惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

B
Blog RSS Feed
Spread Privacy
Spread Privacy
T
Threatpost
C
Cisco Blogs
P
Palo Alto Networks Blog
AI
AI
Cyberwarzone
Cyberwarzone
NISL@THU
NISL@THU
P
Privacy & Cybersecurity Law Blog
G
GRAHAM CLULEY
Simon Willison's Weblog
Simon Willison's Weblog
T
Tor Project blog
Latest news
Latest news
AWS News Blog
AWS News Blog
D
Docker
S
SegmentFault 最新的问题
博客园 - 聂微东
WordPress大学
WordPress大学
Vercel News
Vercel News
S
Securelist
爱范儿
爱范儿
J
Java Code Geeks
Know Your Adversary
Know Your Adversary
S
Schneier on Security
Hugging Face - Blog
Hugging Face - Blog
F
Fortinet All Blogs
Last Week in AI
Last Week in AI
D
DataBreaches.Net
宝玉的分享
宝玉的分享
D
Darknet – Hacking Tools, Hacker News & Cyber Security
MongoDB | Blog
MongoDB | Blog
Engineering at Meta
Engineering at Meta
K
Kaspersky official blog
美团技术团队
博客园 - 叶小钗
阮一峰的网络日志
阮一峰的网络日志
量子位
博客园_首页
Attack and Defense Labs
Attack and Defense Labs
S
Secure Thoughts
Google Online Security Blog
Google Online Security Blog
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
腾讯CDC
T
Threat Research - Cisco Blogs
雷峰网
雷峰网
有赞技术团队
有赞技术团队
www.infosecurity-magazine.com
www.infosecurity-magazine.com
P
Privacy International News Feed
S
Security Affairs

