uses gVisor kernel isolation for secure agent code execution at 300 sandboxes per second, built as an open-source Kubernetes SIG Apps subproject. It is currently the only native agent sandbox among the three major hyperscalers. Hypercluster manages a million chips from a single control plane.
-
Leading Open Source Author Calls for Verification over Trust in Software Supply Chains
In a blog post published in March 2026, Daniel Stenberg, creator and lead developer of curl, makes the case that the software industry's default position of trusting well-known components is no longer adequate. Stenberg argues that users and organisations should actively verify the software they consume, and he uses curl's own practices as a concrete example of how that can be done.
-
LinkedIn Consolidates Hiring Data Pipelines to Power AI Driven Talent Systems
LinkedIn introduced a unified integrations platform to standardize and reconcile hiring data across systems. The platform reduces onboarding time by 72%, improves data consistency and completeness, and enables scalable AI-driven hiring features through standardized schemas, orchestration workflows, and centralized data processing.
-
Attacker Bought 30 WordPress Plugins on Flippa and Backdoored All of Them
An attacker purchased 30+ WordPress plugins on Flippa for six figures, planted a PHP deserialization backdoor in the first commit, and waited eight months before activating it across 400,000 installations. The attack used Ethereum smart contracts to resolve C2. WordPress.org has no mechanism for reviewing plugin ownership transfers, a gap that npm and PyPI addressed years ago.
-
Google New TPU Generation is Specifically Designed for Agents and SOTA Model Training
Google has unvelied a new generation of Tensor Processing Units (TPUs), featuring two specialized chips designed to accelerate model training and agent workflows, which require continuous, multi-step reasoning, and action loops distributed across multiple models. The new TPUs deliver better performance, memory, and energy efficiency, the company says.
-
Grafana's Kubernetes Monitoring Helm Chart v4 Brings Multiple Fixes
Grafana Labs has released version 4 of its Kubernetes Monitoring Helm chart, describing it as the most significant update the chart has received since its introduction. The release, announced in April 2026 by Pete Wall and Beverly Buchanan, addresses a range of configuration problems that had accumulated as users scaled to larger and more complex deployments.
-
Inside Claude Code Auto Mode: Anthropic’s Autonomous Coding System with Human Approval Gates
Anthropic has introduced auto mode in Claude Code, enabling multi-step software development workflows with reduced manual intervention. The feature combines automated execution with layered safety mechanisms, including input filtering, action evaluation, and two-stage classification, while maintaining human approval checkpoints for sensitive operations.
-
GitHub Enhances CodeQL with Declarative Security Modeling for Faster, More Flexible Analysis
GitHub has introduced a significant update to its CodeQL engine, enabling developers to define custom sanitizers and validators directly through "models-as-data," a move that simplifies how teams extend security analysis across their codebases.