Open Source Icon

Open Source

All things open source.
281 Stories
All Topics

iliana etaoin iliana.fyi

There is no “software supply chain”

iliana etaoin:

There is a lot of attention on securing “software supply chains.” The usual approach is that you want to try to avoid security issues in your underlying components from impacting customers of your product; and when they do, you want to be able to respond quickly to fix the issue. The people who care about this class of problem are often software companies. The class of components that are most concerning these companies are ones where unpaid hobbyist maintainers wrote something for themselves with no maintenance plan.

This is where the supply chain metaphor — and it is just that, a metaphor — breaks down…

I think we all know this intrinsically, but it’s easy to forget. iliana goes on to describe feelings I’ve heard expressed by a few maintainers recently:

I just want to publish software that I think is neat so that other hobbyists can use and learn from it, and I otherwise want to be left the hell alone. I should be allowed to decide if something I wrote is “done”. The focus on securing the “software supply chain” has made it even more likely that releasing software for others to use will just mean more work for me that I don’t benefit from. I reject the idea that a concept so tenuous can be secured in the first place.

The Changelog The Changelog #506

Stable Diffusion breaks the internet

This week on The Changelog we’re talking about Stable Diffusion, DALL-E, and the impact of AI generated art. We invited our good friend Simon Willison on the show today because he wrote a very thorough blog post titled, “Stable Diffusion is a really big deal.”

You may know Simon from his extensive contributions to open source software. Simon is a co-creator of the Django Web framework (which we don’t talk about at all on this show), he’s the creator of Datasette, a multi-tool for exploring and publishing data (which we do talk about on this show)…most of all Simon is a very insightful thinker, which he puts on display here on this episode. We talk from all the angles of this topic, the technical, the innovation, the future and possibilities, the ethical and the moral – we get into it all. The question is, will this era be known as the initial push back to the machine?

The Changelog The Changelog #505

Typesense is truly open source search

This week we’re joined by Jason Bosco, co-founder and CEO of Typesense — the open source Algolia alternative and the easier to use ElasticSearch alternative. For years we’ve used Algolia as our search engine, so we come to this conversation with skin in the game and the scars to prove it. Jason shared how he and his co-founder got started on Typesense, why and how they are “all in” on open source, the options and the paths developers can take to add search to their project, how Typesense compares to ElasticSearch and Algolia, he walks us through getting started, the story of Typesense Cloud, and why they have resisted Venture Capital.

Nitasha Tiku washingtonpost.com

Signal hired one of Big Tech’s sharpest critics and wants your donations

Nitasha Tiku writes on The Washington Post:

The only way to escape technology that makes money off your data is by paying for products that don’t, Whittaker says. An alternative to data collection only exists if the community of people who rely on it “kick in a little bit,” she said.

Signal is one of the few successful tech products, like the Firefox browser, led by vociferous critics of Big Tech. The app offers end-to-end encryption on group text, voice and video chat, does not collect or store sensitive information and does not store backups of your data on its servers — a viable alternative to relentless data gathering at the center of tech industry critiques.

In the world of messaging (today), you have behemoths like WhatsApp and iMessage, and they are “backed by some of the richest companies in the world.” And then there’s Signal. It’s run by a nonprofit and pretty much operates as the exact opposite — they are committed to end-to-end encryption, does not collect or store sensitive information, or backups of user data.

This post from Nitasha Tiku on The Washington Post gives a detailed backstory on Meredith Whittaker, former Google manager, and her arrival to Signal as President (and board member since 2020), as well as why Signal “hopes to support itself with small donations from millions of users.”

The Changelog The Changelog #502

Fireside chat with Jack Dorsey ♻️

This week we’re re-broadcasting a very special episode of Founders Talk. Adam was invited by our friends at Square to host a fireside chat with Jack Dorsey as the featured finale of their annual developer conference called Square Unboxed. Jack is one of the most prolific CEOs out there. He’s a hacker turned CEO, often working at the very edge of what’s to come. He’s focused on what the future has to offer and an innovator at scale. He’s also a Bitcoin maximalist and has positioned himself and Block long on Bitcoin.

