AGENTOWNERS locks repos; Cursor threatens GitHub monopoly

AGENTOWNERS adds a repo‑native policy layer that blocks AI‑generated PRs from touching high‑risk paths like workflows, secrets, or infrastructure code. By auto‑rejecting unsafe changes and flagging risky edits for human review, it stops maintainers from wasting time on potentially dangerous AI edits.

AGENTOWNERS adds a repo‑native policy layer that blocks AI‑generated PRs from touching high‑risk paths like workflows, secrets, or infrastructure code. By auto‑rejecting unsafe changes and flagging risky edits for human review, it stops maintainers from wasting time on potentially dangerous AI edits.

Classic monitoring dashboards show green health while a RAG pipeline hallucinates data, because they’re built for deterministic failures. The article explains that generative‑AI bugs manifest as hallucinations, drift, or omissions and outlines a new observability shift that uses execution traces, evaluation suites and payload logging to surface probabilistic errors before they break trust.

Cursor unveiled Origin, an AI‑agent‑centric Git hosting platform, positioning itself as a direct challenger to GitHub’s human‑focused model. Backed by SpaceX’s $60 billion acquisition of Cursor, the move forces GitLab, Zed and the broader dev‑tools ecosystem to rethink collaboration at scale.

Microsoft is adding Amazon Web Services capacity to GitHub after AI‑powered coding tools drove a surge from 1 billion commits in 2025 to a projected 14 billion in 2026, overwhelming Azure. The cross‑cloud deal highlights how even rivals must adopt multi‑cloud strategies to keep critical developer platforms reliable.

Neocloud providers are bundling sovereign‑by‑design AI with PostgreSQL so inference runs where the data lives, eliminating costly data copies and compliance headaches. For regulated sectors, finance, healthcare, telecom, this model cuts latency, lowers security exposure, and lets enterprises build their own AI platform without surrendering to a single hyperscale cloud.

Anthropic has hit pause on its token‑based billing overhaul for the Claude Agent SDK, leaving usage under existing subscription limits for now. The company says the change was postponed to better align with how developers build on Claude subscriptions, with a promise to update before any new charges take effect. This pause keeps the current credit model in limbo, preserving developer workflows.

Postgres storage is now a solved problem, so the real challenge is moving data across clouds, analytics pipelines, and AI services without costly copies. New features like logical replication, CDC, and foreign data wrappers let PostgreSQL act as a live data hub, slashing latency and operational overhead.

VS Code 1.123 inserts a two‑hour pause before auto‑installing newly published extension versions. The window gives developers and administrators time to spot malicious updates, limiting supply‑chain attacks, while trusted publishers like Microsoft and GitHub remain exempt.

Chainguard unveiled Athena, a coalition of 20+ tech leaders that has already processed 20,000 AI‑found vulnerabilities and shipped 2,000 patches across 500 open‑source projects. By fixing flaws before they go public, Athena aims to reverse the shrinking window between discovery and exploitation, protecting the software supply chain from frontier‑model attacks.

The Model Context Protocol now ships a stable Enterprise‑Managed Authorization extension, letting admins centralize access via existing identity providers like Okta. This removes per‑service OAuth prompts, provides a single audit trail, and enables policy‑driven access for AI agents at scale.

Google, Microsoft and OpenAI have joined 10 other firms to launch the Appia Foundation, an open‑source effort under the Linux Foundation’s Joint Development Foundation. It will publish modular specifications that let AI producers and users prove safety, fairness and regulatory compliance across the supply chain, replacing vague self‑claims with verifiable trust marks.