TLDR DevOps 2025-09-29

Visual Studio 2026 Insiders introduces deeply integrated AI, making code reviews, documentation, and debugging more seamless while reducing developer overhead. The release also delivers major performance boosts, a modernized Fluent UI design, and a new Insiders Channel for early feature access, all aimed at keeping developers in flow and accelerating productivity.

Nearly all of Cloudflare's features, previously limited to enterprise customers, will become available for purchase by anyone on any plan without contracts or sales involvement. The rollout will begin with dashboard Single Sign-On and will expand over the next year to include other advanced capabilities, reinforcing Cloudflare's mission to make powerful Internet security and performance tools accessible to all users.

Cloudflare has strengthened the security of Workers by modifying the V8 runtime to use memory protection keys and a software-based sandbox, preventing cross-isolate data access and containing memory corruption attacks. These improvements create layered defenses that block escalation attempts, ensuring user code runs safely on Cloudflare's globally distributed infrastructure without requiring customer intervention.

Good taste in software engineering isn't about raw skill but about choosing the right engineering values—like readability, scalability, or resiliency—for the problem at hand. Engineers with good taste stay flexible, avoid rigid “best practices,” and make tradeoffs that fit their project's context, leading to more successful outcomes over time.

AI agents can handle more tools and more complex tools by converting Model Context Protocol (MCP) tools into a TypeScript API and having LLMs write code to call that API. This approach uses the Cloudflare Workers platform and its new Worker Loader API, which loads Worker code on-demand with a secure sandbox that prohibits internet access. It isolates access to MCP servers through bindings and prevents the AI from leaking API keys.

Focusing only on urgent tasks in software engineering leaves bugs and technical debt unresolved, eventually slowing development and frustrating users. Teams can avoid this by reserving capacity for lower-priority but important work through strategies like time allocation, dedicated ownership, or zero-tolerance policies.

AI agents can generate new code instantly, but testing it against cloud resources such as other microservices, databases, and queues still takes too long. mirrord lets AI-generated code run locally with seamless access to your live staging environment. No mocks, no waiting, just instant integration testing. Try mirrord for free

Coze Studio, an all-in-one AI agent development tool derived from the "Coze Development Platform," has been released as open source. The platform simplifies AI agent creation, debugging, and deployment with visual tools, no-code or low-code approaches, and a microservices architecture built on Golang, React, and Typescript.

Claude Code Router version v1.0.50 is now available. Users can now route Claude Code requests through models like GLM-4.5 and DeepSeek v3.1 for free via the iFlow Platform.

The Cloud Native Computing Foundation partnered with Docker to provide all CNCF projects with access to Docker's Sponsored Open Source program, delivering premium registry, security, and support services. Maintainers gain scalable infrastructure with tools like Docker Scout, automated builds, and usage insights, while users benefit from more secure and reliable access to cloud native projects.

A newly discovered NPM worm called Shai-Hulud spread rapidly by stealing credentials and self-propagating across hundreds of packages, highlighting the escalating risks of open source supply chain attacks. Sysdig's Threat Intelligence Feed provides real-time visibility into malicious NPM packages, enabling security teams to quickly verify exposure, investigate threats, and respond with precision.

Tired of doomscrolling to figure out if the latest vuln is the next Log4j? cvemon (by Intruder) tracks CVE hype with expert commentary - completely free. See what's trending →

Amazon ECS now supports native blue/green deployments, providing an alternative to AWS CodeDeploy.

The Cloud Native Computing Foundation (CNCF) announced the first wave of Kubernetes Community Days (KCDs) for 2026 and introduced three tiers of KCDs to support communities of all sizes.