Kind notes

Super excited to be chatting to Tessa Kriesel in the return of the 99 Dev Problems podcast, in about half an hour 🚀

Well, something's wrong with my RSS feed for my salary page cause there should be an update showing 👀

Was very honoured to be featured as part of #MaintainerMonth for the Open Source Initiative's view into Open Source maintainers and their experiences, and being able to share my own experiences on opensource.org :purple_heart:

This last couple of weeks, there have been a couple of big-ish things in oapi-codegen land:

• a big release for the net/http middleware (and a couple of small patch releases) which namely boasts better - or IMO, actually usable! - error handling
• the basis of our (current) governance process for the project
• an example of how to use oapi-codegen with OpenAPI 3.1 specs (as a short-term, until we support OpenAPI 3.1)

🎂

No #WeekNotes tonight as I'm on holiday for my birthday - may catch up during the week, or next Sunday!

Off the back of the tj-actions/changed-files #SupplyChainSecurity attack, I've written up how you can use #DependencyManagementData to determine the impact across your org - already found it's been very useful 👀

Finally put the finishing touches to my rewrite of the renovate-graph docs which I started on Monday at #BatchBunch

Very much looking forward to tomorrow's OpenUK Digital Meetup, where we've got the awesome Kat Cosgrove and @derickr for a "fireside chat" all about what life is like being a core maintainer. Hope to see some of y'all there at 1200 UTC

Folks may be interested to see that I've now got an RSS feed for my salary page, which is also on the Fediverse via @www.jvt.me.salary in case y'all wanna know when there are any updates to it 👀

Very exited to see that my talk, "I inherited this project, and all I got was all these angry users" from #StateOfOpenCon is now live - thanks for the super speedy publishing, OpenUK!

I was honoured to kick off the Open Source Software & Security Track with a keynote about my experiences being an Open Source maintainer, and digging into the factors that make maintaining oapi-codegen difficult, and on top of that my own personal experiences which lead to difficulties in maintaining Open Source, especially when it's used actively by companies.

There were some great discussions about the maintainer burnout problem over the conference, and I had some great chats with folks in the "hallway track".

I'll be finishing my write-up of the conference in the next week (🤞🏼) but am very excited to see the talks are already up on YouTube, so I can catch up on talks I missed, too

Thanks to those of you who were able to find the Hardwick Hub at #StateOfOpenCon and came to my talk, "I inherited this project, and all I got was all these angry users" - slides can be found 👆🏼 or in PDF form on Sched #soocon25 - would be happy to hear some tired maintainer stories from y'all too!

A very apt song to start this week off (for my US friends) - 🎶 Don't Panik - CloZee Remix 🎶

FYI that #DependencyManagementData v0.114.0 is out with an important refactor, but is one to watch out for!

If you're using the Renovate datasource, the package_names may be different to what they were previously. This now makes them actual package names, rather than the "pretty" depName but it's likely to catch folks out 👀

It always amazes me what a positive mood booster having a productive day is

Something I've been working on on-and-off for a couple of months is some tweaks to my Manual of Me, prompted by getting a new manager, and wanting to rethink the "things you should know when working with me", as well as delving much more into how #ADHD can affect my work, and some more reflections - and I'm glad that I've finally put the finishing touches on those updates.

Also re-reading my blog post from when I first created it, it's wild to think that this was the first time I'd started using Classless.css, which is now a staple of my microsites!

On the topic of joining a #union and the collective bargaining port we as workers should work towards at #OggCamp2024, I'd also recommend discussing your salary with your colleagues!

It doesn't have to be as public as my /salary page, but it's hugely useful to do and helps work out inequity

Thanks for those who came to my talk at #OggCamp2024, "89 things I know about Git commits (abridged version)" based on blog post of the same name - glad I resisted doing a couple of slide changes in the ~90 seconds before I went up on stage 🫣

I'm talking about - would you believe it - dependency-management-data at #OggCamp2024 later this afternoon 🤓🛸

Come to learn about some very interesting things you can learn from your usage of Open Source and internal dependencies 👀

With the performance management season mostly over, I've done a refresh on my CV - this can be your reminder to give yours a refresh. You don't need to be looking to keep it up to date!

Who else do I know who's going to #OggCamp? 👀 Where do folks recommend for a fairly last minute hotel nearby?

Just put the finishing touches on the latest release of oapi-codegen: v2.4.0 includes:

• #OpenAPI Overlay functionality

• Improved multi-file OpenAPI spec support

• Several other features and bug fixes

https://github.com/oapi-codegen/oapi-codegen/releases/tag/v2.4.0

I'm super surprised that semantic-release doesn't support v0.x.y releases. Pretty disappointing, and reminds me I really need to write a "you should never release a v1 as your first release" blog post

OH at #GopherConUK "do we need Kubernetes?"

Now #BridgyFed has support for federating BlueSky, hopefuly y'all should be able to follow www.jvt.me.web.brid.gy to get my posts straight from the source 👀

Very excited that in a couple of hours I'm on my first episode of @gotime to chat about oapi-codegen, #OpenAPI, Open Source maintenance and Go!

