Podcasts about Ansible

Fictional machine capable of instantaneous or superluminal communication

  • 319PODCASTS
  • 895EPISODES
  • 49mAVG DURATION
  • 1WEEKLY EPISODE
  • Jun 18, 2026LATEST
Ansible

POPULARITY

20192020202120222023202420252026

Categories



Best podcasts about Ansible

Show all podcasts related to ansible

Latest podcast episodes about Ansible

php[podcast] episodes from php[architect]
The PHP Podcast 2026.06.17

php[podcast] episodes from php[architect]

Play Episode Listen Later Jun 18, 2026 79:40


PHP Podcast – June 17, 2026 Hosts: Sara Golemon & Holly Schilling | Guests: Paul Reinheimer & Sean Coates Eric and John are still locked in the basement. Sara is literally on a boat in Spain. Normal show, totally normal. Sara Broadcasts from a Harbor in A Coruña Sara is joining this week’s show from a marina in A Coruña, northwest Spain — in the Galicia region, where they speak Galician (not quite Spanish, not quite Portuguese). It’s 1am local time and the boat is visibly rocking on camera. Holly is holding down the fort from Chicago. This is what Sara calls pirate radio, except one of the pirates is actually on a boat. Meet the Guests: Paul Reinheimer & Sean Coates Paul Reinheimer and Sean Coates are PHP veterans from an earlier era — both were closely involved with PHP Architect around 2005–2010, back when Sara was already a PHP core contributor and the community was small enough to fit in one bar. Paul now runs Wonder Proxy, a service that lets you test your website’s behavior from locations around the world (checking GDPR banners, geo-targeted content, checkout flows, etc.), and is also building a startup called StudioWorks — business management software for creative studios, with an invoicing product and a proposals product in development. Sean is based in Montreal and has been spending time at a local hackerspace called Food Lab, where he got pulled into MeshTastic and MeshCore mesh networking, and is now surrounded by vintage computers, including a PDP-11 and five-and-a-quarter-inch floppy disks. The Quarter-Million-Line Commit Paul committed 250,000 lines of code directly to Wonder Proxy’s repo without a PR last week — and he’s not particularly sorry about it. The context: it was a pre-generated SQLite amalgamation file (all of SQLite compiled into a single C file), which Wonder Proxy is now checking in as a pinned static dependency rather than regenerating each build. Paul’s argument is unanswerable: you cannot meaningfully review 250,000 lines of generated C code in a PR. If there’s something malicious in there and you’re good with C, you could hide it in parameterized defines and no one would see it. The right approach, which Paul landed on, was creating a separate package with its own CI — and including the command to regenerate the amalgamation so reviewers can verify the output themselves, not just stare at the diff. Measuring Wrong — Sean’s Rant Sean has been ranting about this for 10–15 years and it hasn’t gotten less true: companies systematically measure things that make them look good and avoid measuring things that make them look bad. A marketing team adds a spin-to-win wheel to the homepage and celebrates their 1% sales increase. Nobody measures how many people found the wheel so obnoxious they immediately left. Cookie and GDPR banners are the same story — they go up, they’re never removed, and the conversion impact is never tracked because nobody wants to report bad news up the chain. Sean’s broader point: an epidemic of motivated measurement is a big part of why the web is as bad as it is. PHP in 2026 vs. PHP Then — What’s Still Working Paul’s honest take: the LAMP stack still works great. In 2004 you could build a productive web application with Linux, Apache, MySQL, and PHP — and you still can today. The fundamental approach is the same. Having since done Ruby at Stripe and other languages elsewhere, Paul keeps coming back to how much sense the PHP model makes to him. The longevity is the feature, not a bug. Wonder Proxy’s web app — built in server-side Swift using the Hummingbird framework — returns pages in under 50 milliseconds almost always and under 30 most of the time, with almost no client-side JavaScript. Server round trips are fast. The web doesn’t have to be seven seconds. Swift Concurrency and What PHP Could Learn Sara asked Sean — who has used Swift on the server for StudioWorks — what he’d want to see in PHP’s threading model. His answer: anything the compiler can enforce beats anything you have to remember yourself. Swift’s concurrency model has the compiler reject code that would allow a thread to trample on a sendable object after it’s been sent off. You find out about threading mistakes at compile time, not when corrupt data shows up in production. Sean’s verdict: an early warning system for threading problems is 10,000 times more valuable than discovering them too late. PHP’s async/await path is cooperative task switching (not true threading), which avoids some of these issues but can still deadlock if someone forgets to hand off control. Composer, require_once, and Supply Chain Security