Dependencies! We need them, but how do we use them effectively and safely? In this week’s episode Kris is joined by Ian and Johnny to discuss the polyfill.io supply chain attack, the history of dependency management and usage in Go, and the Go Proverb that “a little copying is better than a little dependency”. Of cours...
Predrag Gruevski and Chris Krycho joined the show to talk about SemVer. We explore the challenges and the advantages of semantic versioning (aka SemVer), the need for improving the tooling around SemVer, where semantic versioning really shines and where it’s needed, Types and SemVer, whether or not there’s a better way...
Maintainer Week is finally here and we’re excited to make this an annual thing! If Maintainer Week is new to you, check out episode #442 with Josh Simmons and Kara Sowles. Today we’re talking Brett Cannon. Brett is Dev Manager of the Python Extension for VS Code, Python Steering Council Member, and core team member for...
This week is all about Maintainer Week — it’s a week long event starting June 7th for open source maintainers to gather, share, and be celebrated. We’re joined by Josh Simmons (Ecosystem Strategy Lead at Tidelift & President of Open Source Initiative) and Kara Sowles (Senior Open Source Program Manager at GitHub). ...
Daniel Stenberg shares his guiding principles for BDFL’ing curl, gives us his perspective on the state of the internet, talks financial independence, ensuring curl won’t be the next XZ & more!
Our award winning worthy survey game show is back, this time Mat Ryer hosts it live on stage at GopherCon EU Berlin 2024! Join in & play along as we see which team can better guess what these GopherCon gophers had to say!
Render founder/CEO Anurag Goel joins us for a look behind their platform. An application native hosting option that hides the lower levels still requires a LOT of infrastructure.
Adam & Jerod hallway-track-it between Microsoft Build interviews. Was 1999 the best year in film history? Was 2004 the worst? Have you heard the full story behind Blues Traveler’s “Hook”? Are you still reading this? Go listen! (This episode is for Changelog++ ears only.)
Thanks, Erik Dubbelboer, John Basila, Suchith, and Hiji, for co-hosting the episode!Which GUI library to choose?Caesar, a new Go Web Framework"How to prove I am good at Go apart from having work experience?""Where should I learn Go?"Learn Go with Tests
Jacob DePriest, VP and Deputy Chief Security Officer at GitHub, joins the show this week to talk about securing GitHub. From Artifact Attestations, profile hardening, preventing XZ-like attacks, GitHub Advanced Security, code scanning, improving Dependabot, and more.
This week on The Business of Open Source, I spoke with Karthik Ranganathan, founder and co-CEO of Yugabyte. This is the second time Karthik has been on the podcast, but since three years had passed I thought it’d be a good idea to catch up and see what’s changed at Yugabyte and how his...
In this episode of the Mechanical Ink podcast, host Schalk Neethling sits down with Ethan Marcotte, a prominent figure in web design known for coining the term "responsive web design." Ethan's journey in the design world spans over two decades, during which he has significantly influenced how websites are created and experienced across various devices.
This week we’re catching up on the news! Kris is joined by Ian to discuss some of the recent news from around the Go community. Listen in to hear whether the co-hosts believe there’s software that shouldn’t be written in Go, their thoughts on if Go is evolving in the right direction & whether common nouns make good...
<p>Woody Harrelson feels supercalifragilistic about being Conan O’Brien’s friend; Ted Danson feels scared.</p><p> </p><p>Woody and Ted sit down with Conan to discuss their new podcast Where Everybody Knows Your Name with Ted Danson and Woody Harrelson (Sometimes), meeting, and pranking each other, on the set of Cheers, houseboat aspirations, and more. Later, Conan consults with his de facto assistant David Hopping about his presence on TikTok.</p><p> </p><p>For Conan videos, tour dates and more visit <a href="http://TeamCoco.com">TeamCoco.com</a>.</p><p>Got a question for Conan? Call our voicemail: (669) 587-2847.</p>
Bryan and Adam were joined by The Changelog’s Adam Stacoviak for a … wide ranging conversation! Something for everyone—especially fans of HBO’s Silicon Valley!In addition to Bryan Cantrill and Adam Leventhal, we were joined by special guest Adam Stacoviak.Some of the topics we hit on, in the...
This week on The Business of Open Source, I spoke with André Eriksson, founder and CEO at Encore. We talked about how open source develops trust, something I also discussed in the episode I recorded with Reshma Khilnani. For Encore, it’s subtly different, though. In the case of Medplum, open...
This episode features Madelyn Olson, maintainer for the open-source project Valkey, to discuss the growth and impact of open-source projects in the tech industry. Corey and Madelyn explore the transformations within these projects, particularly the challenges and shifts in governance and...
