惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Hacker News: Ask HN
Hacker News: Ask HN
IT之家
IT之家
S
SegmentFault 最新的问题
T
Tailwind CSS Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
博客园 - 司徒正美
J
Java Code Geeks
博客园 - 聂微东
雷峰网
雷峰网
阮一峰的网络日志
阮一峰的网络日志
The Cloudflare Blog
博客园_首页
大猫的无限游戏
大猫的无限游戏
博客园 - 三生石上(FineUI控件)
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
博客园 - 【当耐特】
腾讯CDC
Apple Machine Learning Research
Apple Machine Learning Research
酷 壳 – CoolShell
酷 壳 – CoolShell
V
V2EX
宝玉的分享
宝玉的分享
小众软件
小众软件
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Hugging Face - Blog
Hugging Face - Blog
月光博客
月光博客
NISL@THU
NISL@THU
T
The Exploit Database - CXSecurity.com
C
CXSECURITY Database RSS Feed - CXSecurity.com
WordPress大学
WordPress大学
有赞技术团队
有赞技术团队
Blog — PlanetScale
Blog — PlanetScale
aimingoo的专栏
aimingoo的专栏
L
LINUX DO - 热门话题
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
F
Fortinet All Blogs
博客园 - Franky
L
Lohrmann on Cybersecurity
S
Secure Thoughts
量子位
V
Vulnerabilities – Threatpost
Last Week in AI
Last Week in AI
博客园 - 叶小钗
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
L
LINUX DO - 最新话题
I
InfoQ
C
CERT Recently Published Vulnerability Notes
Security Archives - TechRepublic
Security Archives - TechRepublic
P
Proofpoint News Feed
G
GRAHAM CLULEY
Cisco Talos Blog
Cisco Talos Blog

