Explore the latest engineering posts and summaries

Search by topic, company, or concept and scan results quickly.

Posts indexed431

Last indexedMar 14, 2026

GitHub EngineeringJan 14, 2026

Community-powered security with AI: an open source framework for security research

Why it matters: This framework lowers the barrier for security research by using AI to automate complex workflows like variant analysis. By integrating with CodeQL via MCP, it allows engineers to scale vulnerability detection using natural language, fostering a collaborative, community-driven security model.

GitHub Security Lab released the Taskflow Agent, an open-source agentic framework designed for security research and automation.
The framework leverages the Model Context Protocol (MCP) to interface with existing security tools such as CodeQL.
It allows researchers to encode and scale security knowledge using natural language to perform complex tasks like variant analysis.
The agent is experimental but ready for community use, supporting various AI backends including GitHub Models API.
A provided demo illustrates how to set up the environment in GitHub Codespaces to automate vulnerability detection workflows.

#security #mlp

Read original

Microsoft Azure BlogJan 14, 2026

Microsoft named a Leader in IDC MarketScape for Unified AI Governance Platforms

Why it matters: As AI adoption scales, engineers need unified tools to manage model lifecycles, security, and compliance. Microsoft’s integrated approach reduces operational risk and simplifies the deployment of responsible, agentic AI systems across complex multicloud environments.

Microsoft recognized as a Leader in the 2025-2026 IDC MarketScape for Unified AI Governance Platforms.
Microsoft Foundry serves as the developer control plane for model development, evaluation, deployment, and monitoring.
Microsoft Agent 365 provides a centralized IT control plane for managing and securing agentic AI across the enterprise.
Integrated security features include real-time jailbreak detection, agent identity management via Entra, and AI-specific threat protection in Defender.
Automated compliance tools in Microsoft Purview support over 100 regulatory frameworks for hybrid and multicloud environments.

#mlp #security #data

Read original

PlanetScale Tech BlogJan 14, 2026

Database Transactions

Why it matters: Understanding transaction internals like MVCC and undo logs is crucial for optimizing database performance, managing concurrency, and ensuring data integrity. It helps engineers choose between Postgres and MySQL based on their specific storage and maintenance needs.

Transactions ensure atomicity by grouping multiple SQL operations into a single unit that either fully succeeds via commit or fails via rollback.
Postgres implements consistent reads through multi-versioning, using xmin and xmax metadata to track row visibility across concurrent sessions.
MySQL achieves isolation by overwriting rows immediately while maintaining an undo log to reconstruct previous versions for other transactions.
Postgres requires periodic maintenance via VACUUM to reclaim storage space from obsolete row versions created during updates.
Consistent reads allow transactions to maintain an isolated view of data, preventing interference from simultaneous external modifications.

#data #sre

Read original

Cloudflare BlogJan 14, 2026

What came first: the CNAME or the A record?

Why it matters: This incident highlights how subtle optimizations can break systems by violating undocumented assumptions in legacy clients. It serves as a reminder that even when a protocol doesn't mandate order, real-world implementations often depend on it.

A memory optimization in Cloudflare's 1.1.1.1 resolver inadvertently changed the order of records in DNS responses.
The code change moved CNAME records to the end of the answer section instead of the beginning when merging cached partial chains.
While the DNS protocol technically treats record order as irrelevant, many client implementations process records sequentially.
Legacy implementations like glibc's getaddrinfo fail to resolve addresses if the A record appears before the CNAME that defines the alias.
The incident was resolved by reverting the optimization, restoring the original record ordering where CNAMEs precede final answers.

#sre #dist

Read original

Salesforce EngineeringJan 13, 2026

How Agentforce Enabled Conversational Recommendations with AI-Driven Intent on Data 360

Why it matters: Engineers must evolve recommendation engines from passive click-based tracking to active intent extraction. This shift enables autonomous agents to provide contextually relevant responses in real-time, solving the cold-start problem and handling unstructured data at enterprise scale.

Developed 'Understand User Intent' Agentforce action to transform unstructured conversational history into structured JSON intent signals using LLMs.
Re-architected personalization systems to prioritize real-time conversational intent over long-term behavioral history for higher relevance.
Implemented semantic catalog modeling to solve cold-start problems where historical engagement data is missing.
Integrated intent signals into existing Data 360 real-time ingestion pipelines to maintain low latency during agentic interactions.
Bridged language gaps by mapping user-specific terminology to standardized catalog metadata across multiple languages.