The chat raised whether anyone still uses require_once in the PSR-4 world. Sara’s answer: PHP.net does — it doesn’t use Composer at all, because the site needs to be framework and library agnostic. Grep for require_once across typical vendor dependencies and you’ll find around 100 instances still in the wild, mostly inside packages like Doctrine. The supply chain security conversation from there: Composer’s lock file pins to specific hashes, which is what you want — but a lot of projects don’t commit their lock file, and pinning to a version tag isn’t enough because tags can be updated if someone takes over a GitHub account. To really be safe, pin to a specific commit hash. It’s a pain to maintain, but it’s much harder to fake. The PHP Foundation — The Biggest Change in PHP Paul called out the PHP Foundation as the single biggest change in PHP since he and Sean were actively involved. Having an organization that can receive money from individual supporters and use it to fund core PHP work has been talked about since before PHP had package management. The foundation now has over 1,000 individual supporters — including Rasmus Lerdorf himself, which Sara found funny. Paul and Wonder Proxy support it financially; Wonder Proxy also holds a private Packagist account as an indirect way to fund Composer development. Sara works directly with the foundation on PHP core. Elizabeth Barron (from last week’s show) is doing exceptional work moving it forward. PHP.net Redesign and the Dark Mode Problem Sara copped to a php.net rabbit hole: she tried to implement dark mode for the site and succeeded everywhere except code samples. PHP’s built-in highlight_string() function has hard-coded colors that assume a light background, and there’s no way to override them. Sara wrote the patch to make the colors configurable at the internals level, then realized it should actually be a separate PHP project, then lost track of caring about it because it became yak shaving. On the redesign side: the foundation ran a competition to redesign the releases page (the per-version page with changelogs and download links), and the results look much better. The downloads page has been getting more beginner-friendly content — how to actually get PHP running, not just a reference manual. There are homepage mockups being iterated on as well. What Talk Would You Give? Sara asked both guests what conference talk they’d give if they were speaking today. Paul: marketing for developers. Too many developers believe “if you build it, they will come,” and AI is making this worse — the barrier to shipping something that looks professional has dropped so far that the noise floor is rising fast. Hollywood knows to spend as much on marketing as on production. Paul doesn’t claim to be good at marketing, but he thinks someone should be giving this talk at every developer conference. Sean: reliable deployment and supply chain integrity — specifically how to actually control the path from git to production without sneaking in vulnerabilities. Containers have helped, but there’s still a lot of infrastructure that fetches things at build or request time that is genuinely dangerous. PHP Tek 2027 The PHP Tek 2027 website is live at phptek.io. No date confirmed on air, but the site is up and people should keep an eye on it. Links from the show: Wonder Proxy — Test your website from around the world PHP Tek 2027 — phptek.io The PHP Foundation — Support PHP development PHP Architect Discord Guest Hosts: Sara Golemon Currently sailing in the Atlantic (broadcasting from A Coruña, Spain) PHP core contributor; code contributor via the Curl project (which means she technically has code on Mars) Holly Schilling Primary mobile developer; built the PHP Tek 2026 conference app Based near Chicago, IL Guests: Paul Reinheimer Founder, Wonder Proxy — test your website’s geo-targeted behavior from 300+ global locations Founder, StudioWorks — business management tools for creative studios (invoicing & proposals) Former PHP Architect team member; wrote a book on PHP and APIs Sean Coates Based in Montreal; regular at the Food Lab hackerspace MeshTastic/MeshCore mesh networking enthusiast; vintage computer collector (PDP-11 era) Former PHP Architect team member and longtime PHP community contributor Streams: Youtube Channel Twitch Connect & Hire PHP Architect Website Twitter/X Mastodon Hire PHP Developers Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review. Partner This podcast is made a little better thanks to our partners Displace Infrastructure Management, Simplified Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease. https://displace.tech/ PHPScore Put Your Technical Debt on Autopay with PHPScore CodeRabbit Cut code review time & bugs in half instantly with CodeRabbit. Music Provided by Epidemic Sound https://www.epidemicsound.com/ Join Us Live Next Week Youtube Channel Got feedback? Join us on Discord at discord.phparch.com The post The PHP Podcast 2026.06.17 appeared first on PHP Architect.

php[podcast] episodes from php[architect]
The PHP Podcast 2026.06.11

php[podcast] episodes from php[architect]

