Weeknotes 2026.12

Working with data is always great fun. I got two datasets. Both should have the same identifier. As usual, it is not the case.

Therefore, I spent a lot of time this week trying to figure out how to match those two datasets. The funny thing for me is that both datasets are coming from the same source.

After many hours I was at least able to match almost all entries in the smaller dataset. I guess it is better than nothing.

Besides that, I had to deal with the trivy security incident. It is always fun trying to figure out if we already had the infected version deployed.

The good thing was, the trivy noticed the incident before we installed the new version. But I guess, if we are using trivy in the future, we will need to enforce a stronger sandbox-like setup.

Content:

• Story of the week
• Postgres and the world of data
• Security and Privacy
• AI
• Around the world

Story of the week

Radim Marek shared a new Postgres extension called pg_regresql. This new extension allows you to find regressions in your query plans. So it should be a little bit easier to find performance issues with only a subset of the data.

• pg_regresql: truly portable PostgreSQL statistics
• Production query plans without production data

Postgres and the world of data

A git-like cli packed by Postgres

Oliver Seifert wrote about the development of pgit. pgit is a git-like cli that stores the data in a Postgres database and makes the whole history queryable.

pgit: What If Your Git History Was a SQL Database?

Postgres Meetup/Confrence reports

Hettie Dombrovskaya and Jimmy Angelakos wrote about their recent Postgres Meetup and conference experience.

• SCaLE 23x and CloudNativePG: Robust, Self-Healing PostgreSQL on Kubernetes
• Prairie Postgres March Meetup

MariaDB got a new AppArmor profile

Otto Kekäläinen wrote about the process of the development of the new AppArmor profile for MariaDB. They used an extensive test suite with more than 7,000 tests.

Automated security validation: How 7,000+ tests shaped MariaDB's new AppArmor profile

Creating a SQL-Editor

The trigger.dev team shared an article on how they built an editor to query a multi-tenant ClickHouse cluster.

How we give every user SQL access to a shared ClickHouse cluster

Postgres Release Monitor

• pg_clickhouse 0.1.5

Security and Privacy

Trivy

Trivy, a wide-known open-source vulnerability scanner, had a major security incident this week. The project got compromised by a malicious actor, and the actor deployed a credential stealer. It is never a good sign for a security vendor to get compromised. Honestly, we are using trivy as well for container scanning and SBOM creation, but I guess it is now time to evaluate trivy.

• Widely used Trivy scanner compromised in ongoing supply-chain attack
• Trivy Compromised: Everything You Need to Know about the Latest Supply Chain Attack
• Trivy Under Attack Again: Widespread GitHub Actions Tag Compromise Exposes CI/CD Secrets

Stryker got wiped

Stryker, a medical tech giant, suffered a severe attack that wiped systems. They are now in the process of restoring the systems. Obviously, a pro-Iranian hacking group wiped remotely thousands of employee devices. According to the news, the hackers did steal 50 terabytes of data. It seems like the hackers got access to the Microsoft Intune portal of the company, but to me it is surprising that they could wipe the entire system and Intune didn't prevent this. At least there is now proof that Intune scales ;-)

• Iranian Hacktivists Strike Medical Device Maker Stryker in "Severe" Attack that Wiped Systems
• Stryker says it’s restoring systems after pro-Iran hackers wiped thousands of employee devices

DarkSword

Coruna is so two weeks ago. This week the Google Threat Intelligence Group revealed a new iOS exploit chain. The chain is called DarkSword.

It utilizes six different vulnerabilities and uses JavaScript as an initial payload.

The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors

Data breach ticker

• UK’s Companies House confirms security flaw exposed business data
• Navia discloses data breach impacting 2.7 million people
• Aura confirms data breach exposing 900,000 marketing contacts

AI

Mistral

Mistral made a couple of announcements this week. First they announced Leanstral, an open-source code agent. A new multi-modal reasoning model called Mistral Small 4 was also made available. And last but not least Mistral introduced Mistral Forge.

• Leanstral: Open-Source foundation for trustworthy vibe-coding
• Introducing Mistral Small 4
• Mistral Forge

OpenAI and Astral

This week it was announced that Astal joins OpenAI. Astral is probably best known for uv. It is probably a move to strengthen the position in the Codex programming agent market.

• Astral to join OpenAI
• OpenAI tries to build its coding cred, acquires Python toolmaker Astral

Alibaba AI chips

Alibaba announced that they have made 470,000 AI chips. The chips are still inferior, but Alibaba wants to optimize the whole cloud stack around those chips and hopes they can lower inferencing costs.

Alibaba has made 470,000 AI chips, admits they’re inferior and may always be

Around the world

S3 celebrated the 20th birthday

AWS S3 turned 20. The numbers are pretty insane.

Today, the post states, S3 “stores more than 500 trillion objects and serves more than 200 million requests per second globally across hundreds of exabytes of data in 123 Availability Zones in 39 AWS Regions.”

AWS S3 turns 20 and reaches ‘hundreds of exabytes’

Free VPN

Mozilla announced that Firefox 149 will include a free built-in VPN. I guess there should be fewer tradeoffs compared to other free VPN providers. Mozilla already provides a paid VPN service which is based on the excellent Mullvad VPN.

Mozilla to launch free built-in VPN in upcoming Firefox 149

Transfer data between walled gardens

Bharat Kunwar wrote a nice article about how to transfer data between Apple and Garmin.

Getting my Apple Watch workout history into Garmin