Interesting…

Links from today's office hours:

https://rosesecurity.dev/2026/03/20/typosquatting-trivy.html
https://x.com/karpathy/status/2036487306585268612
https://github.com/AmElmo/proofshot
https://github.com/hectorvent/floci
https://x.com/stripe/status/2034257912973963374
https://atmos.tools/changelog/auth-required-concurrent-identities
https://atmos.tools/changelog/auth-console-isolated-sessions
https://rosesecurity.dev/2026/03/20/typosquatting-trivy.html
https://github.com/aquasecurity/trivy/commit/1885610c6a34811c8296416ae69f568002ef11ec#diff-7c91aaa231c9799967299bd573925eaa0e310a4274e57a39bf3bf8930aa278c2R81
https://github.com/actions/checkout/commit/70379aad1a8b40919ce8b382d3cd7d0315cde1d0
https://github.com/zizmorcore/zizmor
https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1728070288065001o6bO
https://www.theregister.com/special_features/spotlight_on_rsac/
https://www.theregister.com/2025/04/29/north_korea_worker_interview_questions/
https://github.com/mitchellh/vouch
https://github.com/cloudposse/atmos/pull/2238
https://github.com/cloudposse-examples/app-on-ecs-v2/blob/main/profiles/github/atmos.yaml
https://github.com/paperclipai/paperclip
https://supermemory.ai/docs/intro
https://www.reddit.com/r/ClaudeCode/comments/1s2ci4f/claude_code_can_now_dream/
https://www.youtube.com/watch?v=ShEez0JkOFw

An interesting AWS Console TUI: https://github.com/k2m30/a9s

Links from today's office hours:

https://tui.studio/
https://github.com/paperclipai/paperclip
https://www.nvidia.com/en-us/ai/nemoclaw
https://github.com/ops0-ai/oxid
https://blog.exe.dev/ssh-host-header
https://www.wired.com/story/hundreds-of-millions-of-iphones-can-be-hacked-with-a-new-tool-found-in-the-wild/
https://atmos.tools/changelog/native-ci-integration
https://github.com/cloudposse-examples/app-on-ecs-v2
https://blog.cloudflare.com/shift-left-enterprise-scale/
https://github.com/mmarinovic/React2AWS
https://cmux.com/
https://tmuxai.dev
https://www.conductor.build/

Have been missing the last few HH. Hope you all are well. Sharing this in case it hasn't been discussed. Haven't tried it yet but might be worth a look....

https://pullpreview.com/

Links from today's office hours:

https://vercel.com/docs/queues
https://www.stepsecurity.io/blog/hackerbot-claw-github-actions-exploitation
https://github.com/aquasecurity/trivy/discussions/10265#discussioncomment-15968674
https://atmos.tools/changelog/introducing-atmos-ai
https://atmos.tools/changelog/ai-agent-skills
https://atmos.tools/changelog
https://github.blog/changelog/2026-02-26-github-actions-now-supports-uploading-and-downloading-non-zipped-artifacts
https://manuchandrasekhar.com/posts/2026/02-13-tf-deprecation/
https://x.com/i/status/2026695550771540489
https://github.com/AlexsJones/llmfit
https://github.com/milldr/flow
https://code.claude.com/docs/en/remote-control
https://discord.com/channels/1469527844802793589/1469555929480695829/1473742489125916847
https://www.wiz.io/blog/google-closes-deal-to-acquire-wiz
https://developers.cloudflare.com/changelog/post/2026-03-10-br-crawl-endpoint/
https://www.ft.com/content/7cab4ec7-4712-4137-b602-119a44f771de
https://x.com/satyanadella/status/2030992877665583440
https://github.com/chardet/chardet/issues/327
https://grith.ai/blog/clinejection-when-your-ai-tool-installs-another
https://github.com/googleworkspace/cli
https://techcrunch.com/2026/03/02/users-are-ditching-chatgpt-for-claude-heres-how-to-make-the-switch/
z.ai
https://github.com/karpathy/autoresearch
https://codewire.sh
https://robohorizon.com/en-us/magazine/2026/03/eon-uploaded-a-fruit-flys-brain-and-it-actually-works/
https://github.com/kubernetes-sigs/agent-sandbox/
https://github.com/kernel/hypeman

