VarBear

In the past days:

• A security breach in Red Hat's consulting GitLab instance led to the theft of 570GB of data.
• Anthropic launched Petri, a new open-source tool for AI safety audits.
• Microsoft released an open-source agent framework for AI.
• GitHub introduced post-quantum secure SSH.
• Azure introduced AKS Automatic, a new way to manage Kubernetes clusters.
• Perplexity rolled out its new AI browser to everyone.
• Alpine Linux shifted to a /usr-merged file system.
• And more!

Most news outlets wrote long articles about it - paragraphs upon paragraphs of text that take time to read and understand. We took a different approach:
Instead of walls of text, we show you the news as an AI-powered visual, a practical story map that highlights:

• The core facts in seconds
• How the players connect (people, tools, orgs)
• The timeline of what happened and when
• The key numbers that actually matter
• And more

All digested in minutes, not hours. We believe this is a smarter way to follow developer news. You can see some examples here https://faun.dev/news

This is the second week since the official launch of FAUN.news()! It's a new project and if you want to show your support, we'll be glad to hear your honest feedback! Hit the reply button!

From AI-without-guardrails and AWS’s B2B pragmatism to kernel-level TLS shivs, Rust-first observability, and Postgres 18’s temporal reality checks—this one moves. If you care about faster queries, leaner boot times, and systems that hold under load, dig into the details and steal what ships.

🔎 Advanced PostgreSQL Indexing: Multi-Key Queries and Performance Optimization
🧠 Development gets better with Age
🐘 Going down the rabbit hole of Postgres 18 features by Tudor Golubenco
🌍 Google Expands AI Vibe-Coding App Opal to 15 More Countries
🛡️ How I Block All 26 Million Of Your Curl Requests
🕵️ I'm Building a Browser for Reverse Engineers
🦀 Inside Husky’s query engine: Real-time access to 100 trillion events
⚡ The 500x performance gap between Node.js version managers (and why you might not care)
🦭 walrus: ingesting data at memory speeds

Less hype, more leverage - go build!

Have a great week!
FAUN.dev Team

Google just pushed its AI coding assistant Opal into 15 more countries - and leveled up its debugger with parallel step execution. Faster runs. Smarter fixes. Better for hairy workflows.

OpenAI’s Agent Builder drops the guardrails. It’s a no-code, drag-and-drop playground for building, testing, and shipping AI workflows - logic flows straight from your brain to the screen. Tweak interfaces in Widget Studio. Plug into real systems with the Agents SDK. Just one catch: it’s locked behind Pro, Plus, or Team tiers.

A longtime AWS insider, Werner Vogels, breaks down the shift from slow-and-steady software growth to the generative AI rocket ride. Capabilities soared. Guardrails? Not so much. No docs, no handrails - just launch and learn.

AWS didn’t chase the hype. It pulled a classic AWS move: doubled down on B2B. Gave customers model choice, privacy-first defaults, and automated safeguards out of the box.

A developer built a razor-sharp TLS fingerprinting and blocking tool - all in kernel space - with eBPF and XDP. It hooks into incoming packets, scrapes TLS Client Hello messages, and cranks out simplified JA4-style hashes from their cipher suite lists.

The fun part? It's running under tight stack limits, so the dev stuffed a custom O(n²) sort into the hash logic. Yeah - bubble-sort energy, in 2024. But it fits. For state management, it leans on eBPF maps as on-the-fly blacklists. No stack overflows. No userspace detours.

System shift: This isn’t just clever - it’s a trend. Real-time packet filtering is moving down the stack. Kernel-level signals. No more babysitting by bloated firewalls or load balancers.

Walrus is a lock-free, single-node Write Ahead Log in Rust that rips through a million ops/sec and moves 1 GB/s of write bandwidth - on bare-metal, nothing fancy. It leans on mmap-backed sparse files, atomic counters, and zero-copy reads to get there.

Each topic gets its own line of 10MB memory-mapped blocks, stuffed inside 1GB files. Cleanup’s handled with checkpoint-driven deletion. No coordination overhead - just a lean async job runner and CPU-pinned writers keeping things moving.

A researcher rolled their own Chromium fork with a custom DevTools Protocol (CDP) domain - not for fun, but to surgically probe browser internals. It reaches into Canvas, WebGL, and other trickier APIs, dodging the usual sandbox and spoofing all the bot blockers they'd rather you leave alone.

It injects CDP hooks straight into runtimes you’re not supposed to touch (like OOPIFs) and pulls off auto-deobfuscation, request decoding, and live overrides. All that complexity gets surfaced through an Electron-based UI.

PostgreSQL 18 just hit stable. Big swing!

Async IO infrastructure is in. That means lower overhead, tighter storage control, and less CPU getting chewed up by I/O. Add direct IO, and the database starts flexing beyond traditional bottlenecks.

OAuth 2.0? Native now. No hacks needed. UUIDv7? Built-in support for those time-sortable keys we’ve all been duct-taping together.

Virtual generated columns are the new default. Logical replication now includes them too. Vacuum got leaner. B-tree skip scans got smarter. You get faster queries, less bloat.

Even the wire protocol got an update - for the first time since 2003. Let that one sink in.

And temporal key constraints bring real support for time-valid data integrity. Timestamped reality checks, right in the schema.

Postgres always evolves slowly. But this one moves the ground.

Benchmarks show NVM slows shell startup by as much as 500x - especially in Zsh or cold-start workflows like CI and IDEs. The culprit? Bash scripts doing too much on every load.

Volta and FNM, both written in Rust, skip the slog. They're compiled binaries, so version switching happens fast - and startup stays snappy.

Advanced PostgreSQL tuning gets real results: composite indexes and CTEs can cut query latency hard when slicing huge datasets. Add LATERAL joins and indexed subqueries into the mix, and you’ve got a top-N query pattern that holds up—even when hammering long ID lists.

SteamPipe just gutted its real-time storage engine and rebuilt it in Rust. Expect faster performance and better scaling.

Now runs on columnar storage, ships with vectorized queries, and rolls an object store-backed WAL. Serious firepower for time series data.

System shift: Another sign that high-throughput observability stacks are going Rust or going home.

Toolkit to help you get started with Spec-Driven Development

ToolHive makes deploying MCP servers easy, secure and fun

DriftDB - An experimental append-only database with built-in time travel. Query any point in history, guaranteed data integrity, and immutable audit trails. Written in Rust.

A tool to identify and investigate inauthentic user accounts and repositories.

Did you know that on macOS, a plain fsync() may not guarantee a disk’s internal write cache is flushed? SQLite provides PRAGMA fullfsync to invoke F_FULLFSYNC, and PostgreSQL has Darwin-specific paths for the same. Because F_FULLFSYNC is more expensive, storage engines often reserve it for critical commit points to ensure true durability.

"A test suite is a change detector, not a truth detector; it proves you can refactor safely, not that your system is right."
— SenseiOne

This week, we’re highlighting Jukka Forsgren — Senior Solutions Architect and GenAI Ambassador at AWS, serving as a field CTO for EMEA North accounts totaling over €100M ARR. He blends deep Kubernetes and agentic AI chops with hands-on delivery—building CDK/Python POCs, running Immersion Days/Game Days/Well-Architected sessions, and channeling customer feedback to service teams. 11× AWS Certified, RHCA, and CKA/CKAD, he’s the engineer you’ve seen at Slush and Red Hat Open Tour turning cloud strategy into shipped systems.