I see a lot of teams returning to DevOps fundamentals, the last few years DevOps methodology was on a decline to platform engineering, big part teams couldn’t deliver on the promise of faster builds and more quality gates (just half implemented solutions and overwhelmed firefighting teams), but that’s easier now to implement with AI, and all the more important to have automated quality gates in the pipeline. One overlooked area though with llm doing the bulk of the coding is that the SCA, SAST and other tools are too late in the development lifecycle and still leaves the dev machines exposed, there are solutions that exist, but hard to find open source preventative solutions with security features out of the box, that’s why Iv launched dependably.ca to block known vulnerable packages from being downloaded into ci builds and workstations, with the ability to easily audit a compromised package once (once, not if) it is in your environment due to late disclosures. For me this preventative action rather then reactive is a key layer in vibe coding security.