This week we’re joined by the “mad scientist” himself, Feross Aboukhadijeh…and we’re talking about the launch of Socket — the next big thing in the fight to secure and protect the open source supply chain.

While working on the frontlines of open source, Feross and team have witnessed firsthand how supply chain attacks have swept across the software community and have damaged the trust in open source. Socket turns the problem of securing open source software on its head, and asks…“What if we assume all open source may be malicious?” So, they built a system that proactively detects indicators of compromised open source packages and brings awareness to teams in real-time. We cover the whys, the hows, and what’s next for this ambitious and very much needed project.

Tobie Langel, Open source strategist and Principal at UnlockOpen, joins Chris, Feross, and Amal to discuss recent widespread incidents affecting the JavaScript community (and breaking CI builds) around the globe. Two widely used npm libraries were self-sabotaged by their single maintainer, yet again, highlighting the many gaps in our OSS supply chain security, sustainability and overall practices. We explore all these topics and solution on what our ecosystem needs to be more resilient to these types of attacks in the future.

This week Paul Copplestone, CEO of Supabase joined us to catch us up on the next big thing happening in the world of Postgres. Supabase might be best known as “the open source Firebase alternative,” a tagline they might be reluctant to maintain. But from Adam’s perspective, he’s never been more excited about what they’re bringing to market for Postgres fans. In the last year, Supabase has gone from 0 to more than 80,000 databases on their platform — and they’re still in beta…and it’s open source. Hopefully today’s show sheds some light on why everyone is talking about Supabase.

This week Matt Ahrens joins Adam to talk about ZFS. Matt co-founded the ZFS project at Sun Microsystems in 2001. And 20 years later Adam picked up ZFS for use in his home lab and loved it. So, he reached out to Matt and invited him on the show. They cover the origins of the file system, its journey from proprietary to open source, architecture choices like copy-on-write, the ins and outs of creating and managing ZFS, RAID-Z and RAID-Z expansion, and Matt even shares plans for ZFS in the cloud with ZFS object store.

Today we’re bringing our appearance on DevDiscuss right here to The Changelog. Jerod and I guested their launch episode for Season 7 to talk about deeply human stories we’ve covered over the years on this podcast. For long-time listners this will be a trip down memory lane and for recent subscibers this will be a guided tour on some of our most impactful episodes. Special thanks to Ben Halpern and Christina Gorton for hosting us. Check out their show at dev.to/devdiscuss

Today we’re joined by Jessica Lord, talking about the origins of Electron and her boomerang back to GitHub to lead GitHub Sponsors. We cover the early days of Electron before Electron was Electron, how she advocated to turn it into a product and make it a framework, how it’s used today, why she boomeranged back to GitHub to lead Sponsors, what’s next in funding open source creators, and we attempt to answer the question “what happens to open source once it’s funded?”

Open Source and other source available projects have been a huge driver of progress in our industry, but building and maintaining an open source project is about a lot more than just writing the initial code and putting together a good README. On this episode of the maintenance mini-series, we’ll be discussing open source and the maintenance required to keep it going.

Today we’re joined by Ilya Grigorik to talk about Shopify’s developer preview release of Hydrogen and the preview release of Oxygen which is in early access preview with select merchants on Shopify. Hydrogen is their React framework for dynamic, contextual, and personalized e-commerce. And Oxygen is Shopify’s hosted V8 JavaScript worker runtime that leverages all of their platform with the hope of scaling millions of storefronts. We cover what developers can expect from the Hydrogen framework, Shopify’s big bet on React Server Components, the future of Shopify at scale with Hydrogen powered by Oxygen, and a world where merchants never have to think about the complexities of scaling infrastructure.

Today Adam is joined by Evan Kaplan, CEO of InfluxData. Evan’s journey to become the CEO was not by way of founder, in this company. Evan has founded several companies in the past, and he’s been in a CEO position for more than 22 years. But InfluxData was founded by Paul Dix, and Paul knew years ago that his role (best role?) was to lead the technical and product direction of the company, which lead him to Evan. Today we share that story as well as a glimpse into operating the business that built the defacto platform for building time series applications with deep roots in open source.

Robby Russell is back on The Changelog after more than 10 years to catch us up on all things Oh My Zsh — a delightful, open source, community-driven framework for managing your Zshell configuration. It comes bundled with plugins, themes, and can be easily customized and contributed to, because hey, that’s how open source works. In this episode Robby gives us a glimpse into the passion and the struggle of being an open source software maintainer.

Ever wonder how new features get added to the go command? Or where tools like gopls come from? Well, there’s an open team that handles just those things.

Just like the programming language itself, many of the tools that Go engineers use everyday are discussed and developed in the open. In this episode we’ll talk about this team, how it started, where it’s going, and how you can get involved.

This week we’re joined by Adam Jacob, CEO of System Initiative and Co-Founder of Chef, about open source business models and the model he thinks is the right one to choose, his graceful exit from Chef and some of the details behind Chef’s acquisition in 2020 for $220 million…in cash, and how his perspective on open source has or has not changed as a result. Adam also shared as much stealth mode details as he could about System Initiative.

This week Emile Vauge, founder & CEO of Traefik, joins Gerhard to share a story that started as a solution to a 2000 microservices challenge, the real-world implications of shipping many times a day for years, and the difficulties of sustaining an inclusive and healthy open-source community while building a product company.

