Adam caught up with Francesc Campoy at KubeCon + CloudNativeCon 2018 in Seattle, WA to talk about the work he’s doing at source{d} to apply Machine Learning to source code, and turn that codebase into actionable insights. It’s a movement they’re driving called Machine Learning on Code. They talked through their open source products, how they work, what types of insights can be gained, and they also talked through the code analysis Francesc did on the Kubernetes code base. This is as close as you get to the bleeding edge and we’re very interested to see where this goes.

Nick Nisi joins Adam and Jerod to talk about Karaoke, ARC and the business model of web browsers, this WordPress drama, and an epic bonus for Changelog ++ subscribers.

This week Adam and Jerod talk with Brian Bondy, Co-founder and CTO of Brave. They talked through the beginnings of Brave and how BAT (Basic Attention Token) could be driving the future of how we offer funding and tips to our favorite websites and content creators. Of course, they go deep into the historical and the technical details of the Brave browser and their march to Brave 1.0. The last segment of the show covers how BAT works, how it’s being used, and also their interesting spin on an ad model that respects the user’s privacy.

In this episode we’re shining our maintainer spotlight on Feross Aboukhadijeh. Feross is the creator and maintainer of 100’s of open source projects which have been downloaded 100’s of million of times each month — projects like StandardJS, BitMidi, and WebTorrent to name a few. This episode with Feross continues our maintainer spotlight series where we dig deep into the life of an open source software maintainer. We’re producing this series in partnership with Tidelift. Huge thanks to Tidelift for making this series possible.

Dave Kaplan (Head of Software Engineering at Policygenius) joined the show to talk about Generative Engineering Cultures and how they have become the goal of industry-aware tech teams. We talk through the topology of organizational cultures ranging from pathological, to bureaucratic, to generative, the importance of management buy-in (from the top down) on leading a generative culture, the ability to contribute original value which is deeply rooted in the concept of aligned autonomy. We also covered the 6 core skills required for us to be empowered in our teams.

The Gorilla team is building an API store for LLMs, DeviceScript is Microsoft’s new TypeScript programming environment for microcontrollers, Nyxt is a hackable browser written in Lisp, Morgan Housel writes about expectations debt & I issue a gentle reminder to my fellow software engineers: there’s still no silver bullet.

Computer Scientist Yaw Anokwa joins the show to tell us how Open Data Kit is enabling data collection efforts around the world. From monitoring rainforests to observing elections to tracking outbreaks, ODK has done it all. We hear its origin story, ruminate on why it’s been so successful, learn how the software works, and even answer the question, “are people really using it in space?!” All that and more…

Adam and Jerod are joined by JS Party panelist Nick Nisi and #causeascene advocate Kim Crayton for a deep discussion on ethics in the technology industry at-large and our roles as software developers. If you’ve never heard Kim describe what life is like online for underrepresented and marginalized folks, you have to listen to this show!

Gergely Orosz is back for our annual year-end update on the tech market, writ large. How is hiring? Has AI really changed the game? What about that OpenAI fiasco?

We also talk in-depth about Gergely’s self-published book, The Software Engineer’s Guidebook, which has been four years in the making.

This week on The Changelog we’re continuing our Maintainer Month series by taking to you back to the hallway track of The Linux Foundation’s Open Source Summit North America 2023 in Vancouver, Canada. Today’s anthology episode features: Stormy Peters (VP of Communities at GitHub), Dr. Dawn Foster (Director of Open Source Community Strategy at VMware), and Angie Byron (Drupal Core Product Manager and Community Director at Aiven).

Special thanks to our friends at GitHub for sponsoring us to attend this conference as part of Maintainer Month.

We talked with Eugen Rochko, the creator of Mastodon, about where Mastodon came from the problem it aimed to solve. How it’s not exactly Twitter alternative, although that’s its known claim to fame. Why it’s probably not going anywhere. The ins-and-outs of federation, getting started, running an instance, why you would want to — cool stuff you’ve never considered could be built on top of Mastodon. And finally, the story behind naming posted content a “toot”.

This week we’re talking about big security breaches with Neil Daswani, renowned security expert, best-selling author, and Co-Director of Stanford University’s Advanced CyberSecurity Program. His book, Big Breaches: Cybersecurity Lessons for Everyone helped to guide this conversation. We cover the six common key causes (aka vectors) that lead to breaches, which of these causes are exploited most often, recent breaches such as the Equifax breach (2017), the Capital One breach (2019), and the more recent Solarwinds breach (2020).

Gerhard Lazu joins us for Kaizen 16! Our Pipe Dream™️ is becoming a reality, our custom feeds are shipping, our deploys are rolling out faster & our tooling is getting just right.

A listener request led us to Nikita Prokopov and FiraCode, and we’re sure glad they did. When we think of open source software, fonts aren’t usually high on the list of things that need maintaining. That’s not true when your font also supports hundreds of programming ligatures like FiraCode does. Nikita has his hands full!

This week on The Changelog Adam is joined by Zach Lloyd, Founder & CEO of Warp. We talked with Zach last year about what it takes to build the terminal of the future, and today Adam catches up with Zach to see where they are at on that mission. They talk about the business model of Warp, how they measure success, reaching product/market fit, building features developers love, integrating AI, and the pros and cons of going open source (again).

Adam and Jerod talk with Dominic Tarr, creator of event-stream, the IO library that made recent news as the latest malicious package in the npm registry. event-stream was turned malware, designed to target a very specific development environment and harvest account details and private keys from Bitcoin accounts.

They talk through Dominic’s backstory as a prolific contributor to open source, his stance on this package, his work in open source, the sequence of events around the hack, how we can and should handle maintainer-ship of open source infrastructure over the full life-cycle of the code’s usefulness, and what some best practices are for moving forward from this kind of attack.

