I wrote an article about tools saturation. Give me please your thoughts

https://blog.mousa-cloud.com/posts/stop-developing-tools/

In the recent updates of Claude Code, the old models are added back, which seems to show its new model Fable 5 is gone forever.

are you pretending to work hard recently in AI era?

if you like soccer, I feel this world cup is different, better, more entertaining even in group matches

a quick thought if it helps: AI should not be used during a midnight upgrade or migration, if AI is used, a new maint window should be required

Stategraph is having its next demo day on the 24th.

This one's a deep dive on how Stategraph actually works under the hood, plus a look at Stategraph Cost. We'll get into how the dependency graph is stored in the schema, how surgical reads let you pull individual outputs via terraform_remote_state instead of locking the whole state, and how blast radius uses the graph to show exactly what a change touches before you apply.

Sign up here (pants optional): https://stategraph.com/demo-day

I’m testing the new model of Claude Fable 5 hope it will surprise me

the goal of Anthropic is to get everybody on 200$ plan and then push now 200 to 1000 even more

Hey everyone! Sharing something that's directly relevant to anyone running LLM agents in production.

We're hosting a hands on Agent Evals Bootcamp on June 27 with Ammar Mahanna, PhD, an AI engineer, researcher, educator and expert in production AI and agent evaluation. Someone who actually builds and evaluates production AI systems professionally.

The bootcamp is 4 hours live and you build 10 real evaluation notebooks on the day covering component level evaluation, outcome evaluation, LLM as judge, regression pipelines and production evaluation workflows. You leave with frameworks you can plug into your own systems from day one, not just course notes.

Most people building agents spend weeks tweaking prompts and swapping models but have no real way to measure what is actually better. This bootcamp fixes that.

Every attendee also gets 30 days recording access and a Packt endorsed certification that goes straight on your LinkedIn.

Full details here: https://www.eventbrite.co.uk/e/agent-evals-bootcamp-tickets-1990306501323?aff=swops

PSA remember to tokenmax between now and 6/15 when Anthropic kills the Pro Max all you can eat buffet.

@dude I've been kicking the tires on Hermes Agent. Questions for you.

the more apps I developed, the less optimistic I think AI can bring to job market

with AI, it is easy to try different technologies, recently I used supabase to build a mobile app 🙂

hey everyone

I've put together an "SRE assistant" that you can run locally to help you troubleshoot and automate processes. The way I built it, it uses the memory and learnings from previous interactions and self-improves over time

Any thoughts/feedback would be super appreciated:

https://github.com/raia-live/sre-sample

Sharing a supply-chain hardening pass I did on a Kubeagent CLI, partly hoping to get holes poked in the threat model. (Disclosure: I build KubeAgent — agentless K8s monitor/remediator; runs from your kubectl context, no in-cluster agent, no kubeconfig sent anywhere.)

The npm worm wave (Shai-Hulud, then Mini Shai-Hulud across npm+PyPI) made me treat a dependency compromise as when, not if. What I landed on:
Reduce likelihood
• OIDC trusted publishing — killed the long-lived NPM_TOKEN (the exact credential those worms exfiltrate to self-propagate); releases now auth with a short-lived per-run GitHub token
• ignore-scripts=true so dependency postinstall/preinstall hooks don’t execute on install
• Every third-party GitHub Action pinned to a full commit SHA, not a moving tag (post-tj-actions/CVE-2025-30066); first-party actions/* on majors
• Dep tree kept to 7 direct packages so an advisory is actually reviewable; lockfiles + npm ci only
Reduce impact (the part I most want critique on)
• The tool holds no cluster credential server-side — no SA token, no stored kubeconfig, no inbound path. So a poisoned dependency’s blast radius is bounded to the operator machine that already has kubectl, rather than a centrally-held secret an attacker can pivot through.
Where I think I’m weakest: that last point bounds lateral movement but a malicious dep still runs with the operator’s local privileges — so it’s a reduction, not elimination. Am I framing that honestly, or overselling? And for those publishing CLIs from a private monorepo: provenance attestations aren’t possible (npm requires a public source repo) — how are you giving consumers verifiability without open-sourcing the backend?

does this reassure you? was this even a concern for you? genuinely want the pushback. 🙏

Hey Everyone,

This Saturday I'm building 10 AI projects in 5 hours with Claude Code
You can join this too !

Luca Berton is leading the session live, 5 hours of pure hands-on work

No slides. No theory dumps
Every session ends with a shipped project

Here's what we're building:

→ CLI tools
→ Full UI from a screenshot
→ CLAUDE.md project brain files
→ Test suites and refactor workflows
→ Production readiness reviews
→ Git discipline with AI-generated code

I'll also walk away with 10 downloadable Claude Skills and a Packt-endorsed certificate

I'll share everything I learn after

🔗 You can register too : https://www.eventbrite.co.uk/e/claude-code-bootcamp-tickets-1988549372704?aff=sl2

