Alex Ellis:

Yesterday, Docker sent an email to any Docker Hub user who had created an “organisation”, telling them their account will be deleted including all images, if they do not upgrade to a paid team plan. The email contained a link to a tersely written PDF (since, silently edited) which was missing many important details which caused significant anxiety and additional work for open source maintainers.

He goes on to explain the problem in great details. Btw, Alex is no Docker hater. He has a long history of using and supporting the tech. He goes on to say:

Open Source has a funding problem, and Docker was born in Open Source. We the community were their king makers, and now that they’re turning over significant revenue, they are only too ready to forget their roots.

This decision seems myopic. There are other image hosting options, one of them even shares (inspired?) half of DockerHub’s name… Oh, and here’s our open invitation to the folks at Docker to come on the pod.

This week Evan Prodromou is back to take us deeper into the Fediverse. As many of us reconsider our relationship with Twitter, Mastodon has been by-and-large the target of migration. They helped to popularize the idea of a federated universe of community-owned, decentralized, social networks. And, at the heart of it all is ActivityPub. ActivityPub is a decentralized social networking protocol published by the W3C. It is co-authored by Evan as well as; Christine Lemmer-Webber, Jessica Tallon, Erin Shepherd, and Amy Guy. Today, Evan shares the details behind this protocol and where the Fediverse might be heading.

An open-source knowledge-based community software. You can use it quickly to build Q&A community for your products, customers, teams, and more.

It looks like a lot of work has been put into this, with more cool stuff coming (integrations, gamification).

Filippo Valsorda:

Last May I left my job on the Go team at Google to experiment with more sustainable paths for open-source maintainers. I held on to my various maintainer hats (Go cryptography, transparency tooling, age, mkcert, yubikey-agent…), iterated on the model since September, and I’m happy to report that I am now a full-time independent open-source maintainer.

People like Filippo are still (unfortunately) the exception, not the rule. BUT! I’ll celebrate every time an open source maintainer makes it to the promised land, hopefully paving the way for others to follow after.

I’m sharing details about my progress to hopefully popularize the model, and eventually help other maintainers adopt it, although I’m not quite ready to recommend anyone else drop everything to try this just yet.

This week we’re talking about by Postgres with Craig Kerstiens, Chief Product Officer at Crunchy Data, and a well known ambassador for Postgres. Just Postgres. That’s what this week’s show is about.

Tyler Cipriani read “‘Did you miss my comments or what?’ Understanding Toxicity in Open Source Discussions,” and learned about entitlement:

The term is new (to me), but the paper renders a familiar scene, “The author is usually visibly upset about not being able to use the tool, often complaining about wasted time.”

The situation is all-too-common and exhausting. And when it happens over-and-over, maintainers give up.

It made me wonder: why have I never seen “entitlement” in a code of conduct?

Good question…

Thomas Depierre, writing about the concept of the Software Supply Chain in the context of open source development:

We are not suppliers. All the people writing and maintaining these projects, we are not suppliers. We do not have a business relationship with all these organisations. We are volunteers, writing code and putting it online under these Licences. And yes, we put it online for people to use them. But we do not get anything from it.

He goes on to discuss how, importantly, licenses such as the MIT point this out (in all caps):

If you use this, I owe you nothing. At all. We have no relationship. I put this up online on the condition that if you use it, all the risks are on you… So all your Software Supply Chain ideas? You are not buying from a supplier, you are a raccoon digging through dumpsters for free code. So I would advise you to put these rules in the same dumpster. And remember. I am not a supplier.

That raccoon line reminds me of a now-ancient meme you might still enjoy…

Welcome to 2023 — we’re kicking off the year talking to Justin Searls about the state of web development and why he just might write a “You Might Not Need React” post. He’s been so productive using Turbo and Stimulus (and tailwind) in Rails 7 that we had to talk about the state of Rails development today and a bunch of other fun topics around building for the web in 2023.

To wrap up the year we’re talking about what’s breaking the internet, again. Yes, we’re talking about ChatGPT and we’re joined by our good friend Shawn “swyx” Wang. Between his writings on L-Space Diaries and his AI notes repo on GitHub, we had a lot to cover around the world of AI and what might be coming in 2023.

Also, we have one more show coming out before the end of the year — our 5th annual “State of the log” episode where Adam and Jerod look back at the year and talk through their favorite episodes of the year and feature voices from the community. So, stay tuned for that next week.

