What's the difference between Renovate's depName
and packageName
? (3 mins read).

What the differences are, and where you may want to use one or the other.
What's the difference between Renovate's depName
and packageName
? (3 mins read).
What the differences are, and where you may want to use one or the other.
i had some really stressful interactions on github yesterday and today. lets just remember many of us are doing this OSS work for free and to do good, kindness is appreciated
Was very honoured to be featured as part of #MaintainerMonth for the Open Source Initiative's view into Open Source maintainers and their experiences, and being able to share my own experiences on opensource.org :purple_heart:
My experience as a maintainer (8 mins read).
A guest post for opensource.org, about my experience as a maintainer, as part of 2025's Maintainer Month.
Lessons from 100+ DevTool founders - DevTools successes, failures and stories in a free weekly email and podcast.
Creating nested fenced code blocks with Hugo (1 mins read).
How to write a Markdown file with a fenced code block, which includes another code block inside it.
Taking more control over your Cobra CLI documentation (2 mins read).
Releasing a library to manage the generation of Cobra CLI documentation using text/template
s.
Setting up SSH key signing with Git (1 mins read).
How to sign your Git commits, using SSH keys.
I recently had a chat with Kairo about a project he maintains called Repository Service for TUF (RSTUF). We explain why TUF is tough (har har har), what RSTUF can do, and some of the challenges around securing repositories. The show notes and blog post for this episode can be found at
Lessons from 100+ DevTool founders - DevTools successes, failures and stories in a free weekly email and podcast.
Week Notes 25#20 (3 mins read).
What happened in the week of 2025-05-12?
After 25 years in tech it’s hard not to coast. Adriana has come from writing word docs for the ops team to deploy software, through Devops, and now has a focus on OTel and Kubernetes. How do we get more people from 100 to 400 levels and why is there no content in between? And why we need junior...
Improving the experience of browsing Renovate debug logs (4 mins read).
Creating a Terminal User Interface (TUI) application to improve the debugging experience with Renovate's debug logs.
Marianne, author of Kill It with Fire, and Greg join host Richard to dive into their new paper, “10 Quick Tips for Making Your Software Outlive Your Job.”
Go Meetup in San Francisco - Sponsored by Elastic & Cup o' GoIan Lance Taylor leaves the Go teamBlog: wget to Wipeout: Malicious Go Modules Fetch Destructive PayloadBlog: Security: The Habits That Matter Most by Christoph Berger⚡ Interview with Kevin Hoffman of SparkLogsSparkLogs.comSparkLogs on...
Derek Collison — creator of NATS and Co-founder & CEO of Synadia — joins the show to dive into the origins, design, and evolution of NATS, a high-performance, open-source messaging system built for modern cloud-native systems and part of the CNCF. Derek shares the story behind NATS, what makes it unique, and unpacks th...
😮💨
dipshits in 2019: you people are NPCs, you don't even think for yourselves dipshits in 2025: I have outsourced my thinking to Clippy
Sami talks with Tom Akehurst, Co-Founder of WireMock, about the delay and disconnect between front and back end development and how WireMock set out to bridge the two together.
William Woodruff discussed his project, Zizmor, a security linter designed to help developers identify and fix vulnerabilities within their GitHub Actions workflows. This tool addresses inherent security risks in GitHub Actions, such as injection vulnerabilities, permission issues, and mutable tags, by providing static analysis and remediation guidance. Fresh off the heels of the tj-actions/changed-files backdoor, this is a great topic with some things everyone can do right away. The show notes and blog post for this episode can be found at
Looking back at oapi-codegen
's last year (6 mins read).
A recap of oapi-codegen
's last year, in light of it being Maintainer Month, and continuing to ask for sponsorship.
What's in the SOSS? features the sharpest minds in security as they dig into the challenges and opportunities that create a recipe for success in making software more secure. Get a taste of all the ingredients that make up secure open source ...
Thanks for listening. Check out all the links to all the things at https://cupogo.dev/.GCC 15.1 Released With Support For COBOLos: Root permits access to parent directoryGOOS=noneThe "most ergonomic" config libraryGo Meetup in San Francisco - Sponsored by Elastic & Cup o' GoLinkedIn...
Kaizen 19 has arrived! Gerhard has been laser-focused on making Jerod's pipe dream a reality by putting all of his efforts into Pipely. Has it been a big waste of time or has this epic side quest morphed into a main quest?!
Automating things, even when it doesn't save time, is how you learn the skills to automate the things that will.
Overriding a Gradle project property which has .
and _
characters, without modifying the buildscript (4 mins read).
How to use GRADLE_OPTS
to safely override a Gradle property (with special characters in its name) without modifying the buildscript.
How to set up the 'Follow' button on LinkedIn (1 mins read).
How to allow others to follow you on LinkedIn.
Migrating secrets between two Vault instances (1 mins read).
How to copy secrets from one Vault instance to another, reducing the risk of the secrets being stored on disk for too long.
Week Notes 25#19 (2 mins read).
What happened in the week of 2025-05-05?
Kicking off our 2025 Maintainer Month series, Dirkjan joins Richard to talk Rust maintenance, open source funding, and sustaining projects without burning out.
This week on The Business of Open Source, I spoke with Julian Coccia, CTO of ScanOSS, about selling access to data while making open source software. Of course, we also talked about being an open source company that is also deep in the open source world, helping companies understand their...
Using type assertions in Go with concrete types (2 mins read).
How to perform a type assertion on a type in Go that isn't an interface
.
Nathan Sobo is back talking about the next big thing for Zed—agentic editing! You now have a full-blown AI-native editor to play with. Collaborate with agents at 120fps in a natively multiplayer IDE.
Lessons from 100+ DevTool founders - DevTools successes, failures and stories in a free weekly email and podcast.
Lessons from 100+ DevTool founders - DevTools successes, failures and stories in a free weekly email and podcast.
Lessons from 100+ DevTool founders - DevTools successes, failures and stories in a free weekly email and podcast.
Lessons from 100+ DevTool founders - DevTools successes, failures and stories in a free weekly email and podcast.
Getting Renovate to provide a changelog for digest updates to packages (on GitHub.com) (2 mins read).
How to use the new templated changelogUrl
functionality to provide more actionable changelogs for digest updates to i.e. GitHub Actions and other digest-pinned dependencies (in this example, on GitHub.com).
Lessons from 100+ DevTool founders - DevTools successes, failures and stories in a free weekly email and podcast.
Lessons from 100+ DevTool founders - DevTools successes, failures and stories in a free weekly email and podcast.
Varun Mohan, CEO of Windsurf, shares how building an AI-native IDE is reshaping software development—from optimizing LLM latency to enabling non-engineers to ship code.
Matthew Sanabria joins Bryan and Adam to talk about his role at Oxide--Solutions Software Engineer--and how it fits in with engineering, sales, support and marketing. It takes everyone in Busytown! Sound good? Apply!In addition to Bryan Cantrill and Adam Leventhal, we were joined by Oxide...