🎁 Coupon Code: PACKT40

Antigravity 2.0 is more like Codex UI than VS Code

a thought about licenses, with AI, not only SaaS biz is in big risk, but the open source licensing faces uncertainties even for those having BSL

https://nateglubish.substack.com/p/they-said-it-would-cost-54-million

Hey folks, we just launched Kunobi 1.0.0 and would love honest feedback from the community.
Kunobi is a local-first Kubernetes and GitOps workspace for teams working across clusters, Flux, ArgoCD, Helm, logs, and terminals. The goal is to reduce the constant jumping between Lens, k9s, GitOps CLIs, YAML diffs, and browser tabs just to understand what’s deployed where and what’s drifting.
1.0.0 includes a free Community Edition and demo clusters, so you can try it without connecting a real production environment first.
Would love feedback on whether this solves a real pain in your Kubernetes or GitOps workflow, what feels useful or confusing, and which integrations would matter most.
Launch details: https://kunobi.ninja/blog/kunobi-v1
Download: https://kunobi.ninja

Hey everyone 👋

I'm Chi, I I handle complimentary guesting for the AI Infra Summit 2026 (Sept 15-17, Santa Clara Convention Center) and wanted to share something that might be relevant to a few of you.

If you're working in AI infrastructure, cloud, DevOps or anything adjacent - there are complimentary tickets available (worth $3,297) for engineers and technical leaders at qualifying enterprises and hyperscalers. No catch, just a straightforward application process.

The event is pretty stacked this year - 8,000+ attendees, 400 speakers across 8 stages covering compute, data centers, physical AI, data movement and more. Jeff Dean is opening the main stage if that means anything to you! 😄

Full agenda here if you want to take a look before applying: 2026 agenda

Interested? Apply for your free ticket here: Registration link

And if you want to know more or just have questions, feel free to connect with me on LinkedIn - https://www.linkedin.com/in/chipeters/

Happy to answer anything here too, just send me a DM! 🙌

Hey SweetOps! Sharing something we shipped today at Signadot.

signadot-validate is a skill that lets coding agents exercise their changes against the full microservice stack in their inner loop.

The motivation: in cloud-native systems the validation surface is huge, and unit tests and mocks only cover a small slice of it. We wanted to give agents a way to validate changes against the full system before a PR opens.

What it does: the agent discovers the cluster, spins up a lightweight ephemeral environment for its change (using Signadot), runs the modified service against real dependencies, validates through whatever test framework fits, and iterates on failures with live logs streaming back.

Full disclosure: needs Signadot CLI installed in a cluster. Free tier and playground available for trying it out, but it’s not a git clone and run situation.

GitHub
Docs link
Full writeup and demo video

Happy to answer questions in thread & appreciate any feedback

Hey SweetOps! Sharing this because it's directly relevant to what this community is building with every day.

If you're using Claude Code or thinking about it, Packt Publishing is running a hands on bootcamp on May 30 with Luca Berton — Anthropic certified Claude Code instructor, former Red Hat engineer, creator of the Ansible Pilot project, and speaker at KubeCon 2026 and Red Hat Summit 2026. This is someone who builds production grade AI systems for enterprises, not just talks about them.

What you actually get on the day:

10 real world projects built live — CLI tools, APIs, dashboards, git workflows, production readiness reports. You leave with a working portfolio not just notes.

A free downloadable Claude skills library — CLAUDE.md templates, code review prompts, test generation, security checklists, git workflows. Battle tested and ready to drop into your existing projects from day one.

Packt endorsed certification — pass the final assessment and it goes straight on your LinkedIn.

5 hours live, hands on throughout, 1 hour of open Q&A with Luca directly.

We've already got DevOps engineers, CTOs, engineering managers and SREs registered from the US and UK.

Full details here: https://claudecodebootcamp.eventbrite.co.uk/?aff=sps

https://rmoff.net/2026/05/06/ai-slop-is-killing-online-communities/

Is anybody here using Cloud Custodian? Curious what your experience has been and what use cases you use it for!

https://cloudcustodian.io

IAM misconfigurations sit in ticket queues for 14 days on average. the fix itself takes four minutes. wrote up this article on a closed-loop remediation system that handles it in 90 seconds instead, and explains which security findings you should never auto-remediate. I would love some feedback on this.

https://dev.to/riya_mittal_cdd264250ad45/closed-loop-iam-remediation-auto-fixing-security-misconfigurations-without-a-human-in-the-loop-dhc

🚀Bay Area Devs folk— quick one: a 𝗗𝗲𝘃𝗲𝗹𝗼𝗽𝗲𝗿 𝗚𝗶𝘁-𝗧𝗼𝗴𝗲𝘁𝗵𝗲𝗿 𝗶𝗻 𝗦𝗮𝗻 𝗙𝗿𝗮𝗻𝗰𝗶𝘀𝗰𝗼 to talk about what’s actually working (and what’s breaking) in AI-First SDLC.


🗓️ 𝗠𝗮𝘆 𝟭𝟰 | 𝟱:𝟯𝟬–𝟴:𝟯𝟬 𝗣𝗠
📍 TestMu, San Francisco

If you’re in backend, QA, or DevOps — this will be worth your time.

Spots are limited (invite only).

