Newslurp

<< Stories

TypeScript Native πŸƒ, Distributed Systems Observations πŸ”, PostgreSQL IDE πŸ§‘β€πŸ’»

TLDR DevOps <dan@tldrnewsletter.com>

May 26, 11:08 am

TLDR DevOps
TypeScript Native Previews bring a 10x performance boost by rewriting the TypeScript compiler in Go with shared-memory concurrency β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ  β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ 

TLDR

Together With Cloudsmith

TLDR DevOps 2025-05-26

Is your CI/CD pipeline leaking secrets? (Sponsor)

Modern CI/CD is fast but creates significant vulnerability points β€” from dependency-poisoning to credential theft.

Cloudsmith's new guide breaks down the OWASP Top 10 CI/CD security risks - including examples of pipeline exploits and mitigation techniques for Jenkins, GitHub Actions, GitLab and Kubernetes.

Also in the guide:

  • The impact of automation and IaC practices on the attack surface.
  • Why third-parties dominate the cloud-native supply chain.
  • Using open-source projects from the CNCF and OpenSSF to understand and mitigate threats.

Learn how to secure your software supply chain and cloud artifacts.

Get your copy here β†’ OWASP CI/CD Security Risks: Overview and Mitigation Guide

πŸ“±

News & Trends

Agentic DevOps: Evolving software development with GitHub Copilot and Microsoft Azure (6 minute read)

GitHub Copilot now includes advanced coding agents that act as full teammates, automating tasks like debugging, testing, code reviews, and production maintenance across the entire development lifecycle. New features such as agentic DevOps, app modernization, Azure SRE agents, and open-source integration with Visual Studio Code aim to reduce technical debt, increase developer productivity, and restore the creative joy of building software.
Introducing Claude 4 in Amazon Bedrock, the most powerful models for coding from Anthropic (5 minute read)

Anthropic has launched its next-generation Claude models, Opus 4 and Sonnet 4, which are now available on Amazon Bedrock. Opus 4 is designed for complex tasks and excels in coding and agent-focused benchmarks, while Sonnet 4 balances performance and cost, making it suitable for high-volume tasks like code reviews and bug fixes.
Announcing TypeScript Native Previews (8 minute read)

TypeScript Native Previews, codenamed Corsa, are now available via npm and bring a 10x performance boost by rewriting the TypeScript compiler in Go with shared-memory concurrency. While still under development, the new tsgo CLI and accompanying VS Code extension support JSX and JavaScript type-checking, early LSP editor features, and a Rust-based synchronous API, with more complete build and editor functionality planned by year's end.
πŸš€

Opinions & Tutorials

What are Day-0, Day-1, and Day-2 Operations? (15 minute read)

Day-0, Day-1, and Day-2 operations define the full lifecycle of software deployment, covering pre-launch planning, release execution, and ongoing maintenance. Applying this structured framework improves stability, ensures critical tasks aren't missed, and enables better collaboration and automation across teams.
Observations from a decade building Distributed Systems (3 minute read)

After ten years of development, rqlite has matured into a stable, distributed relational database built on Go, SQLite, and Raft, with a strong focus on simplicity, reliability, and maintainability. Its creator reflects on key decisionsβ€”like adopting Docker and CI early, delaying documentation and marketing, and pursuing clean architecture over hype, while reaffirming his commitment to building trustworthy systems through practical experience and personal growth.
πŸ§‘β€πŸ’»

Resources & Tools

frp (GitHub Repo)

frp is a fast reverse proxy that enables the exposure of local servers behind NATs or firewalls to the Internet. It supports TCP, UDP, HTTP, HTTPS, and P2P connect modes.
1Panel (GitHub Repo)

1Panel offers a web interface and MCP Server to manage websites, files, containers, databases, and LLMs on a Linux server.
Announcing a new IDE for PostgreSQL in VS Code from Microsoft (5 minute read)

Microsoft's new PostgreSQL extension for VS Code streamlines database development with AI-assisted queries, schema visualization, and secure Entra ID integration. It unifies local and cloud management while boosting productivity through features like IntelliSense and query history.
🎁

Miscellaneous

Red Hat Advanced Developer Suite Introduced (5 minute read)

Red Hat introduced the Advanced Developer Suite for OpenShift to enhance developer productivity and integrate AI technologies with strong security and compliance features. The suite includes tools like Developer Hub, Trusted Profile Analyzer, and Trusted Artifact Signer, which enable faster, secure development and deployment of AI-enabled applications across hybrid and multi-cloud environments.
A milestone for lightweight Kubernetes: k0s joins CNCF sandbox (2 minute read)

k0s, a lightweight and open-source Kubernetes distribution optimized for data center and edge environments, has joined the Cloud Native Computing Foundation as a Sandbox project. This milestone enhances its visibility, fosters collaboration within the cloud-native community, and supports its mission to simplify and expand Kubernetes adoption.
⚑

Quick Links

Codacy x Microsoft: Secure AI coding in VS Code (Sponsor)

See how to secure your coding agent workflow. Join Codacy and Microsoft live on May 29 as they demo real-time security in VS Code β€” including how AI-generated code can meet your standards before it's written. Save your spot
Putting an end to CAPTCHA (5 minute read)

Fastly's Dynamic Challenges intelligently serve the appropriate level of CAPTCHA verification based on real-time traffic analysis, improving bot protection while minimizing disruption for legitimate users.
Reinvent The Wheel (4 minute read)

The advice to β€œnot reinvent the wheel” can discourage curiosity and deep understandingβ€”rebuilding tools from scratch is often the best way to truly learn how they work.

Love TLDR? Tell your friends and get rewards!

Share your referral link below with friends to get free TLDR swag!
Track your referrals here.

Want to advertise in TLDR? πŸ“°

If your company is interested in reaching an audience of devops professionals and decision makers, you may want to advertise with us.

Want to work at TLDR? πŸ’Ό

Apply here or send a friend's resume to jobs@tldr.tech and get $1k if we hire them!

If you have any comments or feedback, just respond to this email!

Thanks for reading,
Kunal Desai & Martin Hauskrecht


Manage your subscriptions to our other newsletters on tech, startups, and programming. Or if TLDR DevOps isn't for you, please unsubscribe.