Red Hat has released OpenShift Service Mesh 3.3, bringing post-quantum cryptography (PQC), AI enablement features, and foundational support for external VM integration. Based on Istio 1.28…
The Cloud Native Computing Foundation has unveiled the CARE Program (Certification Advancement & Recertification Experience), a significant restructuring of its certification renewal policy that addresses long-standing…
Grafana has released the OpenLIT Operator, a Kubernetes-native solution for monitoring AI workloads without requiring code changes. The integration with Grafana Clouds AI Observability suite promises…
The vLLM project has released version 0.18.0, a substantial update featuring 445 commits from 213 contributors including 61 new contributors. This release significantly expands deployment flexibility…
Platform Engineering Day’s growing emphasis on AI, security, and internal platform maturity is a useful signal: cloud-native teams are moving past raw infrastructure enthusiasm and toward the harder work of building governed, product-like platforms for developers and automation.
Morgan Stanley’s multi-year Flux journey shows that GitOps at enterprise scale is not just about choosing a reconciler. It is about onboarding, tenancy boundaries, source-of-truth design, and relentless tuning once the cluster count and resource count get large.
GitHub's March 2026 Actions update brings long-awaited cron timezone support and granular environment deployment controls.
OpenClaw 2026.3.13 introduces official Chrome DevTools MCP attach mode for debugging live browser sessions directly from your AI agent.
containerd 2.3.0 introduces the project's first annual LTS release with a new 4-month cadence aligned with Kubernetes. Learn how to upgrade safely.
The Kubernetes image promoter (kpromo) underwent an invisible rewrite that deleted 20% of the codebase while dramatically improving speed and reliability.
GitHub’s new OIDC support for repository custom properties is more than a convenience feature. It gives platform teams a cleaner way to express cloud access around repo attributes instead of maintaining brittle allowlists one workflow at a time.
Tekton Pipeline 1.10.1 is a modest patch release with one notable fix, but the release still stands out for something more important: the project keeps shipping attestation guidance right in the notes. For platform teams, that is the pattern worth adopting even when the diff itself is small.
GitHub’s new pre-commit ecosystem support turns one of the most annoying sources of silent repo drift into a first-class dependency workflow. The win is not just freshness. It is making hook upgrades reviewable, grouped, and testable like any other supply-chain change.
GitHub added 28 new secret detectors, broadened default push protection, and introduced more validity checks in March 2026. The real story is operational: secret scanning is becoming a faster feedback system for SaaS sprawl, not just a cleanup tool after a leak.
GitHub’s latest CodeQL release adds Java 26 support, better Maven version selection, and query updates across multiple languages. The operational takeaway is simple: code scanning accuracy increasingly depends on matching real build conditions, not just running static analysis somewhere in CI.
GitHub’s new ‘Lock advisory’ action lets repo admins freeze draft security advisories and private vulnerability reports while discussion continues in comments. For DevSecOps teams, it’s a governance primitive: reduce accidental edits, preserve triage decisions, and keep the record stable before publication.
GitHub says Copilot code review is now generally available on an agentic, tool-calling architecture that can pull broader repository context on demand — and it runs on GitHub Actions. That combination shifts cost, governance, and security considerations for engineering orgs. Here’s how to evaluate it, especially if you use self-hosted runners.
Flux 2.8 ships Helm v4 support (including server-side apply) and pushes more deployments toward kstatus-style readiness. That combination changes the operational contract of GitOps: fewer false ‘healthy’ signals, better drift visibility, and sharper rollback decisions.
GitHub now supports assigning Dependabot alerts to specific users (GA). That sounds small—but it’s the missing piece that lets teams operationalize dependency remediation the same way they do incidents: ownership, queues, automation, and reporting.
GitHub is deprecating several Copilot models (including GPT-5.1) and changing required network routing for Copilot coding agent. If you run agents on self-hosted runners, your allowlists and model policies need attention now.
