Newslurp

<< Stories

GitLab 18.1 πŸ†•, Measuring Commercial Impact at Scale βš–οΈ, Go Parser Security Footguns 🚨

TLDR DevOps <dan@tldrnewsletter.com>

June 23, 11:13 am

TLDR DevOps
GitLab 18.1 introduces the Maven virtual registry in beta and Duo Code Review for AI-powered automated merge request analysis β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ  β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ β€Œ 

TLDR

Together With Dynatrace

TLDR DevOps 2025-06-23

MCP to deliver a seamless, in-IDE developer experience (Sponsor)

Agentic AI is transforming how engineering teams develop applications, debug code and respond to incidents. With Dynatrace, you can monitor AI agent behavior using Model Context Protocol (MCP), automate responses, and gain full-stack visibility in real time. Live Debugger brings code-level insights into any environmentβ€”even productionβ€”without disruption. 

Combine these capabilities in the IDE with AI using natural language through coding assistants like Cline to deliver an intelligent developer experience, built for speed, scale, and innovation. 

Read more about Scaling MCP Best Practices, how TELUS leverages these capabilities, and how observability optimizes AI agents at scale

πŸ“±

News & Trends

Announcing Argo CD v3.1 (4 minute read)

Argo CD v3.1 introduces key features including beta support for OCI registries, CLI plugins, Hydrator metadata enhancements, UI-based resource scaling, and server-side apply migration. The release also delivers numerous bug fixes, security updates, performance improvements, and major dependency upgrades such as Go 1.24.4.
GitLab 18.1 released (1 minute read)

GitLab 18.1 introduces the Maven virtual registry in beta and Duo Code Review for AI-powered automated merge request analysis along with over 110 other improvements, including compromised password detection and SLSA Level 1 compliance components.
πŸš€

Opinions & Tutorials

A Cloud Dev Hack: Connecting Local Code to Remote Clusters (8 minute read)

Mirrord by MetalBear allows developers to connect local code to a remote Kubernetes pod, enabling them to code, debug, and test with access to real cluster resources without full cloud deployment. The tool intercepts system calls and reroutes them through the cluster, giving local apps access to internal APIs, queues, and secrets as if they were running inside the cluster. It can be installed as a standalone CLI tool, through the VS Code extension, or through the IntelliJ plugin.
Smart uses of imagePullSecrets in Kubernetes Cluster with ServiceAccounts (4 minute read)

By attaching imagePullSecrets to service accounts, Kubernetes users can automatically populate those secrets in Pods, streamlining the process of authenticating with private registries. This approach simplifies management compared to manually adding imagePullSecrets to every YAML file, especially when dealing with numerous Kubernetes objects.
πŸ§‘β€πŸ’»

Resources & Tools

Why Flaky Tests Are Still Breaking Your CI/CD Pipelines (Sponsor)

In this data-packed report from mabl learn:

  • Why 45% of DevOps teams say flaky tests are their top challenge
  • How high-performing teams reduce test flakiness and ship faster
  • What trends will define testing in 2025

Read the ungated report

ty (GitHub Repo)

An extremely fast Python type checker and language server.
AG-UI (GitHub Repo)

AG-UI, an open-source and MIT-licensed protocol, streamlines the integration of AI agents with front-end applications using a lightweight, event-based system. It offers a flexible middleware layer for broad compatibility, includes a reference HTTP implementation, and provides a default connector to expedite the development of in-app agent interactions.
🎁

Miscellaneous

Everything you need to know about NIST's new guidance in β€œSP 1800-35: Implementing a Zero Trust Architecture” (10 minute read)

NIST's Special Publication 1800-35 provides practical guidance for deploying Zero Trust Architecture (ZTA) across various environments, emphasizing policy enforcement and secure access management. Cloudflare's Zero Trust platform simplifies ZTA implementation by delivering a scalable, globally distributed solution that integrates with providers like Okta, Microsoft, CrowdStrike, and SentinelOne and features FedRAMP compliance and post-quantum cryptography.
Measuring Commercial Impact at Scale at Canva (14 minute read)

Canva developed the IMPACT app, an internal tool using Snowflake, Streamlit, Snowpark, and Cortex, to measure the commercial impact of its experiments, which number over 1,800 this year. The app enables users to estimate commercial impact through a low-code or no-code experience and has reduced the time for analysis from 6+ hours to under 10 minutes.
Unexpected security footguns in Go's parsers (15 minute read)

Go's parsers have insecure defaults that attackers exploit to bypass security, including issues with duplicate keys, case-insensitive matching, and inconsistent behavior across formats. Developers should enforce strict parsing and monitor JSON v2 for safer defaults.
⚑

Quick Links

AWS WAF reduces web application security configuration steps and provides expert-level protection (2 minute read)

AWS has launched a simplified WAF console that cuts configuration steps by up to 80% and enables rapid deployment of expert-designed security protections tailored to specific application types.
AWS Certificate Manager introduces public certificates you can use anywhere (2 minute read)

AWS Certificate Manager now allows exportable public TLS certificates that include access to the private key, enabling secure use across AWS, hybrid, and multicloud environments.
Adding PostgreSQL State Backend Support to Pulumi: A Community Contribution Journey (4 minute read)

Pulumi now supports PostgreSQL as a state storage option for managing infrastructure as code, which allows for ACID transactions and faster speeds for smaller state files.

Love TLDR? Tell your friends and get rewards!

Share your referral link below with friends to get free TLDR swag!
https://refer.tldr.tech/fc7198a6/10
Track your referrals here.

Want to advertise in TLDR? πŸ“°

If your company is interested in reaching an audience of devops professionals and decision makers, you may want to advertise with us.

Want to work at TLDR? πŸ’Ό

Apply here or send a friend's resume to jobs@tldr.tech and get $1k if we hire them!

If you have any comments or feedback, just respond to this email!

Thanks for reading,
Kunal Desai & Martin Hauskrecht


Manage your subscriptions to our other newsletters on tech, startups, and programming. Or if TLDR DevOps isn't for you, please unsubscribe.