BT

Facilitating the Spread of Knowledge and Innovation in Professional Software Development

Write for InfoQ

Register Sign in

Unlock the full InfoQ experience

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources.

Log In

or

Don't have an InfoQ account?

Stay updated on topics and peers that matter to youReceive instant alerts on the latest insights and trends.
Quickly access free resources for continuous learningMinibooks, videos with transcripts, and training materials.
Save articles and read at anytimeBookmark articles to read whenever youre ready.

Logo - Back to homepage

News Articles Presentations Podcasts Guides

Topics

Development

Featured in Development

Expanding Swift from Apps to Services

Cory Benfield discusses the evolution of Swift from an app language to a critical tool for secure, high-scale services. He explains how Swift’s lack of a garbage collector eliminates tail latency and shares how its "zero-cost abstractions" rival C performance. He shares Apple’s roadmap for incremental adoption and demonstrates groundbreaking new interoperability for C++ and Java ecosystems.

All in development

Architecture & Design

Featured in Architecture & Design

Engineering Speed at Scale — Architectural Lessons from Sub-100-ms APIs

Sub‑100-ms APIs emerge from disciplined architecture using latency budgets, minimized hops, async fan‑out, layered caching, circuit breakers, and strong observability. But long‑term speed depends on culture, with teams owning p99, monitoring drift, managing thread pools, and treating performance as a shared, continuous responsibility.

All in architecture-design

AI Infrastructure

Featured in AI, ML & Data Engineering

Beyond the Warehouse: Why BigQuery Alone Won’t Solve Your Data Problems

Sarah Usher discusses the architectural "breaking point" where warehouses like BigQuery struggle with latency and cost. She explains the necessity of a conceptual data lifecycle (Raw, Curated, Use Case) to regain control over lineage and innovation. She shares practical strategies to design a single source of truth that empowers both ML teams and analytics without bottlenecking scale.

All in ai-ml-data-eng

Culture & Methods

Featured in Culture & Methods

Scaling to 100+ as a Director: Lessons From Growing Engineering Organizations

Thiago Ghisi discusses the strategic evolution required to lead 100+ engineers without breaking the organization. He explains his "Three Levels of Impact" framework and shares practical lessons on speeding up decision-making, cultivating leadership teams, and building organizational resilience. Learn why he views reorgs as a continuous deployment feature rather than a one-time traumatic event.

All in culture-methods

DevOps

Featured in DevOps

From Alert Fatigue to Agent-Assisted Intelligent Observability

As systems grow, observability becomes harder to maintain and incidents harder to diagnose. Agentic observability layers AI on existing tools, starting in read-only mode to detect anomalies and summarize issues. Over time, agents add context, correlate signals, and automate low-risk tasks. This approach frees engineers to focus on analysis and judgment.

All in devops

Events

Helpful links

Choose your language

InfoQ Architect Certification

Join Luca Mezzalira for this 5-week online cohort. Master socio-technical architecture leadership.

Register Interest.

QCon London 2026

Learn what works in AI, architecture, data, security & FinTech.

Early Bird ends Feb 10.

Learn how leading engineering teams run AI in production—reliably, securely, and at scale.

Early Bird ends Feb 10.

QCon San Francisco

Learn what's next in AI and software, from teams already doing it.

Register now.

InfoQ Homepage CodeQL Content on InfoQ

News

RSS Feed

Architecture & Design

LinkedIn Leverages GitHub Actions, CodeQL, and Semgrep for Code Scanning

LinkedIn has rebuilt its static application security testing (SAST) pipeline using GitHub Actions and custom workflows, enabling consistent, enforceable code scanning across thousands of repositories. The redesign improves security coverage, developer workflow, and observability while supporting the company’s shift-left strategy.

Leela Kumili
on Feb 06, 2026
DevOps

How GitHub Leverages CodeQL for Security

GitHub’s Product Security Engineering team secures the code behind GitHub by developing tools like CodeQL to detect and fix vulnerabilities at scale. They’ve shared insights into their approach so other organizations can learn how to use CodeQL to better protect their own codebases.

Craig Risi
on Mar 22, 2025
DevOps

GitHub CodeQL Code Scanning Now Supports Setting a Threat Model

GitHub has recently extended its CodeQL-based code scanner by adding the possibility to specify the desired threat model. The new feature is available in beta for the Java language.

Sergio De Simone
on Jan 15, 2024

BT