Tony Parker writing on Swift’s blog:

When Swift began life as an open source project, we wanted to open not just the language itself, but the ecosystem around it. Foundation has been instrumental in the success of decades of software and has been an integral part of the Swift developer experience from the beginning, and we knew it had to be included in the open source offering.

Historically, Apple’s open source efforts have varied in just how open they are when it comes to community. On that topic, this is an uplifting bit of prose:

Open source projects are at their best when the community of users can participate and become a community of developers. A new, open contribution process will be available to enable all developers to contribute new API to Foundation.

This new Foundation project is slated to launch on GitHub in 2023.

This week we’re joined by Christina Warren, Senior Developer Advocate at GitHub, and a true tech and pop culture connoisseur. From her days at Mashable covering the intersections of entertainment and technology, to Gizmodo, to Microsoft, and now her current role at GitHub we talk with Christina about her journey from journalist to developer, and the latest happenings coming out of GitHub Universe.

BTW, we’re planning to get Christina on Backstage in the new year to talk about Plex, MakeMKV, and all things that go into hosting your own media server. Drop a commment on this episode with a +1 if you want to see that happen.

This week we’re taking you to the hallway track of All Things Open 2022 in Raleigh, NC. Let’s set the stage, here’s what we like do when we go to conferences — we setup our podcast studio at our booth where all the other vendors are and we talk to everyone we can. We give out t-shirts, stickers, pins, high fives…and it’s a blast.

Today’s anthology episode from ATO features: Arun Gupta (VP and GM of Open Ecosystem Initiatives at Intel), long-time friend Chad Whitacre (Head of Open Source at Sentry), and Ricardo Sueiras (Principal Advocate in Open Source at AWS).

The common denominator for each of these conversations is advocating for and supporting open source. Special thanks to Todd Lewis and team for inviting us to come back to ATO. We enjoyed meeting long time fans and new ones too.

KBall and Boneskull dive deep with Paloma Oliveira on the cultural and social consequences of open source software, explore her background in arts and government-supported open source, and discuss practical approaches to change the culture of open source towards more sustainability.

As the old saying goes, imitation is the sincerest form of flattery. In the software world, an open source alternative is the sincerest form of imitation. Well, Retool (a Changelog sponsor) can consider themselves flattered, because Openblocks sets out to do openly what they’ve been doing proprietarily. Here’s why:

It’s cumbersome to create a single app. You had to design user interfaces, write code in multiple languages and frameworks, and understand how all of that code works together.

Low-code/No-code platforms are fast to get started with but quickly become unmaintainable and inflexible. This creates more problems than it solves.

Retool-like solutions are great for their simplicity and flexibility, but they can also be limited in different ways compared to frameworks like React/Vue.

Openblocks wants to take a step forward. More specifically, Openblocks is

• An all-in-one IDE to create internal or customer-facing apps.
• A place to create, build and share building blocks of web applications.
• A domain-specific language that UI-configurable block is the first-class citizen.

This is so cool! Shout out to Zach Latta (Founder of Hack Club) for giving me a call today to tell me about Sprig — this awesome new Hack Club project is built by teenagers for teenagers.

Sprig is a game console where every user is a creator. It can only be obtained by building a tile-based game in the web-based game editor and shipping it in the community gallery. It’s made by Hack Club.

… Fall of 2022, we are giving a Sprig (valued at over $100 in components alone) to every teenage hacker that successfully shares a game they create in our community gallery.

A couple weeks back, Adam logged some news that linked to githubcopilotinvestigation.com. Well, There’s a new website now: githubcopilotlitigation.com

Matthew Butterick:

By train­ing their AI sys­tems on pub­lic GitHub repos­i­to­ries (though based on their pub­lic state­ments, pos­si­bly much more) we con­tend that the defen­dants have vio­lated the legal rights of a vast num­ber of cre­ators who posted code or other work under cer­tain open-source licenses on GitHub. Which licenses? A set of 11 pop­u­lar open-source licenses that all require attri­bu­tion of the author’s name and copy­right, includ­ing the MIT license, the GPL, and the Apache license.

This week we’re talking with Will McGugan about using the terminal to not just build software, but also to deliver software. Will is a few months into his journey of building Textualize, a company he started around his open source projects Textual and Rich. When combined Textual and Rich give you a Python framework to build beautiful full-featured TUIs for the Terminal. We talk with Will about his big idea of the terminal as a platform, how he got here from first principles, what it takes to build Textual apps and whether or not they can replace not so good web admins, building, launching, and distributing Textual apps, why Python was his choiice of language, the big picture and business model behind Textualize, and why he’s building this as open source and in public.

