Package Management Icon

Package Management

Package management is software that automates the process of installing, upgrading, configuring, and removing other software.
13 episodes
All Topics

Go Time Go Time #321

Dependencies are dangerous

Play
2024-07-03T20:00:00Z #go +1 🎧 9,625

Dependencies! We need them, but how do we use them effectively and safely? In this week’s episode Kris is joined by Ian and Johnny to discuss the polyfill.io supply chain attack, the history of dependency management and usage in Go, and the Go Proverb that “a little copying is better than a little dependency”. Of course, we wrap up the episode with some Unpopular Opinions!

JS Party JS Party #290

Modernizing packages to ESM

Play
2023-09-01T18:20:00Z #javascript +1 🎧 14,591

Mark Erikson (web dev professor/historian, OSS Maintainer & engineer at Replay) joins us to talk about the shift from CommonJS to ESM. We discuss the history of module patterns in JS and the grueling effort to push the world’s biggest developer ecosystem forward. Get ready to go to school kids, this one’s deep!

Go Time Go Time #242

The pain of dependency management

Play
2022-08-11T17:30:00Z #go +1 🎧 19,324

Baruch Sadogursky (Chief Sticker Officer at JFrog) joins Natalie & Johnny to lament the current state of dependency management in Go and other languages. They discuss the problems dependency managers face, possible technical mitigations like SBOMs, people problems that will never be solved by tech, and take questions from listeners in the #gotimefm channel of Gophers Slack.

Go Time Go Time #115

Grokking Go.dev

Play
2020-01-30T15:30:00Z #go +2 🎧 14,253

Carmen, Mat, and Jon are joined by Steve Francia and Julie Qiu to discuss the new Go.dev website. What was the motivation behind it? What technology was used to build it? How are they working to make package discovery better? And what resources are there to help you convince your manager to use Go on that upcoming project?

Changelog Interviews Changelog Interviews #289

Automated dependency updates

Play
2018-03-23T19:00:00Z #packages 🎧 20,755

Rhys Arkins joined the show to talk about automating dependency updates using Renovate. Renovate is an open source tool to keep source code dependencies up-to-date using automated Pull Requests. We talked about who’s using it, the languages and environments that are supported, self-hosted vs SaaS and how that plays into supporting this open source, auto-merging, being a GitHub App and in the GitHub Marketplace, and building this as a business on someone else’s platform.

Player art
  0:00 / 0:00