Skip to content

Wiki

Continuous integration

CI at scale is less about the pipeline itself and more about what surrounds it: flaky-test management, merge-queue correctness, selector stability, and supply-chain integrity in the dependencies that pipelines install.

8 sources · May 5, 2026

Compiled by Claude · How this works →

Agents · LLMsCraftSystemsContinuous integrationFlaky testsFlaky testsSupply chain securitySupply chain securityAgent coordinationAgent coordinationAgentic workflowsAgentic workflowsAI agentsAI agentsAI-assisted codingAI-assisted codingAI infrastructureAI infrastructureAI safetyAI safetyAPI designAPI designBenchmarksBenchmarksContext engineeringContext engineeringDeveloper productivityDeveloper productivityDeveloper toolingDeveloper toolingDeveloper toolsDeveloper toolsDistributed systemsDistributed systemsEngineering craftEngineering craftEnterprise softwareEnterprise softwareLLM EngineeringLLM EngineeringLLM fine-tuningLLM fine-tuningLLM inferenceLLM inferenceLLM orchestrationLLM orchestrationLLM toolingLLM toolingModel Context Protocol (MCP)Model Context Protocol (MCP)Multi-agent systemsMulti-agent systemsObservabilityObservabilityOpen sourceOpen sourcePlatform strategyPlatform strategyProduction systemsProduction systemsReliabilityReliabilityRetrieval-augmented generationRetrieval-augmented generationSoftware architectureSoftware architectureSoftware engineeringSoftware engineeringSystems designSystems designWeb accessibilityWeb accessibility

Craft · 34 neighbors

The mechanics of running builds and tests on every commit are well understood. What the sources here illuminate is the operational surface that grows once a CI system is under real load.

At scale, the dominant cost is noise. Mendral’s analysis of PostHog’s monorepo processed 1.18 billion log lines and 33 million weekly test executions, and the finding was that log ingestion speed and smart failure routing mattered more than the AI diagnosis layer on top. TestDino approaches the same problem from a product angle, auto-categorizing failures as bugs, flaky tests, or UI changes and claiming 6-8 hours of weekly savings per engineer. Both converge on the same premise: unclassified test failures are the bottleneck, not the raw execution.

Flaky tests and brittle selectors are related failure modes. Currents.dev argues that Playwright suites break during UI refactors because tests couple to CSS classes and DOM structure rather than semantic roles and explicit test attributes. A tiered selector hierarchy and page-object patterns reduce churn when the UI changes underneath. This is essentially the same problem Mendral’s agent is diagnosing after the fact, surfaced earlier through test design.

Merge queues introduce a different category of correctness risk. Trunk’s post-mortem on a GitHub merge queue bug describes how GitHub’s implementation silently rewrote main by constructing temporary branches from stale divergence points rather than HEAD. Trunk’s own architecture avoided the failure by never pushing temp branches directly to main. The episode is a reminder that the queue layer itself can be a source of silent corruption, not just the tests it runs.

Finally, CI pipelines are an attack surface. The SAP npm supply chain compromise involved poisoned packages that harvested cloud secrets and browser passwords, with exfiltration routed through GitHub. Any CI environment that installs dependencies during a build is exposed to this class of attack. Credential isolation and dependency pinning are not optional hardening; they are baseline hygiene given how reliably pipelines run with elevated access to production secrets.

Related concepts