Working every day on keeping the open-source community in sync with the core team was an important lesson. The second learning was around big changes between major versions.

The journey from Travis CI to Circle CI, then to Semaphore CI and eventually GitHub Actions is an interesting one. The automation tools inspired by the Mymirca ant colony is a fascinating idea, executed well. There is more to discover in the episode.

Today we’re talking to Linus Lee about the practice of building software for yourself. Linus has several side projects we could talk about, but today’s show is focused on Linus’ dynamically typed functional programming language called Ink that he used to write his full text personal search engine called Monocle.

Linus is focused on writing software that solves his own needs, all of which is open source, to help him learn more deeply and organize the knowledge of his life.

This week, Richard Hipp returns to catch us up on all things SQLite, his single file webserver written in C called Althttpd, and Fossil – the source code manager he wrote and uses to manage SQLite development instead of Git.

This week Adam is joined by Asim Aslam, the founder of Micro - a new cloud platform entirely focused on the developer experience of consuming and publishing public APIs. Asim’s journey spans many years of open source work on Micro. His sole focus right now, is evolving that work into a commercially viable business. This episode is jam-packed with stories of great timing, grit, resilence, success and failure, and, of course, lessons learned.

This week we’re talking to Rasmus Andersson about his journey as a software creator. We talk about the work he’s doing right now on Playbit, a computing environment which encourages playful learning, building, and sharing of software. We also talk about his work on the Inter typeface, as well as the reasons why this font family needed to be free and open source.

This week we talk with Jean-Sébastien Pedron, RabbitMQ and FreeBSD contributor, about the importance of good release engineering for core infrastructure. Both Jean-Sébastien and I have been part of the Core RabbitMQ team for many years now. We have built some of the biggest CI/CD pipelines (check the show notes for one example), wrote and shipped some great code together, while breaking and fixing many things in the process.

We have been wrestling with today’s topic since 2016. Jean-Sébastien has some great FreeBSD stories to share, as well as an interesting perspective on shipping graphic card drivers. Oh, and by the way, it’s probably our fault why your remote car key stopped working that afternoon. It will all make sense after you listen to this episode.

This week we’re sharing a recent episode from Founders Talk that we continuously hear about from listeners. Listen and subscribe to Founders Talk at founderstalk.fm and anywhere you listen to podcasts.

On Founders Talk #75 — Adam talks with Spencer Kimball, CEO and Co-founder of Cockroach Labs — makers of CockroachDB an open source cloud-native distributed SQL database. Cockroach Labs recently raised $160 million dollars on a $2 billion dollar valuation. In this episode, Spencer shares his journey in open source, startups and entrepreneurship, and what they’re doing to build CockroachCloud to meet the needs of applications that require massive scale and ultra-resilience.

This week we’re talking with Pia Mancini about the latest updates to the mission of Open Collective. Earlier this year Open Collective announced “Funds for Open Source.” The idea is simple, make it easy for companies to invest in open source, and they will. Also, since recording this episode, Pia and the team at Open Collective along with Gitcoin announced fundoss.org as part of Maintainer Week announcements. And right now, they have a matching fund of $75,000 dollars funding open source that you can support.

Porter lets you package your application artifacts, client tools, configuration and deployment logic together as a versioned bundle that you can distribute, and then install with a single command. Written entirely in Go, we speak to one of the creators about running an open source project, the importance of documentation, and more.

Maintainer Week is finally here and we’re excited to make this an annual thing! If Maintainer Week is new to you, check out episode #442 with Josh Simmons and Kara Sowles.

Today we’re talking Brett Cannon. Brett is Dev Manager of the Python Extension for VS Code, Python Steering Council Member, and core team member for Python. He recently shared a blog post The social contract of open source, so we invited Brett to join us for Maintainer Week to discuss this topic in detail.

Thank a maintainer on us! We’re printing a limited run t-shirt that’s free for maintainers, and all you gotta do is thank them, today!

This week we’re joined by Ryan Dahl, Node.js creator, and now the creator of Deno - a simple, modern and secure runtime for JavaScript and TypeScript that uses V8 and is built in Rust.

We talk with Ryan about the massive success of Node and how it impacted his life, and how he eventually created Deno and what he’s doing differently this time around. We also talk about The Deno Company and what’s in store for Deno Deploy.

This week is all about Maintainer Week — it’s a week long event starting June 7th for open source maintainers to gather, share, and be celebrated. We’re joined by Josh Simmons (Ecosystem Strategy Lead at Tidelift & President of Open Source Initiative) and Kara Sowles (Senior Open Source Program Manager at GitHub). Of course we love open source maintainers, that’s why we’re so excited about Maintainer Week and making it an annual thing. Today we talk through all the details of this event, what we can expect for this year and the years to come.

This week we’re talking about open source on Mars. Martin Woodward (Senior Director of Developer Relations at GitHub) joins us to talk about the new Mars badge GitHub introduced. This collaboration between GitHub and NASA confirmed nearly 12,000 people contributed code, documentation, graphic design, and more to the open source software that made Ingenuity’s launch possible. Today’s show is a celebration of this human achievement and the impact of open source on space exploration as we know it.