InfoQ Homepage Workflow / BPM Content on InfoQ
-
How GitHub Is Securing Agentic Workflows in Modern CI CD Systems
GitHub detailed a defense-in-depth security architecture for agentic workflows in CI/CD pipelines, focusing on isolation, constrained execution, and auditability. The design aims to safely integrate autonomous AI agents while mitigating risks like prompt injection, privilege escalation, and unintended actions, using sandboxed environments, restricted permissions, and full execution traceability.
-
Cloudflare Launches Code Mode MCP Server to Optimize Token Usage for AI Agents
Cloudflare has launched a new Model Context Protocol (MCP) server powered by Code Mode, enabling AI agents to interact with large APIs with minimal token usage. The server reduces context footprint across 2,500+ endpoints, improves multi-API orchestration, and provides a secure, code-centric execution environment for LLM agents.
-
Anthropic Designs Three-Agent Harness Supports Long-Running Full-Stack AI Development
Anthropic introduces a three-agent harness separating planning, generation, and evaluation to improve long-running autonomous AI workflows for frontend and full-stack development. Industry commentary highlights structured approaches, iterative evaluation, and practical methods to maintain coherence and quality over multi-hour AI coding sessions.
-
GitHub Integrates AI to Improve Accessibility Issue Management and Automate Feedback Triage
GitHub has launched a continuous AI-powered workflow to manage accessibility feedback at scale. Using GitHub Actions, Copilot, and Models APIs, the system centralizes reports, analyzes WCAG compliance, and automates triage while maintaining human validation. Teams now resolve feedback faster, improving inclusion and cross-functional collaboration.
-
Pinterest Deploys Production-Scale Model Context Protocol Ecosystem for AI Agent Workflows
Pinterest engineering teams have deployed a production-ready Model Context Protocol (MCP) ecosystem that allows AI agents to automate complex engineering tasks and integrate diverse internal tools. Domain-specific MCP servers, a central registry, and human-in-the-loop approval improve security, governance, and developer productivity while saving thousands of hours per month.
-
HubSpot’s Sidekick: Multi-Model AI Code Review with 90% Faster Feedback and 80% Engineer Approval
HubSpot engineers introduced Sidekick, an internal AI powered code review system that analyzes pull requests using large language models and filters feedback through a secondary “judge agent.” The system reduced time to first feedback on pull requests by about 90 percent and is now used across tens of thousands of internal pull requests.
-
LinkedIn Leverages GitHub Actions, CodeQL, and Semgrep for Code Scanning
LinkedIn has rebuilt its static application security testing (SAST) pipeline using GitHub Actions and custom workflows, enabling consistent, enforceable code scanning across thousands of repositories. The redesign improves security coverage, developer workflow, and observability while supporting the company’s shift-left strategy.
-
AWS Introduces Durable Functions: Stateful Logic Directly in Lambda Code
AWS has unveiled Durable Functions for Lambda, revolutionizing multi-step workflows. This feature allows developers to write code that manages state and retry logic without incurring costs during waits. With advanced capabilities like checkpoints, pauses for up to a year, and simplified orchestration, Durable Functions streamline complex serverless applications.
-
Cloudflare Workflows Adds Python Support for Durable AI Pipelines
Innovative Cloudflare Workflows now supports both TypeScript and Python, enabling developers to orchestrate complex applications seamlessly. With durable execution and state persistence, it simplifies the development of robust data pipelines and AI/ML models. Experience enhanced concurrency and intuitive design, making orchestration effortless for Python enthusiasts.
-
QCon SF: Database-Backed Workflow Orchestration Challenges Traditional Architecture
During QCon SF, Jeremy Edberg and Qian Li from DBOS presented a non-conventional architectural approach to workflow orchestration: treating PostgreSQL not just as a data store, but as the orchestration layer itself. Their talk addressed a persistent problem in distributed systems: workflows frequently fail, recovery mechanisms are complex, and visibility into workflow state remains challenging.
-
The Architectural Shift: AI Agents Become Execution Engines While Backends Retreat to Governance
A fundamental shift in enterprise software architecture is emerging as AI agents transition from assistive tools to operational execution engines, with traditional application backends retreating to governance and permission management roles. This transformation is accelerating across sectors, with 40% of enterprise applications expected to include autonomous agents by 2026.
-
Grab Switches from SQS and Redis to Temporal for Its Subscription Platform
Grab based the new architecture for GrabUnlimited on Temporal. The company enhanced user experience and reduced production incidents by 80% for its subscription platform, which serves millions of users. The new architecture significantly improved robustness and scalability, addressing a range of issues with the previous solution.
-
Azure Logic Apps Introduces "Agent Loop" for Building AI Agents in Enterprise Workflows
Microsoft's Build conference unveiled Agent Loop, a transformative feature in Azure Logic Apps enabling developers to embed AI agents into enterprise workflows. Leveraging over 1,400 connectors, it allows for creating autonomous and conversational agents for tasks like loan approvals and customer support, streamlining operations, and enhancing decision-making.
-
Local Development with Workflow Studio for Step Functions
AWS has enhanced its Workflow Studio for Step Functions, now integrated into Visual Studio Code via the AWS Toolkit. This allows developers to create and edit state machines locally with intuitive visual tools. Key features include Design and Code modes, localized testing capabilities, and support for ASL definitions, streamlining the development of distributed applications and workflows.
-
Cloudflare Introduces Workflows for Building Scalable Resilient Multi-Step Applications
Cloudflare's "Workflows" is a revolutionary execution engine in open beta, enabling developers to build scalable, multi-step applications that autonomously manage errors and state across failures. With seamless retries and modular components, it streamlines development and enhances resource efficiency. Harness the power of Cloudflare's ecosystem for robust app performance.