InfoQ

Claude Code Adds Dynamic Workflows for Parallel Agent Coordination

Robert Krzaczyński — Mon, 01 Jun 2026 16:55:00 GMT

Anthropic introduced Dynamic Workflows, a new capability for Claude Code designed to handle complex software engineering tasks by coordinating large numbers of AI agents within a single workflow. The feature allows Claude to dynamically create orchestration scripts, break work into subtasks, run them in parallel, and validate results before presenting a final answer.

By Robert Krzaczyński

Shopify Reports 15X Faster Graphql Execution with Breadth First Engine

Leela Kumili — Mon, 01 Jun 2026 14:25:00 GMT

Shopify introduced GraphQL Cardinal, a new execution engine replacing depth-first traversal with breadth-first execution. The redesign improves large-scale GraphQL performance with up to 15x faster field execution, 6x lower GC overhead, and +4s P50 latency gains. It focuses on execution-layer efficiency and batched resolver processing for high-cardinality commerce queries.

By Leela Kumili

BadHost Vulnerability Exposes AI Agents, Evaluators, and LLM Gateways

Sergio De Simone — Mon, 01 Jun 2026 14:00:00 GMT

BadHost is a high-severity authentication bypass vulnerability in the widely used Python web framework Starlette, with 325 million weekly downloads. The flaw allows attackers to use malformed HTTP Host headers to bypass path-based access controls and access sensitive AI agent infrastructure, among other systems.

By Sergio De Simone

Presentation: Theme Systems at Scale: How To Build Highly Customizable Software

Guilherme Carreiro — Mon, 01 Jun 2026 11:30:00 GMT

Shopify Staff Engineer Guilherme Carreiro discusses building and scaling highly customizable platforms. Using Shopify’s Liquid theme system as a case study, he explains how to balance extreme design flexibility with low-latency performance under massive traffic. He shares insights on implementing secure domain-specific languages, native code extensions, and resilient developer tooling.

By Guilherme Carreiro

Article: The AI Productivity Paradox in Test Automation: Moving Beyond Structural Validation to Perception and Intent

Amanul Chowdhury, Vinay Gummadavelli — Mon, 01 Jun 2026 11:00:00 GMT

The AI productivity paradox states that AI scales whatever abstraction it is built on. If that abstraction is structurally brittle, it scales structural brittleness. This article shows how, to build a future of reliable, AI-driven test automation, we must stop scaling DOM-centric abstractions and build a new testing paradigm grounded in perception and intent.

By Amanul Chowdhury, Vinay Gummadavelli

Podcast: Requirements Analysis for Architects: A Conversation with Sonya Natanzon

Sonya Natanzon — Mon, 01 Jun 2026 11:00:00 GMT

Michael Stiefel spoke to Sonya Natanzon, about the intersection of technical and social aspects of software architecture. Understanding the business and how a company operates is more important than the specific technologies used. Effective requirements analysis requires focusing on problems to be solved that describe good and bad outcomes, rather than statements of need or solution statements.

By Sonya Natanzon

A Trailing Slash Bypassed AWS API Gateway Authorization

Steef-Jan Wiggers — Mon, 01 Jun 2026 09:55:00 GMT

A security researcher found that adding a trailing slash to AWS HTTP API paths bypassed Lambda authorizer authentication entirely, enabling unauthenticated wire transfers at a fintech. The root cause is a path normalization mismatch between HTTP API's greedy route matching and its authorization layer. The same vulnerability class appeared in gRPC-Go via CVE-2026-33186.

By Steef-Jan Wiggers

DuckDB Quack: Client/Server Protocol over HTTP for Multi-User Analytics

Renato Losio — Sun, 31 May 2026 11:17:00 GMT

DuckDB has recently announced Quack, a new remote protocol over HTTP that lets multiple DuckDB instances connect to and work with the same database over a network. The protocol introduces client-server capabilities to a database that was previously mostly local and embedded.

By Renato Losio

Arm Open-Sources Metis, an AI Security Framework Outperforming Traditional SAST Tools

Sergio De Simone — Sat, 30 May 2026 19:00:00 GMT

Arm has open-sourced Metis, an agentic AI security framework designed to autonomously uncover complex software vulnerabilities. Unlike traditional pattern-based tools, Metis applies semantic reasoning to analyze cross-component dependencies and provides clear, natural language explanations for its findings.

By Sergio De Simone

Google Cloud Suspends Railway's Production Account, Causing Eight-Hour Platform-Wide Outage

Steef-Jan Wiggers — Sat, 30 May 2026 10:03:00 GMT

Google Cloud's automated systems suspended Railway's production account without notice, triggering an eight-hour platform-wide outage affecting 3 million users. The cascade took down workloads across all providers including AWS and bare metal because Railway's control plane was hosted on GCP. Railway is demoting GCP to backup-only status.

By Steef-Jan Wiggers

How Meta Rebuilt Data Ingestion for Petabyte-Scale Reliability

Renato Losio — Sat, 30 May 2026 06:01:00 GMT

The engineering team at Meta recently outlined how the company migrated a data ingestion platform that transfers several petabytes of MySQL social graph data daily to improve reliability and operational efficiency. The team used techniques like reverse shadowing and continuous checksum monitoring to ensure zero downtime during the transition.

By Renato Losio

AI-Assisted Migration Tool Helps Teams Move from ingress-nginx to Higress in Minutes

Craig Risi — Fri, 29 May 2026 12:00:00 GMT

The Cloud Native Computing Foundation has highlighted a new AI-assisted migration approach that enabled engineers to migrate 60 ingress-nginx resources to Higress in roughly 30 minutes, demonstrating how artificial intelligence is increasingly being applied to modernize Kubernetes networking and gateway infrastructure.

By Craig Risi

Presentation: Building Evals for AI Adoption: From Principles to Practice

Mallika Rao — Fri, 29 May 2026 12:00:00 GMT

Mallika Rao discusses the hidden risk of evaluation debt in production AI systems, drawing on her experience at Twitter, Walmart, and Netflix. She explains why traditional metrics fail modern architectures, breaks down a five-layer evaluation stack spanning infrastructure and UX, and shares a diagnostic maturity model to help engineering leaders eliminate silent semantic failures.

By Mallika Rao

GitHub Slashes Agent Workflow Token Spend up to 62% with Daily Audits and MCP Pruning

Mark Silvester — Fri, 29 May 2026 08:30:00 GMT

GitHub reports cutting token costs in agentic CI workflows by up to 62% by pruning unused MCP tools, swapping some MCP calls for gh CLI, and running daily “auditor” and “optimizer” agents. A token-usage.jsonl artefact and an Effective Tokens metric help track spend across models and spot regressions.

By Mark Silvester

Presentation: From Founding Engineer to CTO to CEO – at the Same Startup

Trisha Ballakur — Thu, 28 May 2026 12:33:00 GMT

Trisha Ballakur discusses her journey from a backend software engineer to CTO and CEO, using her startup Pointz as a case study. She explains how to implement bottom-up customer discovery to find product-market fit, effectively delegate to global contractors to reduce build times, customize open-source repos like Valhalla, and apply engineering test-case models to business development.

By Trisha Ballakur