Host Commentary

Show Notes

This episode of Ship It Weekly is about the interface layer becoming the story. Brian covers Amazon S3 Files and why it feels more like a managed filesystem layer in front of S3 than “S3 is EFS now,” including how it relates to the old s3fs and FUSE-style approach. He also digs into 36 malicious npm packages posing as Strapi plugins, the uglier follow-on to the Trivy incident he discussed previously, Kubernetes Ingress2Gateway 1.0 and the push toward Gateway API, and Kubernetes Agent Sandbox as a sign that newer AI-style workloads are starting to reshape the platform itself.

Links

Amazon S3 Files

https://aws.amazon.com/blogs/aws/launching-s3-files-making-s3-buckets-accessible-as-file-systems/

Malicious npm packages posing as Strapi plugins

https://thehackernews.com/2026/04/36-malicious-npm-packages-exploited.html

Trivy follow-on incident discussion

https://github.com/aquasecurity/trivy/discussions/10425

RoseSecurity on Trivy / typosquatting angle

https://rosesecurity.dev/2026/03/20/typosquatting-trivy.html

Earlier episode covering the first Trivy incident

AWS Bahrain/UAE Data Center Issues Amid Iran Strikes, ArgoCD vs Flux GitOps Failures, GitHub Actions Hackerbot-Claw Attacks (Trivy), RoguePilot Codespaces Prompt Injection, Block “AI Remake” Layoffs, Claude Code Security — Ship It Weekly episode cover artEpisode 24Mar 6, 2026⏱️ 18:20AWS Bahrain/UAE Data Center Issues Amid Iran Strikes, ArgoCD vs Flux GitOps Failures, GitHub Actions Hackerbot-Claw Attacks (Trivy), RoguePilot Codespaces Prompt Injection, Block “AI Remake” Layoffs, Claude Code SecurityEpisode: AWS Bahrain/UAE Data Center Issues Amid Iran Strikes, ArgoCD vs Flux GitOps Failures, GitHub Actions Hackerbot-Claw Attacks (Trivy), RoguePilot Codespaces Prompt Injection, Block “AI Remake” Layoffs, Claude Code Security

Kubernetes Ingress2Gateway 1.0

https://kubernetes.io/blog/2026/03/20/ingress2gateway-1-0-release/

Kubernetes Agent Sandbox

https://kubernetes.io/blog/2026/03/20/running-agents-on-kubernetes-with-agent-sandbox/

Fortinet FortiClient EMS emergency patch

https://www.fortiguard.com/psirt/FG-IR-26-099

Karpathy post

https://x.com/karpathy/status/2036487306585268612

ProofShot

https://github.com/AmElmo/proofshot

More episodes and show notes

https://shipitweekly.fm

On Call Briefs

https://oncallbrief.com

Brian Teller
Hosted by
Brian Teller

25 years in production: DevOps, SRE, platform, and cloud. DevOps Institute & ITIL Ambassador.

More about Brian Teller →