LodeHQSubscribe →

AI agents pull Git locally, GitLab automates rate limits

DevOps · 2026-07-08

CI/CD & Automation
Distributed Git network lets AI agents pull code locally, slashing latency2 MIN

Former GitHub CEO Thomas Dohmke’s startup Entire previewed a distributed Git network that mirrors repos across regions, letting AI coding agents fetch code locally and avoid central rate limits. In internal tests the system handled 570k clones and 2 million pushes per hour, promising lower latency and higher reliability for the AI‑driven dev pipeline.

GitLab proves AI agents can automate legacy rate‑limit migration7 MIN

A three‑person pod used GitLab Duo Agent platform to rewrite and consolidate GitLab’s dual rate‑limiting codebases into a single labkit‑ruby implementation. The AI‑driven loop generated specs, code, and tests, delivering 30+ merge requests with no downtime, while exposing workflow gaps that humans must still guard.

Builderbot powers 200k daily AI ops, merging 1,500 PRs weekly at Block2 MIN

Block's Builderbot, built on open‑source Goose, orchestrates AI agents via Slack to handle tickets, write code, open PRs, run CI, and merge. It runs >200k operations daily and merges ~1,500 PRs weekly, about 15% of production changes, cutting developer load and speeding Square POS updates.

Containers & Orchestration
etcd 3.7 adds streaming ranges and drops v2 store, boosting Kubernetes performance8 MIN

etcd 3.7.0 introduces RangeStream, letting clients stream massive key ranges in chunks and slashing latency and memory use. It also retires the legacy v2 store, adds keys‑only range optimization and upgrades core dependencies, delivering noticeable CPU savings for Kubernetes control planes.

Cube Sandbox delivers sub‑60 ms AI agent sandboxes with <5 MB memory6 MIN

Cube Sandbox, an open‑source service built on RustVMM and KVM, boots hardware‑isolated sandboxes for AI agents in under 60 ms using less than 5 MB of RAM. It works with the E2B SDK, supports single‑node and multi‑node clusters, and adds snapshot, auto‑pause and policy‑based egress controls.

Airbnb’s Java‑based Sitar‑Agent sidecar streams config updates to thousands of pods instantly11 MIN

Airbnb rebuilt its Sitar‑agent sidecar in Java, using Amazon S3 to push config snapshots to every pod. The design lets tens of thousands of services receive configuration changes multiple times per minute without redeploys, improving reliability and speed at massive scale.

Observability & Reliability
PgDog adds leak‑free Postgres pooling that preserves session state4 MIN

PgDog lets you add Postgres connection pooling without breaking session state, SET commands, or LISTEN/NOTIFY. Its built‑in SQL parser tracks per‑client settings so you avoid the leaky abstractions that force code changes in existing apps. Scale safely while keeping full database feature support.

Cloud & Platform Engineering
Why One Postgres Instance Can Replace Seven Separate Data Stores2 MIN

Postgres now bundles features, unlogged tables, materialized views, pgvector, TimescaleDB, and more, enough to cover caching, queues, search, document storage, vector and time‑series workloads. Dropping extra databases slashes operational overhead, costs, and debugging complexity, letting teams focus on product rather than plumbing.

Coinbase halves AI spend with a 1,200‑agent multi‑model routing system3 MIN

Coinbase’s internal AI gateway runs 1,200 agents that automatically route requests to the cheapest model that can do the job. By defaulting to open‑weight models, routing by task type, and boosting cache hits from 5% to 60%, the firm halved its AI bill while token usage kept rising.

DevSecOps
Enable Six Free GitHub Settings to Harden Your Repo in 30 Minutes5 MIN

GitHub Security Lab bundles six free settings, SECURITY.md, private vulnerability reporting, secret scanning, Dependabot, code scanning, and branch protection, into a single guided flow that can be enabled in under half an hour. Activating them slashes obvious attack vectors and signals a serious security posture to contributors.

North Korean PolinRider Campaign Floods 108 Packages Across npm, Go, Packagist, and Chrome6 MIN

North Korean actors have broadened the PolinRider supply‑chain campaign to npm, Packagist, Go modules and a Chrome extension, injecting 162 malicious releases across 108 packages. The attackers hide obfuscated JavaScript loaders in legitimate repositories, stealing developer credentials and pushing blockchain‑based payloads. Teams must treat affected environments as compromised, rotate secrets, and audit repo histories.

GitLost lets unauthenticated attackers siphon private repo data via GitHub Agentic Workflows4 MIN

Noma Labs uncovered a prompt‑injection flaw in GitHub’s new Agentic Workflows that lets anyone post a crafted issue in a public repo and have the AI agent read and echo private code from other repos in the same organization. The attack requires no credentials, exposing critical source code and highlighting the need for tighter AI guardrails.

Vercel acquires Better Auth to give AI agents distinct identities3 MIN

Vercel bought open‑source auth startup Better Auth to build Agent Auth, a protocol that gives AI agents their own login, scoped permissions and revocable access. This lets teams treat agents as separate principals instead of sharing a human’s credentials, tightening security and control in increasingly automated DevSecOps pipelines.

JetBrains launches Central: governance layer for AI coding agents4 MIN

JetBrains announced Central, a vendor‑agnostic platform that layers policy enforcement, audit trails, and cost controls over agents like Claude Code, Codex and Gemini CLI. It lets developers keep their preferred tools while giving orgs unified visibility and compliance, turning AI‑assisted coding into a managed DevSecOps capability.

Get DevOps in your inbox, every issue.
Subscribe free
Privacy · Terms · About · Contact
© 2026 LodeHQ