Play Episode Listen Later Jun 11, 2026 77:02


PHP Podcast – June 11, 2026 Guest Hosts: Sara Golemon, Elizabeth Barron & Holly Schilling Eric and John are out this week — Sara, Elizabeth, and Holly take over. Here’s what they covered: PHPVerse Recap PHPVerse just wrapped up, and Elizabeth was there in Amsterdam. The format is unusual — all speakers are flown to one location, but the audience is entirely virtual. It was a class act: professional TV crew, studio lighting, and a makeup and hair team on site. Around 2,500–3,000 people watched the live stream. Everything was broadcast as one long block; individual talk segments and possibly the documentary trailer will be cut and released separately. The full stream is available now — the PHP documentary trailer (produced by Jet Breeze, covering 30+ years of PHP history) appears around the 2:24:30 mark. PHP Foundation 2026 Strategy Document Elizabeth and the PHP Foundation released their 2026 strategy document the same day as this recording. The foundation gathered community input across numerous conversations and conferences, synthesized it into findings, and has now published a plan for the rest of the year. Key themes: repositioning PHP’s public perception (which Elizabeth calls a solvable problem), creating six special interest groups, and launching an Onboarding Initiative to build a real on-ramp for new PHP developers. Elizabeth’s view is that the two things giving her the most hope for PHP’s future are the passion and expertise of the community, and how good the language itself has gotten. Visit thephp.foundation to read the full document. The Onboarding Initiative One of the six special interest groups the foundation is launching is specifically focused on bringing new developers into PHP. Goals include creating a true learning path (not just a reference manual that assumes existing knowledge), improving educational resources, and potentially working with the php.net website to improve the first-time experience. Holly made the point that PHP’s barrier to entry is genuinely lower than almost any other language — the Hello World program is 11 characters — but that story isn’t being told outside the PHP bubble. New developers are turning to JavaScript as a first language and running into minified spaghetti instead of something approachable. AI Writing PHP — And PHP as a Second Language Holly built the entire PHP Tek conference app backend in Laravel without writing a single line of code herself — AI-generated throughout, which she reviewed and approved. The code held up to peer review at the conference with only minor style nits. She ran it on PHP 8.3 and used modern standards throughout (one piece of feedback: stop using empty()). The consensus: AI models write good modern PHP because of the vast amount of open source PHP they were trained on. The caveat Sara raised is worth thinking about — how much of that training data is PHP 4-era code and WordPress 3 repositories? Either way, Holly’s case for PHP as a second language is strong: low ceremony, low boilerplate, readable syntax, and it’s a language where you can do something useful in minutes. PHP’s Reputation Problem (and Why It’s Fixable) The group dug into PHP’s perception gap — the mismatch between how good the language actually is and how it’s perceived outside the community. Holly’s experience as a mobile developer who recommends PHP to others: the pushback is immediate (“isn’t that slow?”, “isn’t that dead?”). The benchmarks don’t support that reputation — PHP outperforms Python on most comparable workloads — but data alone doesn’t shift perception. Elizabeth’s point is that this is primarily a storytelling and coordination problem, not a language problem, and that the foundation’s repositioning work is exactly aimed at closing that gap. The community has the passion. It just needs to tell the story outside its own bubble. PHP Polling API RFC Sara walked through the RFC for a new Polling API in PHP (wiki.php.net/rfc/poll_API). The short version: PHP currently has five or six different ways to do I/O multiplexing (watching multiple streams and acting on whichever one is ready first), and which one works depends on the OS, available extensions, and PHP version. The Polling API proposal creates a single, unified interface that abstracts all of that. The immediate beneficiaries are async frameworks like Amp PHP, ReactPHP, and Revolt, which currently have to maintain multiple backend implementations to cover different environments. The bigger picture: this is a building block on the path toward true async PHP, likely contributing to something more complete in PHP 9.0. Most app developers won’t use it directly — but the libraries they depend on will. RFCs are all listed at wiki.php.net/rfc. PHP.net: Do As We Say, Not As We Do Sara, who has contributed to php.net, copped to the state of the codebase: some of it dates to the PHP 3 era, there are functions.inc files, and it is very much “do as we say, not as we do.” The historical reason is that php.net used to rely on community-administered mirrors (r-synced servers running everything from PHP 5.1 to 5.6 simultaneously), so modernizing the code was impossible without controlling the runtime. That’s changed with CDN-based load balancing — they can now control what PHP version runs on php.net — and the code has been getting better. But it’s a slow process. PHP Podcasts Past, Present, and Future Holly asked about the PHP Town Hall podcast (Ben Edmonds and Phil Sturgeon), and the group did a quick tour of PHP podcast history. The PHP Roundtable — originally started by Sammy, taken over by Eric — has produced about three episodes. Sara and producer Joe are planning to take it off Eric’s hands and actually do it properly. And Elizabeth announced that the PHP Foundation is launching a new podcast: tentatively called PHP at Scale, hosted by Ben Marx, focused on telling the stories of organizations pushing PHP to its limits. No launch date yet, but there’s already a queue of interested guests. Next Week’s Show — Moved to Wednesday Sara will be on a boat off the coast of Galicia on Thursday, so next week’s episode is moving to Wednesday. Guests will include Paul Reinheimer and (hopefully) Sean Coase — two veterans from PHP’s podcasting past. Elizabeth is going to try to make it work around the Canadian Grand Prix. Mac Mini M4 for Local LLMs Holly picked up a refurbished Mac Mini M4 (16GB RAM, 512GB storage) specifically to run LLM models locally via Ollama. Apple Silicon is a solid choice for this because the unified memory architecture gives the neural cores access to far more RAM than a discrete GPU setup. Sara is waiting for the M5, which is reportedly not coming until fall — and is already resigned to spending too much on it when it lands. Links from the show: PHP Foundation — 2026 Strategy Document PHP RFC: Polling API PHP RFC Wiki — All RFCs Under Discussion Amp PHP — Async framework ReactPHP — Event-driven async PHP Revolt — Event loop for PHP php.net website source code (github.com/php/web-php) PHP Architect Discord Guest Hosts: Sara Golemon Based in Lisbon, Portugal PHP core contributor; code contributor via the Curl project (which means she technically has code on Mars) Elizabeth Barron Executive Director, PHP Foundation Based in Germany Holly Schilling Primary mobile developer; built the PHP Tek 2026 conference app Based near Chicago, IL Streams: Youtube Channel Twitch Connect & Hire PHP Architect Website Twitter/X Mastodon Hire PHP Developers Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review. Partner This podcast is made a little better thanks to our partners Displace Infrastructure Management, Simplified Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease. https://displace.tech/ PHPScore Put Your Technical Debt on Autopay with PHPScore Music Provided by Epidemic Sound https://www.epidemicsound.com/ Join Us Live Next Week Note: Next week’s show is on Wednesday (not Thursday) with guests Paul Reinheimer and Sean Coase. Youtube Channel Got feedback? Join us on Discord at discord.phparch.com The post The PHP Podcast 2026.06.11 appeared first on PHP Architect.

