The team behind Docker and Dagger built Mendral, an autonomous AI DevOps engineer that investigates root causes across your repos, CI logs, Dockerfiles, and IaC, then ships fixes as reviewable PRs. Worth a look if supply chain security or slow CI is eating your engineers’ time.

A malicious VS Code extension granted attackers access to 3,800 GitHub repositories this week, raising fresh questions about extension trust in developer toolchains. Docker Sandbox’s undocumented microVM API was fully reverse-engineered and documented by the Rivet team; Terraform 1.15 landed with dynamic source references and variable deprecation; and Anthropic engineers are dropping Markdown in favor of raw HTML when building with Claude Code.

On the tutorial side: security researchers show exactly how malicious skills and agents can compromise Claude Code, Teads walks through cutting BigQuery slot usage by 90% after a production outage, there’s a deep-dive into building a distributed search engine in pure Go, and a postmortem on how unused Postgres indexes silently ate 41GB. Plus canary deployments with AWS SAM, root cause analysis with the AWS DevOps Agent, and Bedrock API key security.

For videos this week: how a single PR nearly hijacked the NPM registry, and a candid take on what moving too fast in software actually costs you.

This week’s projects include SCAM, a 1Password benchmark that tests AI agents’ security awareness in real-world workplace scenarios; pgsqlite, a Postgres wire protocol adapter for SQLite; swamp, a CLI for building reviewable AI agent workflows stored in Git; and capsule, a multi-tenancy framework for Kubernetes.

The team behind Docker and Dagger built an AI DevOps engineer

Mendral is an autonomous AI DevOps engineer that handles the work your engineers shouldn't be doing manually anymore: supply chain security, flaky CI, slow builds, and anything else specific to your stack.

It investigates root causes across your repos, CI logs, Dockerfiles, lockfiles, and IaC, then ships the fix as a reviewable PR - pinning CVEs, killing flakes, tuning cache layers, and upgrading dependencies without taking your engineers off product work - Try it out!

Newsworthy stories

• LLMs are good at SQL. We gave our terabytes of CI logs

• The request is the wrong unit of scale for LLMs on Kubernetes

• We reverse-engineered Docker Sandbox’s undocumented microVM API

• GitHub confirms breach of 3,800 repos via malicious VSCode extension

• Open in VSCode for Terraform in Azure Copilot

• How Anthropic engineers are building with Claude

Tutorials of the week

• Identifying security risks using AWS Cost and Usage Report data

• Live canary deployments with AWS SAM

• Mounting Git commits as folders with NFS

• Automate root cause analysis across Datadog and Elasticsearch with AWS DevOps Agent

• Compromising Claude Code with malicious skills and agents

  

• Building a distributed search engine in pure Go

• How we cut BigQuery slot usage by 90%

• AWS Bedrock security guide: API keys, detection, and response

• How unused indexes ate 41GB of Postgres storage

• Best practices for computer and browser use with Claude

Videos of the week

Projects of the week

• pgsqlite is a PostgreSQL protocol adapter for SQLite, allowing any PostgreSQL client to connect to and query SQLite databases over the standard wire protocol.

• SCAM is a benchmark from 1Password that tests AI agents’ security awareness through realistic, multi-turn workplace scenarios.

• snipe-it is an IT asset and license management system.

• changedetection.io is a website change-detection tool that alerts you when content, prices, or stock levels change.

• swamp is a CLI that supercharges AI agents to build reviewable, shareable operational workflows, stored as versioned YAML in a Git directory.

• capsule is a multi-tenancy and policy framework for Kubernetes that enforces namespace isolation and resource policies across tenant clusters.

• git-switch is a native Git client that runs dev servers directly from the UI.

Meme of the week