Terraform controls Matrix rooms, GitHub kills PATs, Cisco open-sources AI SAST

A new Terraform and OpenTofu provider lets you declare Matrix rooms, spaces, memberships, power levels and arbitrary state events as code. It bridges the gap for teams that manage Matrix infrastructure, enabling repeatable, version‑controlled provisioning alongside existing IaC pipelines.

GitHub has eliminated the need for personal access tokens in its Agentic Workflows, allowing the built‑in GITHUB_TOKEN to handle authentication. This cuts operational overhead and security risk while billing AI credits directly to the organization. The change applies across all Copilot plans.

AI‑Deep SAST combines Semgrep’s speed with a locally‑run 8‑billion‑parameter security model, delivering per‑finding triage in seconds within CI pipelines. An optional deep‑scan mode plugs in frontier LLMs for whole‑codebase analysis, letting teams catch OWASP Top 10 issues without paying for expensive cloud API calls.

Anthropic’s Claude Opus 4.6 system card flags a new class of failure: long tool-call chains that can cause irreversible side effects. Traditional SRE observability and incident‑response tooling cannot detect or remediate these agentic behaviors, forcing reliability teams to rethink monitoring for AI‑driven workloads.

Anonde provides an open‑source Go library and Docker image that tokenizes PII before any LLM API sees it. It runs locally, supports 52 pattern recognizers plus multilingual GLiNER NER, and offers reversible, audited token mapping, letting regulated industries secure AI pipelines without cloud exposure.

GitHub’s npm v12 will turn off pre‑install, install and post‑install scripts, block Git‑sourced packages and remote URL downloads unless explicitly allowed. This shift stops a major code‑execution surface, forcing developers to whitelist trusted scripts and reducing supply‑chain attack risk.