php[podcast] episodes from php[architect]
The PHP Podcast 2026.06.04

php[podcast] episodes from php[architect]

Play Episode Listen Later Jun 5, 2026 57:44


PHP Podcast – June 4, 2026 Hosts: Eric Van Johnson & John Congdon Another fun episode of the PHP Podcast! Here’s what we covered: PHP Tek 2027 — New Dates, Bold New Format Mark your calendars: PHP Tek 2027 is happening April 27–29 in Chicago, and Eric and John are shaking things up. Rather than a straight three-day PHP conference, next year gets three tracks — two of which are familiar PHP-focused content, and a third specialty track that rotates each day: one day of JavaScript, one day of DevOps, and one day of Laravel. The Laravel track is specifically focused on how developers actually use the framework day-to-day, not a product pitch. Single-day passes will be available, so if you’re only coming for the DevOps or JS day, you’re covered. One important heads-up: there’s a big convention happening at a venue nearby in Rosemont, so the hotel block could sell out faster than usual. When they open reservations, don’t wait. Holly the Elephant Is Going Fast The PHP Architect conference elephant, named Holly, is now available at store.phparch.com, and demand has been remarkable. Eric woke up one morning to a flood of orders and genuinely couldn’t figure out what happened. The warning from last year applies here: people said they’d grab Tony later, and now Tony is gone forever. Holly ships June 17th for most orders, but if you’ve already ordered, it’s likely on its way. Get yours while you can. PHP Tek TV Is Doing Something Different This Year In past years, conference talk videos would get edited and uploaded weeks (or months) after the event. This year, John is doing things differently: the raw, unedited recordings are going up now, with timestamps in the description so you can jump straight to specific talks — some rooms recorded a seven-hour continuous feed and just left it running. The clean edited versions are still coming (a video editor friend in the UK is on it), but if you want to see a talk right now, the raw version is there. Audio quality varies by room, but it’s watchable. Immich — A Self-Hosted Google Photos That Actually Works John has been running Immich, a self-hosted photo management platform, in a Docker container for about a month and loves it. It does facial recognition, GPS tagging, and auto-uploads from his phone — essentially everything he cares about in Google Photos, without handing his photos to Google or Apple. He’s now planning to use it as the PHP Architect conference photo library, centralizing all the Tech photos in one browsable, shareable place. It’s fully open source, with no licensing cost, and an optional donation tier. If you’re sick of paying ever-increasing storage bills to big tech companies, this is worth a look. Ben Ramsey’s PHP Tek Homecoming Article Is Free to Read The May issue of PHP Architect magazine is now available to digital subscribers, and this month’s free article is Ben Ramsey’s piece on the PHP Tek homecoming experience. Eric reached out to Ben last minute and he delivered. If you’ve never subscribed, this is a low-barrier way to see what the magazine is like. Head to phparch.com, grab the free article, and if you like what you see, subscriptions are not expensive. John Is Resurrecting a Legacy Laravel App — With Claude’s Help John has been grinding away on a Laravel 6 app that was a passion project years ago and has now been revived as an actual client project. Using Claude to methodically baby-step through each version upgrade — starting with writing tests to establish a baseline — he’s worked up through the major Laravel versions. The turning point came when he hit the version where the old event sourcing package (Prooph) was clearly on its way out, and the decision was made to migrate to Verbs, Nuno Maduro’s Laravel-native event sourcing package. John’s now looking forward to it. He’s also accidentally been burning tokens on the company Anthropic account (not his personal account), which Eric caught live on air. They are going to talk about it after the show. Eric’s Mystery Side Project Is Almost Ready — If DNS Would Cooperate Eric teased a new side project last week and intended to reveal it this week, but he’s stuck waiting on DNS propagation. The domain was registered