The New Stack | DevOps, Open Source, and Cloud Native News

Agentic development hinges on verification. For cloud-native software, that is a runtime problem. AI agents need infrastructure: Why Europe’s regional cloud strategy matters Transform your AI coding agent into a deterministic Java Spring expert WeAreDevelopers is coming to the US to give unsung developers a bigger voice Cleaner AI training data, fewer bugs: Sonar’s SonarSweep explained Observability overload is drowning engineers Google’s DiffusionGemma is 4x faster than its other Gemma models Fable 5: Guardrails and burn rate are annoying users, who say it’s still better than Opus 4.8 The Anthropic leader who built Claude Code says he ditched prompting — now he just writes loops. AWS can now mathematically prove your VMs are isolated Microsoft pulled 73 GitHub repos after malware attack — but still won’t say who’s compromised Databricks wants to kill the “email me a file” problem for AI agent skills Ramp bets forward deployed engineers can do what off-the-shelf finance AI can’t Git real: AI agents aren’t just for solo developers anymore Anthropic launches Claude Mythos/Fable 5, but you better try it soon This AI agent startup ditched Anthropic for DeepSeek — and says it’s saving millions When your data model is the bottleneck: lessons from Medium’s feature store How long before we stop reading the code? The tokenmaxxing party is over, and Revenium is mopping up How AI is solving the memory crunch it created Microsoft’s pitch to enterprises: Ditch Azure Repos for GitHub, despite its rocky reliability record Claude Code’s biggest upgrade yet ran 5 agents at once — here’s what happened Why Anthropic just doubled Claude Cowork limits at no charge For years, Apache Cassandra handed this work to your team — 6.0 takes it back “A dangerous combination”: The 2 factors that can “corrupt” AI agent workflows With Foundry, Microsoft bets the enterprise AI battle is about reliability, not capability Microsoft unlocks Visual Studio for developers left behind by its own AI AI teams now deploy 1,000 times a month. Your pipeline wasn’t built for that. Microsoft just made the agent runtime free — and kept everything around it “Whoever builds the most joyous product wins”: The agent war begins Netlify CTO Dana Lawson: Writing code is no longer the job From Jupyter Notebook to production: How to ship AI systems that actually work OpenClaw used Gavriel Cohen’s code and exposed the AI Agent accountability problem Replit shows how vibe coding is getting its own financial stack — and a path to profit Cloudflare aqui-hires VoidZero: Did a piece of the open web just stabilize, or become more brittle? Cursor cuts prices and adds enterprise spend controls amid “tokenomics” reckoning Google Gemma 4 12B nearly matches 26B benchmarks — and runs on your laptop Snowflake thinks it knows what’s really slowing developers down Autonomous agents have met their biggest challenge yet: The database. Why agentic AI makes the ops platform the most important layer in the enterprise How to dramatically improve enterprise security alert tuning to battle cyberattacks Why the need for humans won’t disappear in the age of autonomous databases How to secure Kubernetes in the age of AI workloads Asana says its new AI “chief of staff” turns your Slack chaos into trackable work Nvidia’s best model is now live Mate Security’s Asaf Wiener made every backend engineer a model router. He’s right to. The AI cost crisis finally has a watchdog — just not the companies causing it How to get operational data off the factory floor without creating an IT breach Why CPUs still matter in the age of AI agents Rayfin: Microsoft’s answer to the gap between vibe coding and enterprise production Microsoft bets the enterprise AI race will be won on data context, not model power “A successful attack could be catastrophic”: Anthropic gives more groups access to Claude Mythos How GitHub plans to win developers back Microsoft really, really, really wants developers to love Windows again With Intelligent Terminal, Microsoft is reinventing the Windows terminal Microsoft debuts “Scout” at Build, a new personal agent for work OpenAI’s Codex adds new tools — Sites, Annotations, more plugins — for knowledge workers GitHub Copilot’s usage-based billing is live: Here’s what you need to know OpenAI, Anthropic, Google, Amazon, and xAI all fail on type of attack, study finds JetBrains open-sources Mellum2 to go where Claude Code can’t Claude Code vs. Cursor vs. Codex vs. Antigravity — six months in This coding agent doesn’t want your feedback — it ships without it “Blowing things up”: The one move vendors got wrong on AI agents At Sapphire, SAP makes the case that enterprise AI is a context problem Gavriel Cohen found his own code inside OpenClaw, so he walked away AI retrieval at scale is becoming a systems problem, not a tooling problem The DIY platform trap that’s burning out engineering teams I tested Cursor’s new Jira integration and it’s 5 stars, no notes. Here’s why. Why GPT-5.4, Claude, and Gemini can’t agree on basic, real-world facts Replit’s vibe coding platform just got a Visa-backed identity layer for AI agents — and it changes how agents spend money Opus 4.8 Made Claude Smarter. Token Discipline Got Urgent. Why Linux creator Linus Torvalds gets angry hearing “99% of code is AI” Vendor neutrality isn’t magic: A hard look at the OpenTelemetry ecosystem “The AI did it” won’t save you when EU regulators come knocking The fix for soaring AI cloud bills exists — so why won’t we trust it? AI is shipping code faster than security was built to handle Why AWS scrapped OpenSearch’s architecture to chase agent workloads Claude Opus 4.8 is here: effort controls, dynamic workflows, cheaper fast mode, better honesty, less deception Percona celebrates 20th birthday with new foundation — and a goat cake Why OpenAI and Anthropic are hiring forward deployed engineer teams Claw-style AI agents are coming to the enterprise. The governance infrastructure is still catching up. The agentic identity crisis: Why your security isn’t ready for the AI revolution Debugging the undebuggable: building observability into probabilistic AI systems Snowflake commits $6B to AWS as it pushes deeper into AI Why MotherDuck refuses to fork DuckDB Researcher “gave Claude Code ‘ADHD’… and it thinks 2x better now.” Outside experts want more proof. “There is no accountability”: AI coding agents are installing packages no one owns “Tokenmaxxing is real, expensive & it’s spreading”: AI budgets are exploding With Google’s debut, the most important AI agent feature is now the most boring one Why AI agents need a Context Lake Google ranks the best AI for building Android apps, and the winner isn’t Gemini Google pushes Pro, Ultra, and free users from open-source Gemini CLI to closed-source Antigravity CLI The reason enterprise outages almost never start where ops teams think Taming the agentic influx: a blueprint for AI business observability How the AC/DC framework helps teams govern AI coding agents GitLab 19.0 trades its string section for a full DevSecOps orchestra Who’s monitoring the agents? How Jaeger hit 8.6× compression on 10 million spans with ClickHouse What ClickHouse learned from a year of coding with AI agents OpenClaw passed 300,000 GitHub stars. Then Google launched Spark.
Qodo just shipped cross-repo review. Here's why it matters for AI-flooded teams.
Adrian Bridgwater · 2026-06-23 · via The New Stack | DevOps, Open Source, and Cloud Native News

Late-night debugging sessions aren’t a rare edge case anymore. They are what happens when reviews can’t keep up with volume. Which is exactly why the review process has to understand cross-repository context, not just the differences that sit directly in front of it.

Itamar Friedman, co-founder & CEO of Qodo, tells The New Stack that monolithic application stacks have given way to a multi-repository backbone for modern enterprise applications. And the effects of application fragilities and corruption stemming from repository interconnects land hardest on people, not on the pipeline. 

A software engineer might now lose two days “bisecting a transitive bump” that broke a downstream service, he says.

“A one-line change in one repo silently violates an architectural invariant (a condition that is always true at a specific point in a program) another team relied on, and nobody caught it because the reviewer was skimming a 500-line code listing difference with their own deadline looming,” Friedman says.

As AI floods us with more and larger pull requests, Friedman suggests the “blast radius only grows” from here.