GitLab dissociatedpress.net

GitLab’s the latest punching bag for entitled users

This post reacting to other people’s reaction to GitLab’s recent free tier changes starts kinda rant-y:

Lots of users expect to get things for free, forever, from for-profit companies that don’t answer to them. Those users contribute almost nothing1 to the bottom line for the for-profit companies, and actively drive up costs for them. Yet, somehow, with no skin in the game, they feel entitled to complain and badmouth the companies because they’re not getting as much value for their monthly contribution of nothing at all.

But it ends with a pretty strong call to build things for ourselves:

Create a business case, get the funding, stand up the infrastructure, and pay people to work on it rather than expecting for-profit companies to prioritize (what you see as) the public good over profit. Whether that’s how things should be or not, it is how they are and that isn’t going to change as long as the only movement in the direction of change is people hectoring for-profit companies to do better.

The Changelog The Changelog #499

Long live RSS!

This week we’re joined again by Ben Ubois and we’re talking about RSS. Yes, RSS…the tech that never seems to die and yet so many of us rely on it daily. Ben is the creator of Feedbin, which is self-described as “a nice place to read on the web.” Ben is also the maker of a new app on iOS for people who like podcasts. It’s called Airshow and you can download it at airshow.fm. Ben catches us up on the state of Feedbin, we discuss the nine lives of RSS and its foundational utility for the indie web, the possibilities and short-comings of RSS, we get deep in the weeds on the Podcast 2.0 spec and the work being done on <podcast:chapters>, and Ben also shares the details on his new app called Airshow.

The Changelog The Changelog #496

Oxide builds servers (as they should be)

Today we have a special treat: Bryan Cantrill, co-founder and CTO of Oxide Computer! You may know Bryan from his work on DTrace. He worked at Sun for many years, then Oracle, and finally Joyent before starting Oxide.

We dig deep into their company’s mission/principles/values, hear how it it all started with a VC’s blank check that turned out to be anything but, and learn how Oxide’s integrated approach to hardware & software sets them up to compete with the established players by building servers as they should be.

The Changelog The Changelog #495

Actual(ly) opening up

Adam and Jerod are joined once again by James Long. He was on the podcast five years ago discussing the surprise success of Prettier, an opinionated code formatter that’s still in use to this day. This time around we’re going deep on Actual, his personal finance system James built as a business for over 4 years before recently opening it up and making it 100% free.

Has James given up on the business? Or will this move Actual(ly) breathe new life into a piece of software that’s used and beloved by many? Tune in to find out.

Founders Talk Founders Talk #91

Fireside chat with Jack Dorsey

Adam was invited by our friends at Square to interview Jack Dorsey as part of their annual developer conference called Square Unboxed. Jack Dorsey is one of the most prolific CEOs out there — he’s a hacker turned CEO and is often working at the very edge of what’s to come (at scale). Jack is focused on what the future has to offer, he’s considered an innovator by many. He’s also a Bitcoin maximalist and has positioned himself and Block long on Bitcoin.

What you’re about to hear is the fireside chat Adam had with Jack at Square Unboxed 2022. Jack and Adam discuss the vision Square has for the developer platform and why it’s so central to the company’s strategy.

Daniel Stenberg un.curl.dev

Everything I know and learned about running and maintaining open source projects for three decades

Curl creator/maintainer Daniel Stenberg is writing a book. It’s (aptly) named: Uncurled

Because of my background and life with Open Source and probably a lot because of the relative success some of my projects have had, I frequently get questions about subjects related to maintaining Open Source. How to run a project and what makes them succeed? For a long time I have been collecting lessons from my life with Open Source into a list of advice for fellow Open Source library hackers. This document is my attempt to convert those thoughts and experiences into words.

I don’t believe it’s finished, but there’s a lot here already! Excited for this and while it’s a free to read GitBook right now, I hope it ends with some kind of physical manifestation.

Engineering at Meta Icon Engineering at Meta

Meta is transferring Jest to the OpenJS Foundation

Good for them (and us)! But what does that mean in practice?

Over the next few months, we’ll be completing the OpenJS Foundation’s incubation program checklist, including transferring the Jest domain, repo, website, and other assets to OpenJS. We’ll also be updating the code of conduct and contributor license agreement.

Additionally, as part of this move, we will be publishing a project charter and creating new governance policies that will document the process for gaining commit access, as well as our leadership selection process.