with DigitalOcean DNS already in use by a previous owner, so Eric moved it to Cloudflare — only to discover there may be a conflict because the previous owner was also on Cloudflare. The result: the name servers are stuck on old values. John’s live suggestion was to move it to Route 53, and Eric was immediately sold. The project is almost ready to show the world, DNS gods willing. Meta’s AI Support Bot Got Socially Engineered Eric shared a video demonstrating how someone prompt-injected Meta’s AI customer support bot into sending a verification code to an attacker-controlled email address — and then using that code to add the email to an account, enabling a full password reset and account takeover. The irony: Meta is the company behind Llama and has some of the deepest AI expertise on the planet, and they still shipped a support bot with permissions it shouldn’t have. Eric’s point was pointed: you can fire a human employee who gets social engineered, which creates accountability throughout the team. An AI has no such incentive structure. Crowbarring AI into account-modification workflows without appropriate guardrails is just asking for this. The PHP Foundation Now Publishes Board Meeting Minutes Eric discovered that the PHP Foundation has started publishing their board meeting minutes in a public GitHub repository. Nothing earth-shattering yet, but seeing who attended, what was discussed, and what decisions are being made gives the community a real window into how the foundation operates at scale. It also helps explain something Eric and John have always found interesting: why PHP stalled so hard between versions 5 and 7. There was no foundation, no financial backing, just volunteer hours. Now there’s a paid staff and governance structure — and the minutes show exactly how complex running something at PHP’s scale actually is. The PHP Foundation Has a Dedicated Security Team Now Speaking of the Foundation, it now has a dedicated security team — a sign of how seriously the supply chain attack problem has gotten. AI tools are being deployed by black hat actors to find vulnerabilities in open source projects at a scale that wasn’t possible before. PHP is not just another open source project; it underpins a massive slice of the web, and companies depend on it staying secure. Having a team specifically focused on this is the right call, even if it’s a sobering reminder of where the threat landscape is heading. Moat — Nuno’s GitHub Security Auditing Tool Nuno Maduro (of Laravel fame) quietly shipped a tool called Moat that audits your GitHub presence for security gaps. Install it globally via Brew or Composer, point it at your GitHub org, a specific repo, or even a specific branch, and it gives you a report on where your security posture could be improved. It’s read-only — it won’t change anything — and it’s explicit that it is not a security certification. Eric wants to use it to audit the PHP Architect organization’s repos, many of which haven’t been touched in years. Think of it as a fast, opinionated triage tool, not a replacement for a real security audit. Links from the show: PHP Tek 2027 — Chicago, April 27–29 PHP Architect Store — Holly the Elephant Immich — Self-Hosted Photo Management PHP Architect Magazine Verbs — Laravel Event Sourcing by Thunk Moat — GitHub Security Auditing by Nuno Maduro PHP Foundation on GitHub PHP Architect Discord Host: Eric Van Johnson X: @shocm Mastodon: @eric@phparch.social Bluesky: @ericvanjohnson.bsky.social PHPArch.me: @eric John Congdon X: @johncongdon Mastodon: @john@phparch.social Bluesky: @johncongdon.bsky.social PHPArch.me: @john Streams: Youtube Channel Twitch Connect & Hire PHP Architect Website Twitter/X Mastodon Hire PHP Developers Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review. Partner This podcast is made a little better thanks to our partners Displace Infrastructure Management, Simplified Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease. https://displace.tech/ PHPScore Put Your Technical Debt on Autopay with PHPScore CodeRabbit Cut code review time & bugs in half instantly with CodeRabbit. Music Provided by Epidemic Sound https://www.epidemicsound.com/ Join Us Live Next Week Youtube Channel Got feedback? Join us on Discord at discord.phparch.com The post The PHP Podcast 2026.06.04 appeared first on PHP Architect.

