Adam and Jerod are joined by Ken Kantzer, co-founder of PKC Security. Ken and his team performed upwards of 20 code audits on well-funded startups. Now that it’s 7 or 8 years later, he wrote up 16 surprising observations and things he learned looking back at the experience. We gotta discuss ’em all!
The year is 2053. The tabs-vs-spaces wars are long over. Ron Evans is the only Go programmer still alive on Earth. All he does is maintain old Go code. It’s terrible! He must find a way to warn his fellow gophers before it’s too late. Good thing he finally got that PDQ transmission system working…
Rob Barnes (a.k.a. Devops Rob) and Rosemary Wang (author of Infrastructure as Code - Patterns & Practices) are joining us today to talk about infrastructure secrets.
What do Rosemary and Rob think about committing encrypted secrets into a repository? How do they suggest that we improve on storing secrets in LastPass? And if we were to choose HashiCorp Vault, what do we need to know?
Thank you Thomas Eckert for the intro. Thank you Nabeel Sulieman (ep. 46) & Kelsey Hightower (ep. 44) for your gentle nudges towards improving our infra secrets management.
While scaling up machine learning at Instacart, Montana Low and Lev Kokotov discovered just how much you can do with the Postgres database. They are building on that work with PostgresML, an extension to the database that lets you train and deploy models to make online predictions using only SQL. This is super practical discussion that you don’t want to miss!
This week Lee Robinson joins us to talk about his journey as a DevRel. We talk about what it means to be a DevRel, what orgs they fall under, how he runs his team at Vercel, Lee’s three pillars of DevRel: education, community, and product, we compare the old days of DevRel vs now, and of course what makes a DevRel a good DevRel.
Today we are talking with Frederic Branczyk, founder of Polar Signals & Prometheus maintainer. You may remember Frederic from episode 33 when we introduced Parca.dev.
This time, we talk about a database built for observability: FrostDB, formerly known as ArcticDB. eBPF generates a lot of high cardinality data, which requires a new approach to writing, persisting & then reading back this state.
TL;DR FrostDB is sub zero cool & well worthy of its name.
Josh Goldberg joins Nick, Chris & a very nasally-sounding KBall for a fun conversation around TypeScript ESLint. They discuss why we need ESLint when we have TypeScript, some useful rules in typescript-eslint, how it works, and a few hot takes along the way!
This week we’re featuring an episode of Grafana’s Big Tent! LEGO Group principal engineer Nayana Shetty swaps observability survival stories (to drill or not to drill?) with hosts Mat Ryer and Matt Toback. The trio also reveals new and different observability strategies that have been successful and effective in their organizations.
Plus: Nayana shares how she built her successful observability career brick by brick.
Could we create a digital human that processes data in a variety of modalities and detects emotions? Well, that’s exactly what NTT DATA Services is trying to do, and, in this episode, Theresa Kushner joins us to talk about their motivations, use cases, current systems, progress, and related ethical issues.
This week Jesse Grosjean joins us to talk about his career as a solo indie Mac dev. Since 2004 Jesse has been building Mac apps under the company name Hog Bay Software producing hits such as WriteRoom, Taskpaper, and now Bike. We talk through the evolution of his apps, how he considers new features and improvements, why he chose and continues to choose the Mac platform, his business model and pricing for his apps, and what it takes to build his business around macOS and the driving force of the App Store.
KBall, Ali & Nick explore a new type of segment: “WTFJS” talking about wild and wooly “it’s not a bug it’s a feature” examples in the JavaScript language. They also dive into code maintainability, and end by discussing the whiplash shift in the tech industry from “hottest market for engineers in history” to “oh noes everything is stopping!”
We’re trying something new this week: discussing the news! Natalie, Kris & Ian weigh in on GopherCon’s move to Chicago, Google DDoSing SourceHut, reflections on Go’s success, and a new/old proposal for anonymous function syntax.
Today we are talking with Maikel Vlasman, technical lead for a large Dutch machine construction company, and a cloud engineer by heart. We cover self-updating GitLab & ArgoCD, Maikel’s thinking behind dev environment setup and a Kubernetes workshop that he is preparing for his team. The goal is to function as a true DevOps team with shared responsibilities.
This conversation started as a thread in our community Slack - link in the show notes. Thank you Maikel for being a long-time Changelog listener and for reaching out to us - we enjoyed telling this story.
In this “fully connected” episode of the podcast, we catch up on some recent developments in the AI world, including a new model from DeepMind called Gato. This generalist model can play video games, caption images, respond to chat messages, control robot arms, and much more. We also discuss the use of AI in the entertainment industry (e.g., in new Top Gun movie).
Adam was invited by our friends at Square to interview Jack Dorsey as part of their annual developer conference called Square Unboxed. Jack Dorsey is one of the most prolific CEOs out there — he’s a hacker turned CEO and is often working at the very edge of what’s to come (at scale). Jack is focused on what the future has to offer, he’s considered an innovator by many. He’s also a Bitcoin maximalist and has positioned himself and Block long on Bitcoin.
What you’re about to hear is the fireside chat Adam had with Jack at Square Unboxed 2022. Jack and Adam discuss the vision Square has for the developer platform and why it’s so central to the company’s strategy.
Ali & Divya recorded seven (!) awesome conversations all about Remix and the web ecosystem live on-stage at the first-ever Remix Conf after-party!
