InfoQ Homepage News
-
Istio Evolves for the AI Era with Multicluster, Ambient Mode, and Inference Capabilities
The Cloud Native Computing Foundation (CNCF) has announced a major evolution of Istio, introducing new capabilities aimed at making service meshes “future-ready” for AI-driven workloads.
-
Anthropic Accidentally Exposes Claude Code Source via npm Source Map File
Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in version 2.1.88 of its npm package. The 512,000-line codebase was archived to GitHub within hours. Anthropic called it a packaging error caused by human error. The leak revealed unreleased features, internal model codenames, and multi-agent orchestration architecture.
-
Google Open Sources Experimental Multi-Agent Orchestration Testbed Scion
Designed to manage concurrent agents running in containers across local and remote compute, Scion is an experimental orchestration testbed that enables developers to run groups of specialized agents with isolated identities, credentials, and shared workspaces.
-
Pinterest Reduces Spark OOM Failures by 96% Through Auto Memory Retries
Pinterest Engineering cut Apache Spark out-of-memory failures by 96% using improved observability, configuration tuning, and automatic memory retries. Staged rollout, dashboards, and proactive memory adjustments stabilized data pipelines, reduced manual intervention, and lowered operational overhead across tens of thousands of daily jobs.
-
Dynamic Languages Faster and Cheaper in 13-Language Claude Code Benchmark
A 600-run benchmark by Ruby committer Yusuke Endoh tested Claude Code across 13 languages, implementing a simplified Git. Ruby, Python, and JavaScript were the fastest and cheapest, at $0.36- $0.39 per run. Statistically typed languages cost 1.4-2.6x more. Adding type checkers to dynamic languages imposed 1.6-3.2x slowdowns. Full dataset available on GitHub.
-
Java News Roundup: TornadoVM 4.0, Google ADK for Java 1.0, Grails, Tomcat, Log4j, Gradle
This week's Java roundup for March 30th, 2026, features news highlighting: the GA release of TornadoVM 4.0 and Google ADK for Java 1.0; first release candidates of Grails and Gradle; maintenance releases of Micronaut, Apache Tomcart and Apache Log4j; and an update on Jakarta EE 12.
-
Anthropic Designs Three-Agent Harness Supports Long-Running Full-Stack AI Development
Anthropic introduces a three-agent harness separating planning, generation, and evaluation to improve long-running autonomous AI workflows for frontend and full-stack development. Industry commentary highlights structured approaches, iterative evaluation, and practical methods to maintain coherence and quality over multi-hour AI coding sessions.
-
TigerFS Mounts PostgreSQL Databases as a Filesystem for Developers and AI Agents
TigerFS is a new experimental filesystem that mounts a database as a directory and stores files directly in PostgreSQL. The open source project exposes database data through a standard filesystem interface, allowing developers and AI agents to interact with it using common Unix tools such as ls, cat, find, and grep, rather than via APIs or SDKs.
-
Swift 6.3 Stabilizes Android SDK, Extends C Interop, and More
Swift 6.3 advances Swift cross-platform story with official Android support, improves significantly C interoperability through the new @c attribute, and continues extending embedded programming support. It also strengthens the ecosystem with a unified build system direction and gives developers more low-level performance control.
-
Open Source Security Tool Trivy Hit by Supply Chain Attack, Prompting Urgent Industry Response
A major security incident affecting the widely used open source vulnerability scanner Trivy has exposed critical weaknesses in software supply chain security, after maintainers confirmed that a malicious release was briefly distributed to users.
-
Module Federation 2.0 Reaches Stable Release with Wider Support outside of Webpack
Module Federation 2.0, an open-source micro-frontend mechanism introduced with webpack 5, offers significant updates including dynamic TypeScript type hints, decoupled runtime layers, and Node.js support. It enhances compatibility across various bundlers and frameworks. Key features include a Side Effect Scanner and easier integration for remote modules, addressing previous adoption challenges.
-
GitHub Integrates AI to Improve Accessibility Issue Management and Automate Feedback Triage
GitHub has launched a continuous AI-powered workflow to manage accessibility feedback at scale. Using GitHub Actions, Copilot, and Models APIs, the system centralizes reports, analyzes WCAG compliance, and automates triage while maintaining human validation. Teams now resolve feedback faster, improving inclusion and cross-functional collaboration.
-
Axios npm Package Compromised in Supply Chain Attack
On March 31, 2026, two versions of the Axios library were compromised and found to contain a Remote Access Trojan. The malicious packages were published through a hijacked maintainer account. The Axios team is investigating how the breach occurred and has deprecated the affected versions. Security experts emphasize the need for better dependency management.
-
Helidon 4.4.0 Introduces Alignment with OpenJDK Cadence and Support via Java Verified Portfolio
Oracle has released version 4.4.0 of Helidon, their microservices framework, featuring alignment with the OpenJDK release cadence, support via the new Java Verified Portfolio, new core capabilities, and agentic AI support for LangChain4j.
-
How to Handle Trusts and Psychological Safety When Scaling Organizations
As organizations scale, communication overload, loss of shared context, and trust gaps emerge, Charlotte de Jong Schouwenburg mentioned. Trust must be built team by team; it can’t be replicated. Trust is interpersonal, while psychological safety exists among people and fuels learning. Leaders must deliberately design structures, rituals, and metrics that reward transparency and cohesion at scale.