Visit our homepage - cupogo.dev - for links to our Patreon, Swag Store, and more.Next week, on June 19th, we're doing a physical meetup! Join #amsterdam on the Gopher Slack to join up.🇩🇪 GopherCon Europe next week, June 17-20Can’t afford to attend online? Fill in this form:...
Angelica is joined by Cameron Balahan, Sameer Ajmani &amp; Russ Cox from the Go Team at Google to talk about how things get done on the Go Team, how do they decide what to improve and then how do they go about improving it. We also discuss how they decide what to work when &amp; what the future of Go might look like.
Kelsey Hightower is back to share more of his wisdom. This time it’s one year after his retirement from Google. But guess what? He might be “retired,” but he’s not tired. In this episode Kelsey shares what drives him, what he fears, and how he thinks through his life choices and parenting. This is a good one.
What happens when you take three #define newbs (Thomas Eckert, Nick Nisi, Mat Ryer) &amp; pit them against the grizzled vet, Adam? Find out on this episode because our award-worthy game of fake definitions is back &amp; this time it’s even more legendary!
Discussion on why SQLite is gaining popularity, its advantages like efficiency, speed and stability, misconceptions about capabilities, and how SQLite Cloud enhances it by making it shareable and adding enterprise features.
Go 1.22.4 & 1.21.11 releasedProposalsNew: safer file open functionsgithub.com/google/safeopen alternativeopenat man pageNew: allow range-over-func to omit iteration variablesBlog: Flaky Tests Overhaul at UberBlog: Redpanda acquires Benthos to expand its end-to-end streaming data platformInterview...
The podcast episode of simplyblock's Cloud Commute features Chris Engelbert interviewing Anders Eknert. They discuss Anders' background and current role at Styra, the company behind the Open Policy Agent (OPA) project. Anders lives and works in Stockholm, Sweden, and has been involved with Styra for about three and a half years. He shares how his previous work led him to OPA due to a need for managing complex authorization requirements across diverse environments.Styra, founded by the creators of OPA, focuses entirely on the OPA ecosystem. They offer two main products: Styra DAS (Declarative Authorization Service) and an enterprise version of OPA. Styra DAS helps manage OPA at scale, providing a control plane for policy management, lifecycle, and auditing. The enterprise OPA offers enhanced performance, lower memory usage, and direct integrations with data sources.OPA itself is a policy engine that enables policies as code, allowing for decoupled and centralized policy management. Common use cases include authorization and infrastructure policies, where OPA acts as a layer between services to make policy decisions. The discussion highlights the importance of treating policy like any other code, allowing for testing, reviewing, and versioning.Chris and Anders also discuss the functionality of OPA from a developer's perspective, explaining how it integrates with services to enforce policies. They touch on the broader benefits of a unified policy management system and how OPA and Styra DAS facilitate this at scale, ensuring consistency and control across complex environments.If you have questions for Anders, you can find him here:Blog: https://www.eknert.com/LinkedIn: https://www.linkedin.com/in/anderseknertX/Twitter: https://twitter.com/anderseknertMastodon: https://hachyderm.io/GitHub: https://github.com/anderseknert/Styra and the Open Policy Agent can be found here:Styra Website: https://www.styra.com/Styra LinkedIn https://www.linkedin.com/company/styra/Styra X/Twitter: https://twitter.com/styraincOPA Website: https://www.openpolicyagent.org/OPA X/Twitter: https://twitter.com/openpolicyagentOPA GitHub: https://github.com/open-policy-agent/opaThe Cloud Commute Podcast is presented by simplyblock (https://www.simplyblock.io)
Danielle Lancashire is here to tell us how Fermyon cloud is built on top of nomad and EC2 and how they put it in a box with Kubernetes and WebAssembly.
This week on The Business of Open Source I spoke with Saurav Pathak, chief product officier at Bagisto, about a very different kind of business relationship with open source — and open source software incubated in a larger company. There were tons of interesting nuggets in this episode, but some...
Many of the largest companies rely on third-party code to run critical parts of their software. However, there's often little focus on ensuring the quality of these external dependencies. Today we speak with Feross Aboukhadijeh, CEO and founder of , a developer-first security platform. Socket helps developers and security teams release software faster and reduce time spent on security busywork. Feross is also a lecturer at Stanford, where he teaches CS233 Web Security. We discuss why the quality of third-party dependencies matters, when to start addressing this issue, how to handle unmaintained dependencies, and what tools are available for managing third-party dependencies. After listening to the episode, be sure to visit the connect with Feross on , and check out his . Mentioned in this episode: Socket at Feross on X at Feross website at:
This week on The Business of Open Source I spoke with Tanmai Gopal, co-founder of Hasura. We talked about how Hasura grew out of Tanmai’s previous company, which was a consulting company. I like to call out examples of really novel open source businesses, but in fact the thing that stuck with me...