Memories - A Little Sound, Gray is such a good high energy bop ⚡🎧

Strong dislike that #Linkedin's native Web view no longer allows you to copy the URL, or open it in other browsers, and generally making it very hostile to folks who want to ie share the link with someone else, or move it to a read-it-later app

Friends in the #PHP community, would you mind sharing examples of some packages that have been officially deprecated, as well as some that have been deprecated by the community ie due to lack of maintenance or security issues?

I really need to upgrade my version of Hugo - seeing un-syntax-highlighted code ain't great for readers! (via)

Literally last night I was reading [this post on r/Rick and Morty] (https://www.reddit.com/r/rickandmorty/comments/1dvcja9/comment/lbmkw2k/) (some spoilers) and:

Political candidates that survive assassination almost always win

Is 😬😬 re US Politics

Anyone know if there's a way of tweaking the new #FirefoxNightly Android layout?

Not a fan of the two row format they've now got

Really hate that the address bar only shows the domain, not the full URL, until you tap into it 😕

🗳️✅ Get the fuckers out of power

Anyone going to #GopherConUK? 👀

New release of #oapi-codegen is out 🚀

Big changes are:

• Support for Go 1.22+ net/http enhanced routing
• Significant documentation rewrite and adding a JSON schema for configuration file autocomplete/validation

And a whole host of other changes, check out the full release notes at https://github.com/deepmap/oapi-codegen/releases/tag/v2.2.0

🎶 Drinking skinny margaritas but that ass still fat 🎶

How has no one told me that Ratchet and Clank has a PC port after all these years?!?! BRB immediately downloading and playing it

Light Cycles - ShockOne is a supremely underrated song 🎶

Very excited to be a guest on tomorrow's @cupogo and to chat about oapi-codegen, #OpenAPI and Go!

What's that? New #salary increase dropped on my /salary page.

Aside: salary looks like such a weird word, no?

Very excited to announce that @lornajane and I are running a new @openuk Meetup that's digital-only, alongside the other great events being run by the #OpenUK organisation.

Our first event will be a tie-in with #GitHub's #MaintainerMonth and we'll be hearing from a number of excellent maintainers from a variety of projects - stay tuned for more details.

Looking forward to seeing some of y'all on May 22nd at 1200 noon (UK time) for an interesting webinar!

(This will be in addition to other OpenUK events still being hybrid where possible)

GitHub relaxing the requirement of the construction of the GitHub App's JWT (under private_key_jwt) is interesting, especially if now you don't need to know the installation ID to auth.

Presumably this also means that on GitHub's side they're still limiting access to repos that an installation has access to, but I'd have assumed that by doing it by installation ID you'd get additional checks

(I'd been lazy in the past and would rarely persist the installation ID, needing me to then go in and find it through the GitHub UI 😅)

Has anyone else started getting spam from a Substack they definitely didn't subscribe to? It's for with an email I wouldn't have signed up to, and it's a language I don't know (Spanish)

I've now unsubscribed and marked it as spam - I didn't seem to get a "are you sure you want to sign up", but I did get a "thanks for subscribing" post (in Spanish)

Friends and folks working with #SBOMs - how do you conceptually think about them in terms of ingesting them into tools?

I.e. I like to think of an SBOM having a source repository or component it relates to, but sometimes you don't know that up front, and all you have is the result of a scan, which could be the source repo, a container image, or a built binary.

Considering whether:

• I try to guess what repo/component it is based on the filename
• Just store the filename in the database and allow querying with that (and leave repo info optional)
• Retrieve metadata from the SBOM that known tools use to define this
• Some 4th option?

Trying to tweak how Dependency Management Data works with SBOMs and trying to find how other folks do it and consider them

Does anyone know if there's a good way of getting a historical storage of queries that users put into #Datasette? Trying to get some stats around common queries and usage, couldn't see a plugin for it, but not sure if my searching just missed it

Listening to Tulips - Minotaur Shock Remix is forever going to remind me of the last few chapters of Leviathan Falls. It happened to be what I was listening to at the time, and the lyrics seemed to fit so perfectly with the grand finale, and listening to it just now brought that all back, including all the feels around the events.

Deffo need to re-read #TheExpanse series, what a great series.

See also: previous thoughts on the way #music can remind you of things.

For the last ~7 weeks on-and-off rewriting the documentation for oapi-codegen which has needed a fresh version for a bit of time. On top of that, I've spent pretty much the last two days solidly finishing it off, and am very glad to have just merged it!

Documentation can be difficult to do - especially if you're redoing it all in one go - but am hoping it's in a much better place for new and existing users alike!

Also introduces a CONTRIBUTING.md for the first time, and I ended up adding 14 new examples to the examples directory because I couldn't quite remember how things worked 😅

Getting great Uppermost vibes from vibes - Syence 🎶

Apropos of Why I recommend Renovate over any other dependency update tools having 12+ hours on the front page of Hacker News, y'all may be interested in a post from last year, what happens when a post goes viral

Up to 970 blog posts on my website 👀