Because AI agents have fundamentally changed how software is built, the governance systems that enterprises created for human-paced development were not designed for the agentic software development lifecycle. Pull requests from teams with high AI adoption are already 154% larger, taking 91% longer to review, and shipping 9% more bugs, according to the “Google DORA 2025 State of AI-assisted Software Development” report.

AI-generated code at enterprise scale

Qodo wants to enable software engineering teams to stay in control against this backdrop. The company announced three new platform capabilities on Monday: Cross-Repo Code Review, Custom Rules Miner, and Skill Review Standards. These new capabilities address a set of governance gaps that have emerged as AI-generated code reaches enterprise scale.

Multi-repo advocates talk about the separation of concerns made possible by disaggregating software based on different functional domains (authentication in one place, search in another, etc.), different stack disciplines (database drivers in one place, user interface controls in another), or quite simply a separation based upon different teams’ ownership status.

Useful for isolating changes and sometimes helpful for compliance reasons, a more heterogeneous code environment also comes with a cost in complexity, reduced navigability, and more onerous maintenance. With AI now creating its own new streams of code, multi-repo setups are likely to become more prevalent in the immediate future.

The mechanics in motion here mean that as software engineering teams grow, the most important and consequential bugs are rarely contained within a single repository; more often, they have tentacles in several places. A change to a shared library, an exported API, a data schema, or an infrastructure file can introduce breaking changes across dozens of downstream services, with no warning surfaced at the point of merge.

Because coding standards often reside in wikis, developer annotations and comments, and the institutional memory of senior engineers, Qodo Custom Rules Miner is designed to disrupt the status quo. Rather than requiring teams to define standards before enforcement can begin, it automatically discovers coding patterns from existing codebase behavior and pull request history, then surfaces them as structured, enforceable rules within the Qodo platform. 

Standards in people’s heads, “subjective tribal knowledge”

“These kinds of standards were previously unenforceable, all because they lived in people’s heads or across system boundaries that no single tool could see: cross-repository architectural invariants, the subjective tribal knowledge of senior engineers, and AI agent workflows running outside any organizational visibility or control,” explains Friedman

“[One team] gamed the metric perfectly while testing nothing. That’s tribal knowledge failing twice over: the real standard (tests must assert behavior) lived in one senior engineer’s head and was never encoded, so the organization optimized the proxy instead of the thing.”

Qodo’s Skill Review Standards service is designed to formalize and simplify standardization procedures. When software teams use agent skills to encode development workflows and best practices, they also need to manage those skills, creating a governance challenge of its own. Qodo now provides centralized management for skills that contain code review instructions, coding standards, and engineering best practices. The platform discovers skills across repositories, surfaces them in a dedicated portal experience, and enables teams to control and measure their impact.

How bad can a slip in code quality get?

Friedman shares a personal favorite example of code quality checking gone wrong in an anecdote related to code coverage, i.e., the measure of how much of a developer’s codebase is executed when automated tests are run, which many would consider a proxy or even a vanity metric. 

A friend of his needed to reach 80% code coverage. One day, he checked one of the repos, and they had achieved 85% coverage; “he was so proud”, until he noticed there were no asserts (an assertion is an automated verification test that checks whether code produced the result expected) at all. 

“They had gamed the metric perfectly while testing nothing,” Friedman recounts, somewhat gleefully. “That’s tribal knowledge failing twice over: the real standard (tests must assert behavior) lived in one senior engineer’s head and was never encoded, so the organization optimized the proxy instead of the thing. That’s precisely the gap the rules system in Qodo closes, by learning the real patterns from how good engineers work and making them enforceable.”

“Speed without independent verification isn’t velocity; it’s technical debt in disguise.”

What developers should think next

There’s a lot to change here; it’s a question of new tools, new workflows (re-engineered human-coded ones and AI-generated ones), and new workplace practices. We’re at an inflection point, seeing a shift from stateless AI tools to stateful systems with persistent organizational memory. 

Friedman suggests that we can capitalize upon this. He says that as the volume of AI-generated code quickly outpaces human review, governance systems that can learn, remember, and enforce organizational standards are becoming a near-term necessity rather than a future aspiration. 

“Cross-repo review and centralized agent management matter, but without memory, they’re still stateless. You can’t be good at code review without a very strong context engine underneath it, and memory is that engine,” he surmises.

The bottom line from Qodo is that developers should realize that they can’t trust the same generalist model that wrote the code to objectively grade its own work. We already know that LLMs will confidently tell us that code works when it does not. 

Friedman’s bid for a t-shirt slogan here is: Speed without independent verification isn’t velocity; it’s technical debt in disguise. As the volume of AI-generated code has already outpaced human-paced review, the challenge is to embed governance into the development system itself through machine-readable standards, verification loops, and cross-system visibility, so that humans can oversee the process rather than inspect every line of code.

YOUTUBE.COM/THENEWSTACK

Tech moves fast, don't miss an episode. Subscribe to our YouTube channel to stream all our podcasts, interviews, demos, and more.

Created with Sketch.