Curious how SRE teams here handle incident postmortems.
I built a small tool that reads Slack war-room threads and generates an RCA automatically.
Example output:
• Timeline reconstructed from messages
• Root cause analysis
• Evidence links to logs
• Executive summary
Example incident flow:
03:47 — incident posted in Slack
03:49 — RCA generated
03:51 — fix suggested
Would love feedback from people doing on-call / incident response.
https://www.prodrescueai.com

Links that were scheduled to be discussed after the demo at today's office hours:

https://vercel.com/docs/queues
https://www.stepsecurity.io/blog/hackerbot-claw-github-actions-exploitation
https://github.com/aquasecurity/trivy/discussions/10265#discussioncomment-15968674
https://github.blog/changelog/2026-02-26-github-actions-now-supports-uploading-and-downloading-non-zipped-artifacts
https://x.com/i/status/2026695550771540489
https://github.com/AlexsJones/llmfit
https://github.com/milldr/flow
https://code.claude.com/docs/en/remote-control
https://techcrunch.com/2026/03/03/claude-code-rolls-out-a-voice-mode-capability/

@here Today on office hours we'll have Stategraph founders on the call giving a demo. It's a great opportunity to ask questions from @Malcolm Matalka (Terrateam) and @Josh Pollara who have arguably spent more time looking at Terraform state than any one.

I know I have lot of questions! Watch the video below of their demo last week, for a preview.

https://www.youtube.com/watch?app=desktop&t=15&v=kI-a6rTCc5w&feature=youtu.be

Links from today's office hours:

https://hai.wxs.ro/migrations/argocd-to-flux/
https://www.anthropic.com/news/claude-code-security
https://x.com/PolymarketMoney/status/2025009630305251501
https://manaflow.com/
https://github.com/manaflow-ai/cmux
https://www.opsy.sh/
https://opencode.ai/
https://x.com/i/status/2024574740417970462
https://vercel.com/changelog/private-storage-for-vercel-blob-now-available-in-public-beta
https://github.com/badlogic/pi-mono
https://github.com/can1357/oh-my-pi
https://blog.cloudflare.com/markdown-for-agents/
https://www.diabrowser.com/

Links from today's office hours:

https://x.com/jaredpalmer/status/2019817235163074881?s=46&t=hxmjEyu5OyUbWbc_cO5EPQ
https://github.blog/news-insights/company-news/pick-your-agent-use-claude-and-codex-on-agent-hq/
https://www.omnara.com/
https://go.dev/blog/gofix
https://github.com/obra/superpowers
https://www.youtube.com/live/OEOiERQKKEQ
https://x.com/AndrewWarner/status/2024168538508775674
https://github.com/steipete/gogcli
https://aws.amazon.com/blogs/aws/aws-iam-identity-center-now-supports-multi-region-replication-for-aws-account-access-and-application-use/
https://kubernetes.io/blog/2026/02/03/introducing-node-readiness-controller/
https://www.ampcuscyber.com/shadowopsintel/a-new-google-chrome-zero-day-exploited-in-the-wild/
https://aws.amazon.com/about-aws/whats-new/2026/02/amazon-ec2-nested-virtualization-on-virtual
https://github.com/sqlxpert/backup-events-aws
https://github.blog/open-source/maintainers/welcome-to-the-eternal-september-of-open-source-heres-what-we-plan-to-do-for-maintainers/
https://github.com/github/balanced-employee-ip-agreement
https://github.com/obra/superpowers
https://www.pulumi.com/blog/top-8-claude-skills-devops-2026/

@here Did you know you can now subscribe to our Office Hours calendar feed? Just go here and click on the link for your calendar software.


https://cloudposse.com/office-hours/calendar

@Prasanna joined #office-hours. They’re also new to SweetOps.

@JS joined #office-hours. They’re also new to SweetOps.

@Salman Shaik joined #office-hours. They’re also new to SweetOps.

@Deep joined #office-hours. They’re also new to SweetOps.

Links from today's office hours:

https://github.com/mogenius/renovate-operator
https://github.com/mitchellh/vouch
https://github.github.io/gh-aw/setup/creating-workflows/
https://github.com/github/gh-aw/tree/main/.github/workflows
https://github.blog/changelog/2026-02-05-github-actions-early-february-2026-updates
https://www.windmill.dev/
https://simonwillison.net/2026/Feb/10/showboat-and-rodney/
https://entire.io/
https://cloudposse.com/slack/archive/aws/msg/1769536967-706089?utm_source=share&utm_medium=referral&utm_campaign=sweetops&utm_content=share&utm_term=slack-archive-message
https://github.com/awslabs/fullstack-solution-template-for-agentcore

This was an interesting read!
https://runs-on.com/blog/from-freelancer-to-1m-github-actions-jobs/

Relaunched our podcast site, which is a syndication of our office hours in audio form.