This week on Screaming in the Cloud, Corey Quinn is joined by Kat Cosgrove, Lead Open Source Advocate for Dell Technologies. Kat catches Corey up to speed on the newest version of Kubernetes that Kat was the release lead for. The two discuss its unconventional name: Uwubernetes, what goes into...
Go 1.22.4 & 1.21.11 coming Tuesday, June 4Community eventsGolang Atlanta meetup, June 13Cup o' Go Meetup in Amsterdam, June 19Golang Tilburg meetup, June 20Proposal accepted and implemented: new iterator functions in maps package coming in 1.23Reddit: What software shouldn't you write in Go?Blog:...
Josh Koenig and David Strauss are co-founders at Pantheon, a platform for building and operating websites. Josh is the chief strategy officer, and David is the CTO. Open source software is a big part of the web, and Pantheon is a downstream user as well as a contributor to several open source projects. David is an early contributor to systemd, a component of Linux distributions, a member of the Drupal security team, and was a founding member of the first Fedora Server working group in 2011.
Josh and David share their views as downstream consumers of open source software as well as members of the community, touching on why enterprises don't contribute more to open source, the approach to open source policy and licensing changes by two different major vendors in Red Hat and HashiCorp, efforts to shore up the security of the web by moving to memory-safe languages, and more. Come for the industry insights, and stay for the many colorful analogies in this discussion, from tugboats to tofurkey.
Editor's Note: This episode was recorded before IBM agreed to acquire HashiCorp.
Tech lawyer Luis Villa returns to answer our most pressing questions: what’s up with all these new content deals? How did Google think it was a good idea to ship AI Summaries in its current state? Is it too late to opt out of AI? We also discuss AI in Hollywood (spoilers!), positive things we’re seeing (or hoping for) ...
Angelica is joined by Samantha Coyle to talk about her newly published textbook: Go Programming - From Beginner to Professional. This book serves as a go-to guide to master Go for real-world software dev success covering fundamentals to advanced topics.
This week on The Business of Open Source I spoke with Reshma Khilnani, CEO and founder of Medplum. Medplum is an open source electronic health record development platform, and one of the things I loved about this conversation is that Reshma is so focused on the healthcare industry — a level of...
We kick off our Microsoft Build 2024 “coverage” in this free-wheelin’ conversation with our friend, Shaundai Person! We’re talking Netflix infra, we’re talking sales, we’re talking real-world AI usage, we’re talking career choices…. What’s a good next step? Listen in!
In today's episode, Kelsey Hightower discusses the evolution of Kubernetes, the importance of open source, and the future of technology, including AI. Join the conversation as Kelsey shares insights on the tech industry, open source sustainability, and the impact of AI on our daily lives. Check...
ProposalsAccepted: require Linux 3.17 kernel for Go 1.24Previous discussion: Episode 61Accepted: add encoding.AppendText and encoding.AppendBinaryPrevious discussion: Episode 62Accepted: add HostLayout directive type🪟 Accepted: Normalize line endings in example output comparisonsConference...
Justin Warren is founder and principal analyst at PivotNine, a technology consulting and analyst firm based in Melbourne, Australia. Until 2023, he was a board member at Electronic Frontiers Australia, a non-profit national organization representing Internet users. At KubeCon North America last year, he asked a press conference panel of enterprise IT leaders what they were doing to compensate open source maintainers "so they don't starve to death."A self-described "filthy socialist," Warren favors a tax or tax-like system for funding open source libraries that are widely used but not full-fledged products -- especially when the alternative is an offer from a malicious actor maintainers can't refuse. Together, Warren and Beth explore various approaches to shoring up the maintenance, security and sustainability of open source software and discuss the future outlook for the industry in this episode.
Bryan Cantrill, Co-founder and CTO of Oxide Computer Company, joins Adam to share his journey from Sun to Oxide – from Sun and Fishworks, to DTrace, to ZFS, to Joyent and Node.js, and now working to build on-prem cloud servers as they should be at Oxide.
This week, we're sharing an extra special episode.
It's no secret that the decision to buy or build isn't exactly a straightforward one. And the decision you make can be influenced by a ton of factors.
But the fact is that in some instances, buying can make more sense than building, and in others, building can make more sense than buying.
In this episode, you'll hear from John Paris, Principal Engineer at Skyscanner, to get the story behind their build versus buy journey.
Joining him as the host for this episode is none other than the CPO of incident IO, Chris Evans.
In their conversation, Chris and John discuss Skyscanner's setup before adopting incident.io, what life has been like after adopting the platform, and a whole lot more.
and talk about open source and autonomy. This is even related to some recent return to office news. The conversation weaves between a few threads, but fundamentally there's some questions about why do people do what they do, especially in the world of open source. This also is a problem we see in security, security people love to tell developers what to do. Developers don't like being told what to do. Show Notes
Jamie Tanna
.