During a conversation in the #gotime channel of Gopher Slack, Jerod mentioned that some people paint with a blank canvas while others paint by numbers. In this 8th episode of the maintenance series, we’re talking about maintaining our knowledge. With Jerod’s analogy and a little help from a Leslie Lamport interview, our panel discusses the myth of incremental progress.
Today we are talking how to optimise sociotechnical systems with Ben Ford, founder & CEO of Mission Control. The correct order is: people, process & technology. The tools are important, and we talk about specific ones in the second half of this episode, but there are rules and principles that govern how people interact, and we need to start there.
Hugging Face is increasingly becomes the “hub” of AI innovation. In this episode, Merve Noyan joins us to dive into this hub in more detail. We discuss automation around model cards, reproducibility, and the new community features. If you are wanting to engage with the wider AI community, this is the show for you!
Nick and Chris welcome back Mik and Bret to discuss logging and error handling in Node and JavaScript and the subtleties and intricacies that extend far beyond console.log!
This week we’re peeking into the future again — this time we’re looking at the future of modern code review and workflows around pull requests. Jerod and Adam were joined by two of the co-founders of Graphite — Tomas Reimers and Greg Foster.
Graphite is an open-source CLI and code review dashboard built for engineers who want to write and review smaller pull requests, stay unblocked, and ship faster. We cover all the details – how they got started, how this product emerged from another idea they were working on, the state of adoption, why stacking changes is the way of the future, how it’s just Git under the hood, and what they’re doing with the $20M in funding they just got from a16z.
The Berlin tech ecosystem was all about PHP/Python for a long time. In the recent years it became a tech hub and an early adopter of Go. In this conversation we’ll see how this reflects in the 10+ years old Go meetup, with the meetup organizing team.
This is the post-KubeCon CloudNativeCon EU 2022 week. Gerhard is talking to Matt Moore, founder & CTO of Chainguard about all things Knative and Sigstore.
The most important topic is swag, because none has better stickers than Chainguard.
The other topic is the equivalent of Let’s Encrypt for securing software.
This week we’re talking with Bruce Schneier — cryptographer, computer security professional, privacy specialist, and writer (of many books). He calls himself a “public-interest technologist”, a term he coined himself, and works at the intersection of security, technology, and people.
Bruce has been writing about security issues on his blog since 2004, his monthly newsletter has been going since 1998, he’s a fellow and lecturer at Harvard’s Kennedy School, a board member of the EFF, and the Chief of Security Architecture at Inrupt. Long story short, Bruce has credentials to back up his opinions and on today’s show we dig into the state of cyber-security, security and privacy best practices, his thoughts on Bitcoin (and other crypto-currencies), Tim Berners-Lee’s Solid project, and of course we asked Bruce to share his advice for today’s developers building the software systems of tomorrow.
Today we are at KubeCon CloudNativeCon EU 2022, talking to Adolfo GarcĂa Veytia about securing Kubernetes releases. Adolfo is a Staff Software Engineer at Chainguard, and one of the technical leads for SIG release, meaning that he helps ship Kubernetes. You most likely know him as Puerco, and have seen first-hand his passion for securing software via SBOMs, cosign and SLSA. Puerco’s love for bikes and Chainguard are a great match 🚴‍♂️
In 2020, Shawn (swyx) Wang wrote:
Every 10 years there is a changing of the guard in JavaScript. I think we have just started a period of accelerated change that could in thge future be regarded as the Third Age of JavaScript.
We’re now in year three of this third age and Swyx joins us to look back at what he missed, look around at what’s happening today, and look forward at what might be coming next.
Matt Holt & Mohammed S. Al Sahaf sit down with Natalie & Jon to discuss every gopher’s favorite open source web server with automatic HTTPS!
In addition to laying out what Caddy is and why it’s interesting, we dive deep into how you can (and why you might want to) extend Caddy as a result of its modular architecture.
Connor Sears, founder and CEO of Rewatch, joins Adam to share the journey of creating Rewatch. What began inside of GitHub to help them thrive and connect is now available to every product team on the planet. Rewatch lets teams save, manage, and search all their video content so they can collaborate async and with greater flexibility. We talk about where the tool’s inspiration came from (spoiler alert, inside GitHub it was called GitHub TV which you’ll hear during the show), how teams leverage video to reduce the constraints of communication, how Connor and his co-founder knew they had product-fit and how they grew the team and product, and of course the flip side of that — we talk about some of Connor’s failures along the way, and knowing when it’s the right time to take a big swing.
Don’t all AI methods need a bunch of data to work? How could AI help document and revitalize endangered languages with “human-in-the-loop” or “active learning” methods? Sarah Moeller from the University of Florida joins us to discuss those and other related questions. She also shares many of her personal experiences working with languages in low resource settings.
This week we’re joined by Mike Riley and we’re talking about his book Portable Python Projects (Running your home on a Raspberry Pi). We breakdown the details of the latest Raspberry Pi hardware, various automation ideas from the book, why Mike prefers Python for scripting on a Raspberry Pi, and of course why the Raspberry Pi makes sense for home labs concerned about data security.
Use the code PYPROJECTS to get a 35% discount on the book. That code is valid for approximately 60 days after the episode’s publish date.