In this episode, we’re joined by tech Lawyer Luis Villa to explore the question, who owns code? The company, the engineer, the team? What about when you’re using AI, Machine learning, GitHub Copilot… is that still your code?

Is GitHub Copilot an AI parasite trained in the realms of fair use on pub­lic code any­where on the inter­net? Or, is it a much needed automation layer to all the reasons we open source in the first place?

When I first wrote about Copi­lot, I said “I’m not wor­ried about its effects on open source.” In the short term, I’m still not wor­ried. But as I reflected on my own jour­ney through open source—nearly 25 years—I real­ized that I was miss­ing the big­ger pic­ture. After all, open source isn’t a fixed group of peo­ple. It’s an ever-grow­ing, ever-chang­ing col­lec­tive intel­li­gence, con­tin­u­ally being renewed by fresh minds. We set new stan­dards and chal­lenges for each other, and thereby raise our expec­ta­tions for what we can accom­plish.

Amidst this grand alchemy, Copi­lot inter­lopes. Its goal is to arro­gate the energy of open-source to itself. We needn’t delve into Microsoft’s very check­ered his­tory with open source to see Copi­lot for what it is: a par­a­site.

The legal­ity of Copi­lot must be tested before the dam­age to open source becomes irrepara­ble. That’s why I’m suit­ing up.

What are your thoughts on this investigation and “poten­tial law­suit” against GitHub Copi­lot?

The Open Podcast Prefix Project is a free and open source podcast prefix analytics service committed to open data and listener privacy. This hits close to home for us in a couple ways, so we invited the project’s creator, John Spurlock, Backstage to learn more about it.

This week we turn the mics on ourselves, kind of. Lars Wikman joins the show to give us a guided tour through ID3 esoterica and the shiny new open source Elixir library he developed for us. We talk about what ID3 is, its many versions, what it aims to be and what it could have been, how our library project got started, all the unique features and failed dreams of the ID3v2 spec, how ID3v2 and Podcasting 2.0 are solving the problem differently, and how all of this maps back to us giving you (our listeners) a better experience while listening to our shows.

Patformatic co-founders Matteo Collina & Luca Maraschi join Amal & Chris to discuss their just-announced (and we mean just announced) open source database tool: Platformatic DB!

It’s a daemon that can turn any PostgreSQL, MySQL, MariaDB, or SQLite database into a REST and GraphQL endpoint. What makes it special is that it allows massive customization thanks to the flexibility of Fastify plugins.

MNT Research… is going small for its next project. The MNT Pocket Reform has a seven-inch screen with a clamshell design that, when closed, will be less than five centimeters thick. If its perky purple facade looks a bit retro, that’s no surprise; the Pocket’s inspirations read like a ‘greatest hits’ list of pocketable computers.

They’re taking open source seriously:

MNT’s open-source promise is not limited to an open source operating system or select internal components The Pocket Reform, as with MNT’s full-size Reform laptop, will provide mainboard schematics, 3D models for physical components, and open source drivers, among other things.

Coming soon to a crowd fund near you.

This book is my condensed personal experience in the last 12 years in various projects, communities and roles in Open Source. Including my best practice, tips and a lot of examples and resources.

After 2 years a new edition is here with new stuff and also available on Amazon Kindle.
134 pages about best practices and suggestion about the open source world!

iliana etaoin:

There is a lot of attention on securing “software supply chains.” The usual approach is that you want to try to avoid security issues in your underlying components from impacting customers of your product; and when they do, you want to be able to respond quickly to fix the issue. The people who care about this class of problem are often software companies. The class of components that are most concerning these companies are ones where unpaid hobbyist maintainers wrote something for themselves with no maintenance plan.

This is where the supply chain metaphor — and it is just that, a metaphor — breaks down…

I think we all know this intrinsically, but it’s easy to forget. iliana goes on to describe feelings I’ve heard expressed by a few maintainers recently:

I just want to publish software that I think is neat so that other hobbyists can use and learn from it, and I otherwise want to be left the hell alone. I should be allowed to decide if something I wrote is “done”. The focus on securing the “software supply chain” has made it even more likely that releasing software for others to use will just mean more work for me that I don’t benefit from. I reject the idea that a concept so tenuous can be secured in the first place.