Today we welcome Hisham Muhammad into our Maintainer Spotlight. Hisham is the creator of htop - a well known cross-platform interactive process viewer. This conversation with Hisham covers the gamut of being an open source software maintainer. To set the stage, a new version of htop was announced, but not by Hisham – it was a kind takeover of the project and needless to say Hisham was surprised, but ultimately relieved. Why? Well, that’s what this episode it all about…

Johannes Schickling, co-founder and CEO of Prisma, joined the show to catch us up on all things GraphQL — the tech, the possibilities, the community, how Prisma turns your database into a GraphQL API, their new business direction, Prisma Cloud, open source vs enterprise, and the upcoming GraphQL Europe in Berlin on June 15th.

This is our last week of hallway track coverage at The Linux Foundation’s Open Source Summit North America 2023 in Vancouver, Canada. Today’s anthology episode features: Jeffrey Sica (Developer Experience & Programs @ CNCF), Eddie Zaneski (Kubernetes SIG CLI), Yaron Schneider (Co-creator of Dapr and Founder and CTO at Diagrid).

Special thanks to our friends at GitHub for sponsoring us to attend this conference as part of Maintainer Month.

We’re talking with Josh Aas, the Executive Director of the Internet Security Research Group, which is the legal entity behind the Let’s Encrypt certificate authority. In June of 2017, Let’s Encrypt celebrated 100 Million certificates issued. Now, just about 2.5 years later, that number has grown to 1 Billion and 200 Million websites served. We talk with Josh about his journey and what it’s taken to build and grow Let’s Encrypt to enable a secure by default internet for everyone.

The commercial VPN industry is a minefield to navigate and many open source solutions are a pain to use or ill-suited for the task. Algo VPN, on the other hand, is a self-hosted personal VPN designed for ease of deployment and security. It uses the securest industry standards, builds on rock-solid solutions like WireGuard and Ansible, and runs on an ever-growing list of cloud hosting providers.

On this episode Dan Guido –CEO of security firm Trail of Bits and Algo’s creator– joins Jerod to discuss the project in depth.

Jeff Meyerson, host of Software Engineering Daily, and the founder of FindCollabs (a place to find collaborators for open source software) joined the show to talk about living in San Francisco, his thoughts on podcasting and where the medium is heading, getting through large scale market changes. We talk at length about his new project FindCollabs, the difficulty of reliably finding people to collaborate with, the importance of reputation and ratings systems, and his invite to this audience to check out what he’s doing and get involved.

Jerod is joined by the co-hosts of core.py , Pablo Galindo & Łukasz Langa, a podcast about Python internals by people who work on Python internals. Python 3.13 is right around the corner, which means the Global Interpeter Lock (GIL) is now experimentally optional! This is a huge deal as Python is finally free-threaded. There’s more to discuss, of course, so we get into all the gory details.

We’re revisiting Shape Up and product development thoughts with Ryan Singer, Head of Product Strategy at Basecamp. Last August we talked with Ryan when he first launched his book Shape Up and now we’re back to see how Shape Up is shaping up — “How are teams using the wisdom in this book to actually ship work that matters? How does Shape Up work in new versus existing products?” We also talk about the concept of longitudinal thinking and the way it’s impacting Ryan’s designs, plus a grab bag of topics in the last segment.

We’re joined by C J Silverio, aka ceejbot on Twitter, aka 2nd hire and former CTO at npm Inc. We talk with Ceej about her recent JS Conf EU talk titled “The Economies of Open Source” where she laid our her concerns with the JavaScript language commons being owned by venture capitalists. Currently the JavaScript language commons is controlled by the npm registery, and as you may know, npm is a VC backed for profit start up. Of course we also talk with Ceej about the bomb she dropped, Entropic, at the end of that talk — a federated package registry for JavaScript C J hopes will unseat npm and free the JavaScript language commons.

In this episode we’re shining our maintainer spotlight on Valeri Karpov. Val has been the solo maintainer of Mongoose since 2014. This episode with Val continues our maintainer spotlight series where we dig deep into the life of an open source software maintainer. We’re producing this series in partnership with Tidelift. Huge thanks to Tidelift for making this series possible.

Philipp Krenn joined the show to talk with us about Elasticsearch, the problem it solves, where it came from, and where it’s at today. We discussed the query language, what it can be compared to, whether or not it’s a database replacement or a database complement, Elasticsearch vs Elastic the company.

We also talked about the details behind Elastic’s plan of “doubling down on open” to open up X-Pack, which is open code paid add-on features to Elasticsearch. We discussed the implications of this on their business model, and what changes will take place at the code and license level on GitHub.

We’re talking with Gina Helfrich the Communications Director for NumFOCUS about their story and history, the impact of open code on science, the difference between sponsored and affiliated projects, corporate backing, the back story of their education and events program PyData, and the struggles of storytelling and fundraising.

This week we’re talking about the launch of OpenTF and what it’s going to take to successfully fork HashiCorp’s Terraform. We’re joined by Josh Padnick to discuss what exactly happened, how HashiCorp’s license change changes things, who has been impacted by this change, and ultimately what they are doing about it.

We talked with Jeremy Soller, the BDFL of Redox OS, a Unix-like Operating System written in Rust, aiming to bring the innovations of Rust to a modern microkernel and full set of applications. In this episode we talk about; OS design principals, Jeremy’s goals for Redox, why is Rust, the Micro-kernel, the Filesystem, how Linux isn’t secure enough, how he’s funding this his development, and a coding style in Rust called Safe Rust.