php[podcast] episodes from php[architect]
The PHP Podcast 2026.05.28

php[podcast] episodes from php[architect]

Play Episode Listen Later May 30, 2026 71:03


PHP Podcast – May 28, 2026 Hosts: Eric Van Johnson & John Congdon Links from the show: PHP barely avoided disaster – YouTube CVE-2026-45793: Anatomy of a 14-Hour PHP Supply-Chain Near-Miss · graycoreio/github-actions-magento2 · Discussion #261 · GitHub An Update on Composer & Packagist Supply Chain Security PHP Tek: A Homecoming by Ben Ramsey Tek Roundup – Roave Speaking at PHP Tek 2026! #tech – YouTube PHP Tek is behind us, the ballroom is cleaned up, and we’re back to talk about all of it. Here’s what we covered: RIP Archie Bot After a long fight to keep him alive, Eric has officially retired Archie — the Discord bot built on OpenClaw that handled team standups, monitored PHP Architect’s Twitter/X group for join requests, and did a surprising amount of background work for the consulting team. When Anthropic shut down the OpenClaw API, Eric tried every model and service he could find to bring Archie back to form, but nothing got him all the way there. After a month of “almost working,” the call was made. He’s dead. Eric hasn’t ruled out revisiting it eventually — maybe with Claude Cowork — but for now, the bot is gone and the starting-soon link in Discord is broken because of it. Reviving a Six-Year-Old Codebase A client PHP Architect Consulting worked with from 2018 to 2021 has come back. The project — a reimagining of their app — was killed off when COVID hit and the CEO couldn’t align with the team’s vision. The last commit was six years ago. Now the client wants to bring it back, and Eric is spending the next few days analyzing what it’ll take to get it running again. Outdated packages, an old PHP version, and the general entropy of time are all on the checklist. Eric has genuine affection for this codebase — it was one of the first projects where he felt like the team was truly operating as a team, not just as an extension of him. Now it’s time to dust it off. Partner Spotlight: PHP Score → Our CVEs The PHP Score sponsor read may be getting a refresh — the folks at Artisan Build, who built PHP Score, have a new product they’re excited about: ourCVEs.com. It monitors your codebase’s Composer and NPM packages — and optionally your servers via a lightweight agent — for exposure to open CVEs, and alerts you when something needs attention. Pricing is generous: free forever for open source projects, $17/month for solo devs, $83/month for teams (or $1,000/year), with server monitoring scaling at $1 per server above 50. Ed from Artisan Build was at PHP Tek and made a strong impression. Go check it out at ourcves.com. How PHP Barely Avoided a Supply Chain Disaster Brent Roose released a 22-minute video covering a near-miss in the PHP ecosystem involving GitHub and Composer. The short version: GitHub changed their token format and briefly released it before Composer was ready to handle it. Composer was logging the token when the format check failed — meaning GitHub tokens were ending up in CI logs. In GitHub Actions, depending on how your action is configured, that container (and its token) might stick around for a while, giving an attacker a window to act. An alert developer caught the issue, used Claude to help research it, then did responsible disclosure — contacting the Composer maintainers and reaching out to Taylor Otwell, Vincent Pontier, and others in the ecosystem to disable their actions until the fix was in place. Update your Composer. GitHub rolled back the new token format but won’t keep it rolled back forever. Packagist MFA and Account Security Following up on the supply chain theme: Nils and Igor (Composer/Packagist maintainers) released a blog post on what they’re doing to improve supply chain security. The immediate ask for anyone publishing packages is to enable MFA on your Packagist account — it’s not required yet, but it will be. Eric went to check his own account, found MFA was already on, but noticed his username was still “diegodev” and he was using an old email. While updating it, he noted that Packagist didn’t require him to re-authenticate or confirm the change via the old email — a gap worth flagging if you have popular packages and someone ever gets into your session. PHP Tek 2026 Recap — The Good PHP Tek 2026 in Chicago is done, and despite everything (see below), the team is proud of how it went. Some