On the news side, a detailed case that your container was never a security boundary, and why microVM isolation is now mandatory for running untrusted agent code. GitHub is having its worst stretch in years: the Pragmatic Engineer explains why AI-generated code volume breaks GitHub and not its competitors, LeadDev documents the reliability crisis and user exodus, and one engineer walks through his move to self-hosted Forgejo. LeakyLM researchers caught trackers inside Claude, ChatGPT, Grok, and Perplexity leaking conversations to Meta, Google, and TikTok ad networks, while Wiz published part two of its teardown of prompt injection and secret exfiltration in AI-powered GitHub Actions. Plus: how Stack Overflow replaced Ingress-NGINX with Istio, the 15 CI/CD metrics worth tracking, and how malicious identity providers can inject ghost identities into multi-SSO AWS Cognito user pools.

On the tutorial side: zero-downtime blue-green frontend deploys on a single EC2 instance with Docker and Nginx, a ten-control GitHub Actions security checklist for surviving supply chain attacks, a breakdown of how Docker’s ONBUILD directive becomes a hidden attack vector in base images, Anthropic’s own guide to running Claude Code in large codebases, a walkthrough of automating dev workflows with MCP, schema validation for Terraform input configs using CUE, and querying Redis with plain SQL.

For videos this week: an argument for why Jenkins is now effectively dead, and a look at the single hottest programming skill to have in 2026.

This week's open source picks include deepsec, a Vercel Labs scanner that runs coding agents across microVMs to find vulnerabilities in large repos; coroot, an eBPF observability platform with zero-instrumentation telemetry and AI root cause analysis; dockhand, a Docker management UI on a hardened Wolfi OS layer; re_gent, version control for AI coding agents that records which prompt wrote each line; petri, a drop-in PostgreSQL replacement that hands every test its own isolated database; tfrev, a Claude-powered reviewer that flags dangerous Terraform plan mismatches; and workshop, a local debugger for coding agents that streams traces and self-heals failing code.

Newsworthy stories

• Your container is not a sandbox

• AI load breaks GitHub, why not other vendors?

• What’s gone wrong at GitHub?

• Why I’m leaving GitHub for Forgejo

• AI assistants are leaking your conversations

• The (in)security landscape of AI-powered GitHub Actions

• Everything you know about scaling web apps breaks when you serve an LLM

• How we replaced Ingress-NGINX at Stack Overflow

• Top 15 CI/CD metrics

• The danger of multi-SSO AWS Cognito user pools

Tutorials of the week

• GitHub Actions security checklist for supply chain attacks

• Schema validation for Terraform input configuration

• Use Redis with SQL

• Zero downtime frontend deploys with blue-green on a single EC2

• Unmasking the Docker ONBUILD supply chain attack vector

• How Claude Code works in large codebases

• Automate your dev workflows with MCP

• Inbox and outbox patterns for reliable event processing

• My favorite Go backend architecture pattern

Videos of the week

Projects of the week

• deepsec runs coding agents across microVMs to scan large repos for vulnerabilities, resuming where it left off after interruptions.

• coroot is an eBPF-based observability platform with zero-instrumentation metrics, logs, traces, and AI-powered root cause analysis.

• dockhand is a Docker management UI for container orchestration, Compose stacks, and Git-based deployments.

  

• re_gent is version control for AI coding agents that records which prompt wrote each line, with rgt log, rgt blame, and rgt show.

• petri is a drop-in PostgreSQL replacement that gives every test its own isolated, seeded database with no cleanup or shared-state flakiness.

• tfrev uses Claude to review Terraform plans against code changes and flag intent mismatches like a tag edit triggering a full destroy and recreate.

• workshop is a local debugger for coding agents that streams traces in real time, writes evals, and self-heals failing code until assertions pass.

Meme of the week