The New Stack | DevOps, Open Source, and Cloud Native News

Agentic development hinges on verification. For cloud-native software, that is a runtime problem. AI agents need infrastructure: Why Europe’s regional cloud strategy matters Transform your AI coding agent into a deterministic Java Spring expert WeAreDevelopers is coming to the US to give unsung developers a bigger voice Cleaner AI training data, fewer bugs: Sonar’s SonarSweep explained Observability overload is drowning engineers Google’s DiffusionGemma is 4x faster than its other Gemma models Fable 5: Guardrails and burn rate are annoying users, who say it’s still better than Opus 4.8 The Anthropic leader who built Claude Code says he ditched prompting — now he just writes loops. AWS can now mathematically prove your VMs are isolated Microsoft pulled 73 GitHub repos after malware attack — but still won’t say who’s compromised Databricks wants to kill the “email me a file” problem for AI agent skills Ramp bets forward deployed engineers can do what off-the-shelf finance AI can’t Git real: AI agents aren’t just for solo developers anymore Anthropic launches Claude Mythos/Fable 5, but you better try it soon This AI agent startup ditched Anthropic for DeepSeek — and says it’s saving millions When your data model is the bottleneck: lessons from Medium’s feature store How long before we stop reading the code? The tokenmaxxing party is over, and Revenium is mopping up How AI is solving the memory crunch it created Microsoft’s pitch to enterprises: Ditch Azure Repos for GitHub, despite its rocky reliability record Claude Code’s biggest upgrade yet ran 5 agents at once — here’s what happened Why Anthropic just doubled Claude Cowork limits at no charge For years, Apache Cassandra handed this work to your team — 6.0 takes it back “A dangerous combination”: The 2 factors that can “corrupt” AI agent workflows With Foundry, Microsoft bets the enterprise AI battle is about reliability, not capability Microsoft unlocks Visual Studio for developers left behind by its own AI AI teams now deploy 1,000 times a month. Your pipeline wasn’t built for that. Microsoft just made the agent runtime free — and kept everything around it “Whoever builds the most joyous product wins”: The agent war begins Netlify CTO Dana Lawson: Writing code is no longer the job From Jupyter Notebook to production: How to ship AI systems that actually work OpenClaw used Gavriel Cohen’s code and exposed the AI Agent accountability problem Replit shows how vibe coding is getting its own financial stack — and a path to profit Cloudflare aqui-hires VoidZero: Did a piece of the open web just stabilize, or become more brittle? Cursor cuts prices and adds enterprise spend controls amid “tokenomics” reckoning Google Gemma 4 12B nearly matches 26B benchmarks — and runs on your laptop Snowflake thinks it knows what’s really slowing developers down Autonomous agents have met their biggest challenge yet: The database. Why agentic AI makes the ops platform the most important layer in the enterprise How to dramatically improve enterprise security alert tuning to battle cyberattacks Why the need for humans won’t disappear in the age of autonomous databases How to secure Kubernetes in the age of AI workloads Asana says its new AI “chief of staff” turns your Slack chaos into trackable work Nvidia’s best model is now live Mate Security’s Asaf Wiener made every backend engineer a model router. He’s right to. The AI cost crisis finally has a watchdog — just not the companies causing it How to get operational data off the factory floor without creating an IT breach Why CPUs still matter in the age of AI agents Rayfin: Microsoft’s answer to the gap between vibe coding and enterprise production Microsoft bets the enterprise AI race will be won on data context, not model power “A successful attack could be catastrophic”: Anthropic gives more groups access to Claude Mythos How GitHub plans to win developers back Microsoft really, really, really wants developers to love Windows again With Intelligent Terminal, Microsoft is reinventing the Windows terminal Microsoft debuts “Scout” at Build, a new personal agent for work OpenAI’s Codex adds new tools — Sites, Annotations, more plugins — for knowledge workers GitHub Copilot’s usage-based billing is live: Here’s what you need to know OpenAI, Anthropic, Google, Amazon, and xAI all fail on type of attack, study finds JetBrains open-sources Mellum2 to go where Claude Code can’t Claude Code vs. Cursor vs. Codex vs. Antigravity — six months in This coding agent doesn’t want your feedback — it ships without it “Blowing things up”: The one move vendors got wrong on AI agents At Sapphire, SAP makes the case that enterprise AI is a context problem Gavriel Cohen found his own code inside OpenClaw, so he walked away AI retrieval at scale is becoming a systems problem, not a tooling problem The DIY platform trap that’s burning out engineering teams I tested Cursor’s new Jira integration and it’s 5 stars, no notes. Here’s why. Why GPT-5.4, Claude, and Gemini can’t agree on basic, real-world facts Replit’s vibe coding platform just got a Visa-backed identity layer for AI agents — and it changes how agents spend money Opus 4.8 Made Claude Smarter. Token Discipline Got Urgent. Why Linux creator Linus Torvalds gets angry hearing “99% of code is AI” Vendor neutrality isn’t magic: A hard look at the OpenTelemetry ecosystem “The AI did it” won’t save you when EU regulators come knocking The fix for soaring AI cloud bills exists — so why won’t we trust it? AI is shipping code faster than security was built to handle Why AWS scrapped OpenSearch’s architecture to chase agent workloads Claude Opus 4.8 is here: effort controls, dynamic workflows, cheaper fast mode, better honesty, less deception Percona celebrates 20th birthday with new foundation — and a goat cake Why OpenAI and Anthropic are hiring forward deployed engineer teams Claw-style AI agents are coming to the enterprise. The governance infrastructure is still catching up. The agentic identity crisis: Why your security isn’t ready for the AI revolution Debugging the undebuggable: building observability into probabilistic AI systems Snowflake commits $6B to AWS as it pushes deeper into AI Why MotherDuck refuses to fork DuckDB Researcher “gave Claude Code ‘ADHD’… and it thinks 2x better now.” Outside experts want more proof. “There is no accountability”: AI coding agents are installing packages no one owns “Tokenmaxxing is real, expensive & it’s spreading”: AI budgets are exploding With Google’s debut, the most important AI agent feature is now the most boring one Why AI agents need a Context Lake Google ranks the best AI for building Android apps, and the winner isn’t Gemini Google pushes Pro, Ultra, and free users from open-source Gemini CLI to closed-source Antigravity CLI The reason enterprise outages almost never start where ops teams think Taming the agentic influx: a blueprint for AI business observability How the AC/DC framework helps teams govern AI coding agents GitLab 19.0 trades its string section for a full DevSecOps orchestra Who’s monitoring the agents? How Jaeger hit 8.6× compression on 10 million spans with ClickHouse What ClickHouse learned from a year of coding with AI agents OpenClaw passed 300,000 GitHub stars. Then Google launched Spark.
Backporting bug fixes is dead, Project Valkey now sends in the bots
Adrian Bridgwater · 2026-06-20 · via The New Stack | DevOps, Open Source, and Cloud Native News

When Project Valkey released version 9.1 last month, users, contributors and maintainers alike were understandably excited: There were new functionalities and improvements spanning security, observability, performance, and efficiency. 

What not everyone knew was that 9.1 had a whole batch of bug fixes performed by an AI agent.

For the uninitiated, Valkey is an open source, high-performance, in-memory data store. With a home at the Linux Foundation, the Redis alternative supports caching, message broker queues, and complex key-value data structures.

A stack of bug fixes needed cherry-picking

Madelyn Olson, Valkey project maintainer and principal engineer for AWS in-memory databases, tells The New Stack that as the team geared up for the Valkey 9.1 release, their release branch was waiting on a stack of bug fixes that needed cherry-picking. 

