Operations | Monitoring | ITSM | DevOps | Cloud

Mini Shai-Hulud Explained: How the TanStack and RubyGems Supply Chain Attacks Worked | Harness Blog

Shai-Hulud is back - this time being lighter, faster and more automated than before. This new wave, termed as Mini Shai-Hulud, has affected a number of packages from tanstack, uipath, opensearch-project and mistralai among others over the past few weeks, with the latest series of major compromises coming on 19th May, 2026 on major organizations openclaw-cn and antv. Check an extensive list of affected packages here.

What a Context Graph Actually Is, and How to Build One | Harness Blog

Engineers have been shipping pieces of "the graph" for years. Service maps. Dependency graphs. Knowledge graphs. RDF triples. The newest entrant is the context graph, and the reason it shows up now is specific: software is increasingly executed by agents, and agents need a model of how work actually happens, not just an index of what exists.

Core Java vs Enterprise Java: Jakarta EE, Spring Boot & Modern Trade-offs [2026 Guide] | Harness Blog

‍ When you're architecting an enterprise Java application, one decision quietly shapes everything downstream: runtime footprint, deployment pipelines, and how your platform team handles incidents at 3 a.m. For two decades, that decision was framed as Java SE vs Java EE. In 2026, that framing has quietly inverted.

Automated Release Management: From CABs to Continuous Delivery | Harness Blog

The thing with Change Advisory Boards is that the intent was always good. Get smart people in a room, look at the evidence, and make sure nothing catastrophic goes out the door. In theory, that's hard to argue with. It doesn't scale in practice. Things happen between meetings. Teams rush to hit the window. The CAB meeting may not catch every risky deployment, but at least everyone can feel good about the process before the incident happens. Automated release management asks a different question entirely.

The AI Productivity Paradox: We're Measuring the Gains and Missing the Costs | Harness Blog

For the past year, I've been hearing a version of the same thing from engineering leaders: AI tools are working, productivity is up, the business case is there. And yet, something about the picture still feels incomplete. So we decided to go find out how widespread that feeling actually is. We surveyed 700 engineers and managers across five countries, and published the results in the State of Engineering Excellence 2026.

Disaster Recovery Testing: A Practical Step-by-Step Guide for 2026 | Harness Blog

Effective disaster recovery testing follows a clear three-phase lifecycle: plan, execute, and review. Most DR programs fail not because of missing tools, but because of untested runbooks and unclear ownership. Platforms like Harness Resilience Testing bring chaos, load, and DR testing into one pipeline so teams can catch risks before they become incidents. Most organizations don't fail at disaster recovery because they lack technology.

Q1 2026 Product Update: Harness Pipeline | Harness Blog

The first quarter of 2026 introduces eight major pipeline orchestration enhancements that accelerate development, simplify validation, and strengthen governance. Execute pipelines from Git tags for immutable versioning, leverage AI to author OPA policies without Rego expertise, and gain complete visibility into queued pipelines across your account.

Q1 2026 Product Update: Harness Continuous Delivery & GitOps | Harness Blog

The first quarter of 2026 introduces AI-powered continuous verification that eliminates configuration overhead, expanded deployment platform support including Azure Container Apps and enhanced Windows capabilities, and GitOps workflow improvements that align with how teams actually ship software.

Introducing Harness Release Orchestration: Enterprise Release Management, Reimagined | Harness Blog

Enterprise releases spanning multiple services, teams, and environments demand more than spreadsheets and manual coordination. Harness Release Orchestration provides a unified framework for modeling, automating, and tracking complex releases with complete visibility from planning through production deployment.