👉️ https://cloudposse.com/podcast

Links from today's office hours:

https://github.blog/changelog/2026-01-29-github-actions-smarter-editing-clearer-debugging-and-a-new-case-function/
https://openai.com/codex/get-started/
https://www.millert.dev/
https://www.chainguard.dev/unchained/introducing-chainguard-emeritoss
https://www.chainguard.dev/unchained/fork-yeah-were-adding-ten-new-open-source-projects-to-emeritoss?utm_source=the+new+stack&utm_medium=referral&utm_content=inline-mention&utm_campaign=tns+platform
http://Skills.sh
https://github.com/pokgak/lgtm-cli
https://discuss.kubernetes.io/t/security-advisory-multiple-issues-in-ingress-nginx/34115?utm_source=chatgpt.com
https://www.chainguard.dev/unchained/keeping-ingress-nginx-alive?utm_source=chatgpt.com
https://github.com/chainguard-forks/kubeapps
https://github.com/SAP/kubeapps
https://cloudposse.com/slack/archive
https://github.com/ms-henglu/graft?
https://answersforaws.com
https://kro.run/
https://www.wiz.io/blog/exposed-moltbook-database-reveals-millions-of-api-keys
https://www.wired.com/story/i-infiltrated-moltbook-ai-only-social-network/
https://archive.is/2026.02.02-161143/https://www.economist.com/business/2026/02/01/why-software-stocks-are-getting-pummelled
https://blog.kilo.ai/p/kilo-cli
https://github.com/The-Pocket/PocketFlow
https://strandsagents.com/latest/
https://github.com/junegunn/fzf
https://github.com/charmbracelet/crush
https://www.theregister.com/2026/01/27/ralph_wiggum_claude_loops/

Here's a new office hours slack archive https://cloudposse.com/slack/archive/office-hours

Not news but: wondering if anyone has used fastly key value store over other vendors?

https://www.fastly.com/blog/be-among-the-first-to-try-the-greatest-kv-store-ever-made

I forget who it was in office hours that mentioned using google_project_service for enabling API Gateways via terraform but your advice was spot on. Ended up with this:

# Enable the api gateway managed service
resource "google_project_service" "api_gateway_managed_service" {
  service            = google_api_gateway_api.api.managed_service
  disable_on_destroy = false

  depends_on = [
    google_api_gateway_api.api
  ]
}

Worked like a charm! 👍️🏾

Links from today's office hours:

https://www.linkedin.com/posts/james-mahy_a-few-days-ago-the-aws-sdj-js-v3-repo-share-7420173994101755904-ItXJ/?utm_source=social_share_send&utm_medium=ios_app&rcm=ACoAAABZsBUBWKMGQCIG5JlgZ3-pz7WU35HDCw8&utm_campaign=copy_link
https://github.com/Use-Tusk/fence
https://github.com/hashicorp/agent-skills
https://aisle.com/blog/aisle-discovered-12-out-of-12-openssl-vulnerabilities
https://x.com/nicerinperson/status/2014989679796347375?s=46&t=hxmjEyu5OyUbWbc_cO5EPQ
https://www.molt.bot/
https://docs.molt.bot/hooks/soul-evil
https://www.youtube.com/watch?v=MUDvwqJWWIw
https://www.reuters.com/legal/litigation/amazon-cuts-16000-jobs-globally-broader-restructuring-2026-01-28/
https://aws.amazon.com/about-aws/whats-new/2026/1/amazon-route-53-domains-adds-support-for-.ai-and-other-top-level-domains/
https://aws.amazon.com/about-aws/whats-new/2026/01/aws-security-agent-ghe-support/
https://ishi.so/
https://www.theregister.com/2026/01/27/ralph_wiggum_claude_loops/
https://qwen.ai/blog?id=qwen3tts-0115
https://exe.dev/
https://dataraven.io/
https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_service
https://marimo.io/
https://www.atmos-pro.com/
https://atmos.tools/roadmap
https://docs.cloudposse.com/layers/github-actions/runs-on/
https://docs.cloudposse.com/components/library/aws/runs-on/
https://github.com/cloudposse/atmos/pull/1911
https://developer.1password.com/docs/environments/aws-secrets-manager/

anyone check this out yet? https://exe.dev/ - https://youtu.be/bV60dwhL2x4?si=Yf-xzN5LWdPaGbIk