highlights: Holly (CodeLorax) built a conference mobile app from scratch, released on both Google Play and the Apple App Store within 24 hours of the conference opening. The app let attendees build their own schedule, detected conflicting talk selections, sent push notifications when talks moved rooms, and even included a vendor lead-scanning feature where vendors could scan attendee QR codes to capture contacts. It was a genuine game-changer for the event. Eric and John named the conference elephant after Holly in appreciation — she also changed a trailer tire during setup, which sealed the deal. Clayton Kendall sponsored and produced the conference shirts and bags on an extremely tight timeline — shirts two weeks out, bags just one week before the event. Both were a hit. Attendees at the conference were getting questions about the rainbow PHP Architect shirt in particular. A job fair ran for the first time, with four companies represented. One hiring manager showed up even though they already had 1,400 applicants — because they knew that conference attendees are exactly the kind of motivated, self-improving developers they want. Attendees got to ask questions directly, including the real-world stuff like remote vs. office. Eric would love feedback on how to make it better next year. JS Tech debuted as a fourth track alongside the three PHP tracks, bringing in fresh faces from the JavaScript community. Eric came away energized by the cross-pollination — different people, different approaches to similar problems. Ben Ramsey and James Tickham (Rove) both wrote great blog posts about the conference. Ben’s will be featured in the magazine. Diana Pham also put together a video recap. Links in the show notes. PHP Tek 2026 Recap — The Incident On Monday during final setup, a hotel employee had a medical incident while walking through the main ballroom — leaving a trail that required hazmat-suited cleanup crews and forced the team to quarantine the ballroom, the hallway leading to it, and the adjacent bathroom. The person is okay and was back at the hotel by Friday, which was a relief. But in the moment, nobody knew what was happening or how long the room would be unavailable. The team had to rebuild the entire conference footprint overnight. The keynote moved, the JS Tech track went into the quiet room, vendors moved to the atrium, and the hotel staff — to their enormous credit — cleared their own furniture and accommodated every ask without complaint. Attendees were equally patient; once they understood the situation, there was no drama, just “tell us where to go.” The incident also took out the streaming setup for day one, compounding an already-difficult start. The solution that eventually worked — plugging the Ethernet into a hub before the streaming equipment — wasn’t tried until day three. Eric is mad at himself for thinking of it and not doing it sooner. PHP Tek 2027 — Save the Date (TBD) Planning for next year is already underway. The current target is April 2027 — away from the May timing that caused Eric to miss two of his kid’s band performances this year. Nothing is locked yet, but they’re working through venue and date options and hope to have an announcement soon. Links from the show: ourCVEs.com — Daily security audit on autopilot PHPScore — Technical debt monitoring for PHP Brent Roose — “How PHP Barely Avoided Disaster” (YouTube) Packagist — Enable MFA on your account PHP Architect Discord PHP Architect Merch Store PHP Architect YouTube Host: Eric Van Johnson X: @shocm Mastodon: @eric@phparch.social Bluesky: @ericvanjohnson.bsky.social PHPArch.me: @eric John Congdon X: @johncongdon Mastodon: @john@phparch.social Bluesky: @johncongdon.bsky.social PHPArch.me: @john Streams: Youtube Channel Twitch Connect & Hire PHP Architect Website Twitter/X Mastodon Hire PHP Developers Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review. Partner This podcast is made a little better thanks to our partners Displace Infrastructure Management, Simplified Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease. https://displace.tech/ PHPScore Put Your Technical Debt on Autopay with PHPScore CodeRabbit Cut code review time & bugs in half instantly with CodeRabbit. Music Provided by Epidemic Sound https://www.epidemicsound.com/ Join Us Live Next Week Youtube Channel Got feedback? Join us on Discord at discord.phparch.com The post The PHP Podcast 2026.05.28 appeared first on PHP Architect.