#data #mlp #dist

Read original

Pinterest EngineeringJan 13, 2026

PinLanding: Turn Billions of Products into Instant Shopping Collections with Multimodal AI

Why it matters: It demonstrates how to scale multimodal LLMs for production by combining expensive VLM extraction with efficient dual-encoder retrieval. This architecture allows platforms to organize billions of items into searchable collections while maintaining high precision and low operational costs.

PinLanding is a production pipeline that transforms massive product catalogs into structured shopping collections using multimodal AI.
The system uses Vision-Language Models (VLMs) to extract normalized key-value attributes from product images and metadata.
A curation layer employs LLM-as-judge and embedding-based clustering to consolidate sparse attributes into a searchable vocabulary.
To scale, Pinterest uses a CLIP-style dual-encoder model to map products and attributes into a shared embedding space for efficient assignment.
The infrastructure leverages Ray for distributed batch inference, allowing independent scaling of CPU-bound preprocessing and GPU-bound model execution.
The pipeline processes billions of items in approximately 12 hours on 8 NVIDIA A100 GPUs, costing roughly $500 per run.

#mlp #dist #data

Read original

GitHub EngineeringJan 13, 2026

What AI is actually good for, according to developers

Why it matters: Understanding how to integrate AI without disrupting 'flow' is crucial for productivity. Effective AI tools should focus on removing toil and providing contextual assistance rather than replacing human judgment or forcing unnatural interaction patterns like constant chat-switching.

AI tools should prioritize maintaining developer flow by integrating directly into editors, terminals, and code review processes.
Natural language chat interfaces can cause cognitive burden due to context-switching; contextual, inline suggestions are often more effective.
Developers prefer AI for automating repetitive tasks like scaffolding and boilerplate while retaining control over logic and architecture.
AI serves different roles based on experience: accelerating senior developers and helping junior developers learn syntax and fundamentals.
Customization of AI tool behavior is essential to prevent AI fatigue and intrusive interruptions during the coding process.

#mlp #culture

Read original

Cloudflare BlogJan 13, 2026

What we know about Iran’s Internet shutdown

Why it matters: Understanding how nation-states manipulate BGP and IP announcements to enforce shutdowns is crucial for engineers building resilient, global systems. It highlights the vulnerability of centralized network infrastructure and the importance of monitoring tools like Cloudflare Radar.

Iran implemented a near-total internet shutdown starting January 8, 2026, following widespread civil protests.
Cloudflare Radar observed a 98.5% drop in announced IPv6 address space, signaling a deliberate disruption of routing paths.
Overall traffic volume plummeted by 90% within a 30-minute window as major ISPs like MCCI, IranCell, and TCI went offline.
By 18:45 UTC on January 8, internet traffic from the country reached effectively zero, indicating a complete disconnection from the global web.
Brief spikes in DNS traffic (1.1.1.1) and university network connectivity were observed on January 9 before being shut down again.

#data #security #dist

Read original

Engineering at MetaJan 12, 2026

CSS at Scale With StyleX

Why it matters: Managing CSS at scale is a common pain point in large frontend projects. StyleX offers a proven architecture to maintain performance and developer productivity without the typical overhead of large CSS bundles.

StyleX is Meta's open-source solution for managing CSS in large-scale codebases, combining CSS-in-JS ergonomics with static CSS performance.
The system utilizes atomic styling and deduplication to significantly reduce bundle sizes and improve web performance.
It serves as the standard styling system across Meta's core platforms, including Facebook, Instagram, WhatsApp, and Messenger.
Major industry players like Figma and Snowflake have adopted StyleX for their own large-scale web applications.
The library provides a simple API that simplifies the developer experience while maintaining the efficiency of traditional CSS.

#frontend

Read original

Airbnb EngineeringJan 12, 2026

Pay As a Local

Why it matters: This architecture demonstrates how to scale global payment systems by abstracting vendor-specific complexities into standardized archetypes. It enables rapid expansion into new markets while maintaining high reliability and consistency through domain-driven design and asynchronous orchestration.

Replatformed from a monolith to a domain-driven microservices architecture (Payments LTA) to improve scalability and team autonomy.
Implemented a connector and plugin-based architecture to standardize third-party Payment Service Provider (PSP) integrations.
Developed the Multi-Step Transactions (MST) framework, a processor-agnostic system for handling complex flows like redirects and SCA.
Categorized 20+ local payment methods into three standardized archetypes—Redirect, Async, and Direct flows—to maximize code reuse.
Utilized asynchronous orchestration with webhooks and polling to manage external payment confirmations and ensure data consistency.
Enforced strict idempotency and built comprehensive observability dashboards to monitor transaction success rates and latency across regions.

#dist #finops #sre

Read original

Page 17 of 44

Prev 1...15 16 17 18 19...44 Next