After supply-chain attacks against tj-actions and Trivy, GitHub published a plan to reduce the attack surface of CI/CD pipelines through dependency locking, scoped secrets, and Layer 7 egress firewalls.
A roundup of four topics around AI agent development and operations in February: a study showing AGENTS.md may be counterproductive, Continue.dev's CI-integrated AI checks, AWS Strands Agents' built-in session persistence, and Docker Shell Sandbox for isolated agent execution.
A deep dive comparing 10 AI-powered E2E testing and browser automation tools including Shortest, Playwright MCP, Stagehand, Skyvern, and QA Wolf, categorized by use case with focus on reliability, speed, and cost.