Beyond backporting bug fixes

“Instead of relying on manual labor to backport those bug fixes, we deployed an AI agent,” Olson says. “The agent picked up the fixes, applied them, ran the continuous integration pipelines… and seamlessly handled any merge conflicts. That is the exact kind of AI we are interested in at Valkey — real efficiency and no hype.”

Although there are efficiencies inherent to using a backport process (taking a software fix, feature, or security update from a newer version of an application and applying it to an older version), the process can still be complex and laborious in codebases where major changes or modifications are happening.

“That is the exact kind of AI we are interested in at Valkey — real efficiency and no hype.”

Olsen explains that the team used to “spend hours backporting bugs and security fixes” to older branches to make sure the database continues to perform reliably and securely across versions. This work is critical, but time-intensive for the team, as the branches diverged over time.

The goal (and therefore the validation for embracing the use of an AI code agent) was to give project maintainers their hours back for other project-critical tasks. 

“Throughout the 9.1 cycle, we deployed AI to manage backports, conduct code provenance scanning and run verification. By offloading the repetitive, manual work that doesn’t strictly require human judgment, our maintainers were able to focus their energy on core engineering,” explains Olsen. 

Valkey is a “hot” part of data ecosystems

A primary challenge for the Valkey project is managing multiple support branches simultaneously, including versions 7.2, 8.0, 8.1, 9.0 and now 9.1. Because Valkey is an always-on part of applications for its users, there can be some hesitation to update to the latest major version. Its maintainers describe this as a “healthy worry” that is born out of Valkey being a “hot” part of their ecosystems. 

To address this, the project developed a backporting agent designed to automate the maintenance work. This bot works to backport the needed changes, ensuring that backported code passes all relevant continuous integration tests for older versions. 

Humans, still in-the-loop

“The agent workflow proactively identifies test fixes that might need to be backported. Humans are still in the loop, as they are required to perform the final sign-offs before merging, but the tool has allowed our team more time for non-maintenance priorities, saving several hours of testing time per engineer per week,” says Olsen.

“The Provenance Guard agent runs automatically in the background, notifying maintainers of problematic pull requests and reducing the overall cognitive load on the human review team.”

In addition to this backporting agent, the project has also developed an AI tool to assess and maintain the integrity of the codebase. 

Known as Provenance Guard, this agent scans incoming pull requests to verify that no code is inadvertently taken from the unsanctioned codebases and applied to Valkey. The Provenance Guard agent runs automatically in the background, notifying maintainers of problematic pull requests and reducing the overall cognitive load on the human review team.

“Provenance Guard functionality inside our project is both a preliminary and auxiliary check in addition to human-driven code review,” confirms Olsen. “Said differently, the guard is not a last line of defense on our code, far from it. The agent merely offloads an initial scan from a human counterpart, allowing for another set of eyes on a highly deterministic security check.”

Provenance Guard has been successful in catching unintentional copying and its presence is another enhancement to the project’s ongoing security practices.

“Agents are excellent at routine coding tasks and summarizations, so I would challenge new engineers to ramp up quickly with AI.”

What agentic debugging means for new developers

With computer science degrees typically taking four years and ChatGPT having been around since it was launched as a public research preview on November 30, 2022, just three and a half years ago, if agents now handle routine merges seamlessly, what new skills must younger developers master to remain valuable to teams? 

“Junior developers, in addition to all the critical coding skills they’ll need to contribute to projects, should also start to tinker with AI on their own,” advises Olsen. “Agents are excellent at routine coding tasks and summarizations, so I would challenge new engineers to ramp up quickly with AI.”

She further states that because agents are “quite good at more basic tasks,” this frees newer joiners to do more systemic thinking about the direction of the project, how a certain feature impacts existing tooling.

“Whether they like it or not, it’s certain that newer engineers will be working alongside agents, so learning how to audit these bot coworkers and coexist will be integral,” Olsen says. “Pragmatism is a core tenet of how AI has been deployed amongst our community, but the results of these initial agents leave our maintainers with real optimism for what’s next.”

Ready for more agentic code support

Valkey 10.0 is the next stage of the project’s evolution. The next version of Valkey will focus on further improvements to performance, memory efficiency, agentic memory and more. 

Looking back at 9.1, Olsen and team say that the hours of labour saved from its agentic tools have allowed them to do more with its community. Everyone is curious about just how much agentic tooling will support the 10.0 launch, not to mention how different coding, debugging and other software engineering agents might look in six months or so.

YOUTUBE.COM/THENEWSTACK

Tech moves fast, don't miss an episode. Subscribe to our YouTube channel to stream all our podcasts, interviews, demos, and more.

Created with Sketch.