Next up: React?! A guy can dream…

Founders Talk Founders Talk #89

Leading GitLab to IPO

This week Sid Sijbrandij, Co-founder and CEO of GitLab, is back talking with Adam about all the details of their massive IPO last October 2021. To set the stage, this episode was recorded on Feb 1, 2022. During the show Adam mentioned they IPO’d at a $13B market cap, but they actually ended their opening day at approximately $15B. That’s a massive win for open source, GitLab, Sid, and the rest of the team. For loyal listeners you know we’ve had Sid on this show before, so of course we had to get him back on the show post-IPO to get all the details of this new journey.

Founders Talk Founders Talk #88

Making an open source Stripe for time

This week Peer Richelsen, Co-Founder and Co-CEO of Cal.com, joins the show to talk about building the “Stripe for Time” — with a grand mission to connect a billion people by 2031 through calendar scheduling. Cal has grown from an open-source side project to one of the fastest-growing commercial open source companies. We get into all the details — what it means to be an open source Calendly alternative, how they quantify connecting a Billion people by 2031, where there’s room for innovation in the scheduling space, and why being community first is part of their secret sauce.

The Changelog The Changelog #486

Practical ways to solve hard problems

Frank Krueger joined us to talk about solving hard problems. Earlier this year he wrote a blog post titled “Practical Guide to Solving Hard Problems,” and a lot of what he had to say really resonated with us. The premise is simple — if you have to write some code that you’re just not sure how to write…what do you do? What are the practical steps that you can take when you’re feeling stumped? Today’s show goes deep on that subject…practical ways to solve hard problems and ship your best work.

Frank has his own podcast called Merge Conflict — check it out at mergeconflict.fm.

Open Source supabase.com

Should I open source my company?

Supabase CTO Ant Wilson walks through the pros & cons of open sourcing your startup and why he believes the answer to the question in the headline is (probably) “yes”

Open-sourcing Supabase ended up surprising us in many ways. Many people imagine that maintaining your business in public might be burdensome - but the opposite is true. There are many unexpected upsides that have made building Supabase - the product and the company - easier.

While some of this advice comes from our lens as a Dev Tools or PaaS company, most of it will apply to any software company.

Max Howell Medium

Something new is brewing

Max Howell, creator of Homebrew, has gone back to his notes on brew2 to apply web3 concepts to help “distribute value to open source.” He’s calling this new brew tea.

Tools like Homebrew lie beneath all development tools, assisting developers to actually get development done. We know the graph of all open source, which means we’re uniquely placed to innovate in interesting and exciting ways. This is exactly what tea will do. We’re taking our knowledge of how to make development more efficient and throwing innovations nobody has ever really considered before.

With plans to move the package registry on-chain, Max lays out the numerous benefits due to “inherent benefits of blockchain technology”:

  • Packages will be immutable (no more left-pad incidents)
  • Packages will always be available (we’ll use decentralized storage)
  • Releases will be signed by the maintainers themselves (rather than a middleman you are told you can trust)
  • Tools can be built to fundamentally verify the integrity of your app’s open source constitution
  • Token can flow through the graph

Max says “token flowing is where things get really interesting,” and goes on to say “with our system people who care about the health of the open source ecosystem buy some token and stake it.”

(Thanks to Omri Gabay for sharing this first in our community Slack)

Open Source vermaden.wordpress.com

ZFS compatibility

ZFS has become very portable in recent years of its development, supporting six (6) operating systems: FreeBSD, Illumos, Linux, MacOS, NetBSD, and Windows. But what if you wanted to create a ZPool compatible with all of them? Which options and ZFS features should you choose?

If you haven’t yet, check out The Changelog #475 where I talk with Matt Ahrens (co-founder of the ZFS project) about making the ZFS file system.

Bhupesh Varshney buttondown.email

One secret tip for first-time OSS contributors 🤫

Bhupesh Varshney:

A lot of folks looking how to get started on open source are given very generic advice on how to approach their first contribution. In this newsletter issue I share one specific actionable item.

His secret tip? Solve static analyzer issues. There, I saved you a click. Unless you’re not sure what he means by that or want his advice on how to actually get that done…

0:00 / 0:00