Curl shuts down their bug bounty program because of AI slop: https://github.com/curl/curl/pull/20312?utm_source=the+new+stack&utm_medium=referral&utm_content=inline-mention&utm_campaign=tns+platform

Links from today's office hours:
https://etn.se/index.php/nyheter/72808-curl-removes-bug-bounties.html
https://www.willmunn.xyz/devops/helm/kubernetes/2026/01/17/building-robust-helm-charts.html
https://github.com/lance0/ttl
https://meshery.io/
https://www.infoq.com/news/2026/01/docker-kanvas-cloud-deployment/
https://hackernoon.com/the-long-now-of-the-web-inside-the-internet-archives-fight-against-forgetting
https://github.com/antonbabenko/terraform-skill
https://aws.amazon.com/about-aws/whats-new/2026/01/amazon-ecr-cross-repository-layer-sharing/
https://aws.amazon.com/about-aws/whats-new/2026/01/amazon-rds-blue-green-deployments-reduces-downtime/
https://kubernetes.io/blog/2026/01/19/clientcmd-apiserver-access/
https://github.com/TechDufus/openkanban
https://www.amazon.com/Certified-Practitioner-AIF-C01-Study-Depth/dp/B0F78DNCF4/ref=pd_vtp_d_sccl_1_2/137-9824499-5817152
https://www.youtube.com/@CoverToCode
https://atmos.tools/roadmap
https://github.com/michidk/vscli
https://github.com/kirodotdev/Kiro/issues/164#issuecomment-3756104777

Links from today's office hours:

https://thehackernews.com/2026/01/n8n-warns-of-cvss-100-rce-vulnerability.html?m=1
https://github.com/cloudposse/build-harness/pull/392
https://github.com/cloudposse/packages/pull/6299
https://github.blog/changelog/2026-01-13-new-fine-grained-permission-for-artifact-metadata-is-now-generally-available/
https://builder.aws.com/community/community-builders
https://github.com/cloudposse-examples/app-on-ecs-v2
https://atmos.tools/changelog/ask-ai-search
https://atmos.tools/changelog/automatic-backend-provisioning-on-init
https://github.com/cloudposse-examples/app-on-ecs-v2/tree/main
https://github.com/anthropics/claude-code/issues/17118
https://opencode.ai/
https://github.com/code-yeongyu/oh-my-opencode?tab=readme-ov-file#its-the-age-of-agents
https://github.com/Yeachan-Heo/oh-my-claude-sisyphus
https://github.com/bmad-code-org/BMAD-METHOD/
https://superset.sh/
https://github.com/steveyegge/beads
https://block.github.io/goose/docs/tutorials/rpi
https://block.github.io/goose/docs/guides/sessions/smart-context-management
https://atmos.tools
https://atmos.tools/changelog/toolchain-management
https://atmos.tools/cli/configuration/commands
https://atmos.tools/cli/configuration/workflows
https://atmos.tools/cli/commands/docs/generate

Applications are open to become an AWS community builder. Deadline is January 21st.

https://builder.aws.com/community/community-builders

The headline is click bait but the OSS discussion is more important....

"The layoffs equate to just three people but nevertheless amounting to 75 percent of the software engineers on the team, since Tailwind Labs is a small company. The remaining staff are three co-founders, plus Robin Malfait and Peter Suhm."

https://devclass.com/2026/01/08/tailwind-labs-lays-off-75-percent-of-its-engineers-thanks-to-brutal-impact-of-ai/

Links from today's office hours:

https://www.acm.org/articles/bulletins/2026/january/acm-open-access
https://data.stackexchange.com/stackoverflow/query/1926661#graph
https://www.theregister.com/2026/01/05/aws_price_increase/
https://github.com/github/spec-kit
https://groups.google.com/g/kubernetes-sig-ui/c/vpYIRDMysek/m/wd2iedUKDwAJ?utm_medium=email&utm_source=footer&pli=1
https://github.com/vince-riv/argo-diff
https://github.com/hcavarsan/pipedash
https://www.docker.com/blog/docker-hardened-images-for-every-developer/
https://atmos.tools/roadmap
https://tonkotsu.ai