https://www.infoq.com InfoQ Application Security News feed https://www.infoq.com/news/2026/06/gitlab-19-agentic-ai/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=Application+Security-news <img src="https://res.infoq.com/news/2026/06/gitlab-19-agentic-ai/en/headerimage/header-1781418320600.jpeg"/><p>GitLab 19.0 extends agentic AI beyond code generation into securing credentials, reviewing and merging changes, and scanning dependencies, adding a public beta Secrets Manager, a full merge request Developer Flow, usage-based GitLab Duo billing, and generally available SBOM dependency scanning.</p> <i>By Mark Silvester</i> Application Security Agents Continuous Integration DevSecOps Continuous Delivery Development DevOps news Fri, 19 Jun 2026 08:00:00 GMT https://www.infoq.com/news/2026/06/gitlab-19-agentic-ai/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=Application+Security-news Mark Silvester 2026-06-19T08:00:00Z /news/2026/06/gitlab-19-agentic-ai/en https://www.infoq.com/news/2026/06/vscode-extension-update-delay/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=Application+Security-news <img src="https://www.infoq.com/styles/static/images/logo/logo_bigger.jpg"/><p>VS Code 1.123 adds a two-hour delay before auto-updating extensions to newly published versions, creating a revocation window against supply chain attacks. The delay does not apply to trusted publishers like Microsoft, GitHub, and OpenAI. Similar cooldown mechanisms have now spread across pip, RubyGems, npm, pnpm, Yarn, and Bun.</p> <i>By Steef-Jan Wiggers</i> Application Security Software Supply Chain Visual Studio Code Development Architecture & Design DevOps news Thu, 18 Jun 2026 10:15:00 GMT https://www.infoq.com/news/2026/06/vscode-extension-update-delay/?utm_campaign=infoq_content&utm_source=infoq&utm_medium=feed&utm_term=Application+Security-news Steef-Jan Wiggers 2026-06-18T10:15:00Z /news/2026/06/vscode-extension-update-delay/en