Stateless OCU architecture decouples compute from storage, enabling true scale-to-zero and 20x faster provisioning—trade cold starts for eliminated idle costs on small workloads.
Removes the per-collection minimum capacity requirement that forced small apps toward Algolia or Pinecone. You now pay only for active queries, not idle reservations, making serverless search viable for prototype and low-traffic deployments.
Replaces Classic architecture for new collections; existing collections stay Classic. Requires collection groups first, then collections via SDK/CLI (console simpler). Ready now in all commercial AWS regions—cold start latency is the real tradeoff teams must stress-test before switching from provisioned clusters.
“20 times faster resource provisioning than the previous serverless architecture”
“true scale-to-zero capability, and up to 60% lower cost than a provisioned cluster for peak loads”
“The new shared storage layer in the NextGen architecture decouples compute, referred to as OpenSearch Capacity Units (OCU), from storage. It makes OCUs stateless”
“OCUs do not need to bootstrap the local disk; they can start serving requests in seconds”
opensearchserverlessvector-searchawsscale-to-zero
Dev Signal
Get issues like this in your inbox — free, every weekday.
Quick Signals
uv audit scans dependencies 4-10x faster than pip-audit
uv now embeds native vulnerability scanning and optional malware detection at sync time, replacing separate audit tooling with lockfile-aware context.
Vulnerability scanning shifts from discrete CI step to inline workflow integration, catching malware before installation and reducing alert fatigue by binding checks to dependency resolution. Lockfile-aware audits leverage uv's already-resolved graph for speed.
uv audit replaces pip-audit for most projects; malware checking is opt-in via UV_MALWARE_CHECK=1 env var. Both features in preview—design unstable, breaking changes possible. Worth testing now if using uv, but wait for stable release before CI-critical workflows. Malware check requires no code changes but detection is best-effort (OSV-indexed only).
“between 4x and 10x faster on typical projects”
“uv-native alternative to pip-audit”
“lightweight OSV-based lookup for previously-resolved malware on every sync operation”
“malware frequently steals credentials or other sensitive materials. This means that a malware presence signal requires immediate response”
“These new features are in preview to give us the flexibility to iterate on their design”
3 issues a week · Free forever · 4,200+ developers
Eliminates context-switching between terminal and separate tools for agent management. Native Windows path support removes friction for local-first AI agent workflows.
Replaces manual CLI conversation management with visual interface. Requires Ollama v0.30.7+. Worth trying now if you're running Hermes agents locally—zero switching cost since it runs alongside existing setup.
“ollama launch hermes-desktop with native Windows configuration path support”
“Run it alongside your Hermes agent to get a visual interface for managing conversations, integrations, and messaging apps”
ollamalocal-aihermes-agentgui-toolingdev-tools
QBE 1.3 adds pattern matching, Windows ABI
New OCaml-generated instruction selector and 63% gcc-O2 performance on coremark; Windows ABI support via `-t amd64_win`.
Developers targeting QBE for production code now have measurable performance gains (33% improvement on Hare test suite) and cross-platform ABI support. Position-independent code support eliminates a blocker for shared object compilation.
Replaces QBE 1.2's tree-numbering instruction selection with metaprogrammed pattern matching via mgen. Requires recompilation; no API changes. Ready now—this is a stable release. Only gap: inlining remains unsupported (deferred for streaming compilation model).
“around 7k new lines of code and 1.5k deleted ones”
“we decided to keep only a subset of vetted passes and now score more than 63% of the performance of commercial compilers on vanilla coremark”
“I measured a 33% improvement on the Hare test suite against qbe-1.2 (1.7s vs 2.6s)”
“A new OCaml tool called mgen is used to compile lispy IL patterns into idiomatic C code”
“Compiling for Windows is now as simple as passing -t amd64_win to QBE”
Snyk pairs LLMs with security intelligence for bulk remediation
Snyk's Remediation Agent embeds security context into frontier models via an intelligence layer, improving SAST fix rates from ~72% to ~82% and SCA rates by ~94%, reducing token spend 61% in the process.
Security backlogs are growing faster than teams can triage—65–70% of production code is AI-generated and nearly half contains exploitable vulnerabilities. This shifts the bottleneck from detection to remediation, requiring tools that act on findings rather than surface more of them. Naive AI-assisted fixes fail because models lack context on dependency versions, breakability, and reachability; Snyk's intelligence layer bridges that gap.
Replaces manual triage and naive LLM-to-fix piping for SCA issues; SAST/Container/IaC still in development. Requires running experimental CLI locally with access to frontier or self-hosted models. Start here if your team is drowning in dependency upgrade backlogs—the human-in-the-loop design (you review every change) makes it low-risk to evaluate. Not ready for fully autonomous merges yet, but the benchmarks justify trying it now on SCA.
“65–70% of production code is now generated by AI, and nearly half of it contains exploitable vulnerabilities”
“Approximately doubled the fix rate (from ~23% to ~45% on average across ecosystems)”
“improved critical/high/medium severity fix rates, rising from ~44% to ~91%”
“Reduced token cost per fix by around 61%”
“detection isn't the bottleneck. Security teams don't need another tool to find risk; they need tools that act on what's been found”
Structured output constraints degrade small model accuracy
Hard schema constraints on sub-3B models reduce answer accuracy from 19.7% to 11.0% while achieving 100% schema validity—the tradeoff is semantic, not structural.
If you deploy SLMs for JSON/tool-call outputs, assuming schema enforcement improves reliability is unsafe. You need to measure executable accuracy and wrong-valid-schema rate separately, not just schema validity.
Schema-only validation replaces nothing—this reveals a measurement gap. Requires tracking four metrics independently: schema validity, answer accuracy, executable accuracy, wrong-valid-schema rate. Implement delayed constraint packaging (reason free, constrain late) instead of hard decoding. Worth testing now on your SLM pipeline before prod rollout.
“hard answer-only schema decoding raises schema validity from 61.5% to 100.0%, but lowers answer accuracy from 19.7% to 11.0% and increases wrong-valid-schema outputs from 49.5% to 88.9%”
“reason free, constrain late”
“production systems should report schema validity, answer accuracy, executable accuracy, and wrong-valid-schema rate separately”