👉️ Register: https://lnkd.in/dxaGF9iN


𝗪𝗵𝗮𝘁 𝘆𝗼𝘂’𝗹𝗹 𝗮𝗰𝘁𝘂𝗮𝗹𝗹𝘆 𝗴𝗲𝘁:
→ Real conversations with engineers building at scale
→ Live demo (not a sales pitch)
→ Practical ideas you can take back to your team
→ Swag + good coffee

🇺🇸 US based software engineers!
You can get refresh new jobs hourly basis here.
https://usdevjobs.com/

Hey guys 👋

I built a self-service developer platform and it's live on the public internet — you can try it from your phone right now.

👉️ https://backstage.gabrieleweka.dev (sign in with GitHub or Google)

The flow: click Create, type a name, pick prod or dev. In ~2 minutes you get:
• A new GitHub repo with a Flask API + frontend
• Full CI/CD pipeline (super-linter + Trivy scans, build, push, deploy)
• Auto-deployed to Kubernetes via ArgoCD with a valid HTTPS URL
• Its own Grafana dashboard (pods, CPU, memory, network, crash count)
• TechDocs page rendered in Backstage

Other stuff to poke at:
• https://argocd.gabrieleweka.dev — read-only login: viewer / viewer123
• http://grafana.gabrieleweka.dev — no login, opens on the Platform Overview
• http://prometheus.gabrieleweka.dev

Heads up: scaffolded apps auto-delete after 30 min (a CronJob reaps them), so don't get attached. Whole thing runs on my old laptop through a Cloudflare Tunnel — $0/month.

Would love feedback 🙌

A github issue complaining MiniMax model but in Chinese, https://github.com/MiniMax-AI/MiniMax-M2/issues/102, many found the post from google and confirmed the bad performance

GPT 5.5 is coming?

Hi everyone!

We built a knowledge graph as a service for production teams: real-time mapping of your infra, apps and codebase, with causal reasoning for incident resolution and prediction.

Would love feedback from people who deal with this daily, or a pointer to someone who'd be keen to try it. Free trial here: https://www.anyshift.io/

Used by Citrix, MotherDuck and Yelp. SOC 2 certified, self-hosted option available. Happy to chat or do a quick demo!

Not sure if there is a similar project for MFA token chaining, if not, I have just made one, https://github.com/snowsky/mfa-chain-orchestrator, which can be installed with pip install mfa-chain-orchestrator, and an example can be found at https://github.com/snowsky/mfa-chain-orchestrator/tree/main/examples.

The idea is simple, user can set up MFA with multiple authenticators in a chain. I tested in my application. When user logs in, he can use password first, and then will be prompted for Google Authenticator and Microsoft Authenticator in sequence or random.

Another week, another resource control policy! I guess this is what IAM geeks do. 😹

github.com/sqlxpert/aws-rcp-s3-require-encryption-kms
…is my new way to replace KMS encryption statements potentially repeated in hundreds of S3 bucket policies.

• Install it in your AWS Organizations management account, with CloudFormation or native Terraform.
• Tag an S3 bucket and enable attribute-based access control (ABAC) for the bucket.
security-s3-require-encryption-kms-key-arn = ARN of KMS key required in this bucket

(Two other identifiers are also supported. One is for the simplest setups, in which S3 bucket and KMS key are only ever used in one region and AWS account. The other fits KMS multi-region keys defined in a central AWS account.)

• Any attempt to create an object with the wrong encryption type or wrong KMS key yields AccessDenied .
• An optional service control policy locks the tag.
Between the resource control policy itself, the automated test stack (CloudFormation only, because it's temporary), and the documentation, there's lots of information about:
• New 2025–2026 S3 features (attribute-based access control, account-regional namespaces)
• IAM policy condition keys for tags, and condition operator semantics
• Secure, future-proof KMS key configurations
I really appreciate your feedback, and that's not an empty statement: I improve stuff based on user requests, and I of course acknowledge the source.

I hope this will be useful. If you give it a try, thank you!

I built CubbyDrop — encrypted file sharing where the server never sees your data.
How it works: your files are encrypted with AES-256-GCM in the browser before upload. The key stays in the link — the server literally can't access
your files.

Main features:
• End-to-end encrypted file transfers
• Password protection & download limits
• Delete-after-download for sensitive files
• Live peer-to-peer mode (no server, no size limits)
• Personal subdomains (you.cubbydrop.com)
• Team plans with admin dashboard & domain discovery
• QR code sharing for mobile
• Encrypted text/password paste
https://cubbydrop.com
Would love honest feedback — what's missing? What would make you switch from your current tool?

AI infrastructure is moving fast, and the cost of getting it wrong is rising.

Too many teams are still dealing with the same problems: surface-level conversations, fragmented market views, and uncertainty over whether the right people are even in the room.

AI Infra Summit is built to solve that.

It brings together the technical leaders, enterprises, hyperscalers, and infrastructure players driving the industry forward, so you can get practical insight, see the full ecosystem more clearly, and make connections that matter.

If you want a sharper perspective and better conversations, register your interest here: https://lnkd.in/e9HVGddr

Sam may be intentionally to stay behind Dario to avoid to be hated by engineers being laid off but maintain his business market. the hatred turning against to the 1st leader may happen in a snap, hope this wouldn’t happen