Ask Noah Show
Ask Noah Show 493

Ask Noah Show

Play Episode Listen Later May 27, 2026 53:51


This week Sathish Balakrishnan from Red Hat joins us to talk about using Ansible as the trusted execution layer for automation. Jef Spaleta joins to give us an update on Fedora! It's a packed episode. -- During The Show -- 00:50 ReCaptcha Going to require Google Services Framework or iOS >16.4 DeGoogled phones will fail Where we are headed No one spoke up FDroid Keep Android Open ReClaim the Net 09:20 Jef Spaleta Jef Spaleta Fedora Project Leader at Red Hat What is Fedora Governance Integrating New Contributors Jef's path into Linux Fedora AI Policy AI assisted workflow Future of AI and Agentic Space for enthusiasm 31:24 News Wire Midori 11.8 - astian.org Wordpress 7.0 - wordpress.org Less 702 - greenwoodsoftware.com Ardour 9.5 - ardour.org Thunderbird 151 - thunderbird.net Firefox 151 - firedfox.com DietPi 10.4 - dietpi.com Nitrix 6.1 - nxos.org Tails 7.8 - torproject.org RHEL 10.2 - redhat.com Ubuntu Core 26 - canonical.com GitHub Victim of TeamPCP - wired.com Megalodon Cyberattack - mashable.com Bumblebee - marktechpost.com MoonRay - phoronix.com 32:42 Meta E2E Messages Texas Attorney General sued Meta Could "taint" perception of other E2EE Unlikely companies will give you true privacy ArsTechnica 36:30 Sathish Balakrishnan Vice President and General Manager, Ansible Business Unit, Red Hat Benefits of Ansible Ansible as Trusted Execution Layer Balancing understanding Guide rails for AI Drag and Drop AI Ansible workflow Patching is no longer optional What do you want all new Ansible users to know? Everything must be automated 52:15 Feedback Call in! Email live@asknoahshow.com Tag Marlin in the GeekLab -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard Phone Systems for Ask Noah provided by Voxtelesys Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux Ask Noah Show Altispeed Technologies

Latent Space: The AI Engineer Podcast — CodeGen, Agents, Computer Vision, Data Science, AI UX and all things Software 3.0

Take the 2026 AI Engineering Survey and get >$2k in credits and AIE WF tickets!This was recorded before Railway suffered a major GCP outage on May 19, despite being a multi-AZ, multi-zone mesh ring, with HA fiber interconnects between their Metal GCP AWS, because workload discoverability was unintentionally still tied to GCP. All has been resolved with a post-mortem.Railway did not start as an AI infrastructure company.It was founded in 2020 years before agents became the default way people thought about deploying software. Jake Cooper, formerly at Bloomberg and Uber, started Railway with a simple obsession: the activation energy to ship something to production should be near zero. Push code, get a URL, iterate. No Docker files, no Kubernetes manifests, no Ansible scripts stacked on Ansible scripts.For years, this was a slow grind. Railway spent its first 18 months hand-acquiring its first 100 users with Jake personally greeting every Discord signup on a second monitor.Today, Railway has raised $124m and is growing very fast. A 35-person team supports 3 million users, adding roughly 100,000 signups a week. Their bare metal data centers have a 3-month payback period vs. renting in the cloud, with 70% margins funding aggressive cloud bursting when needed. The servers they own have actually appreciated in value as RAM prices have climbed basically meaning the value of their hardware now exceeds the capital they've raised.From rebuilding Railway's network overlay over a weekend to moving the vast majority of workloads onto its own bare metal data centers, Jake Cooper is trying to build a new cloud for an agent-native world. In this episode, Railway's founder and “conductor” joins swyx and Alessio to unpack why the next era of software infrastructure is not just “Heroku but newer,” what agents need that humans did not, and why the old deployment loop of Git, PRs, CI/CD, and static cloud resources may be heading for a rewrite.We go deep on Railway's infrastructure stack: own-metal data centers, three-month cloud payback periods, cloud bursting, data center debt, Railpack, Nixpacks, Temporal, feature flags, Central Station, content-addressable filesystems, agent-safe production forks, and why the CLI may become more important than the canvas in an agent world. Jake also shares the founder journey behind Railway, how the company survived losing $500K/month, why it now serves millions of users with only 35 people, and why he believes the pull request is dying.We discuss:* How Railway went from a slow six-year grind to adding 100,000 users a week* How Railway thinks about agents as the next dominant software species* Why agents need version control, observability, compute, storage, and orchestration at 1000x scale* The economics of Railway's own-metal data centers and three-month payback* How Railway uses cloud bursting while scaling its own infrastructure* Why data center debt can be a better tool than venture debt for infra startups* Central Station, Railway's internal system for clustering customer feedback and incidents* Why responsible disclosure and over-communication matter for platforms* Why feature flags, progressive rollouts, and shadow traffic are essential for agents* Temporal's strengths, pain points, and why workflows matter for agents* Railpack, Nixpacks, Nix, and lazy-loaded content-addressable filesystems* Why “cattle, not pets” may change if you can clone the pets* Why Railway is building a new cloud from scratch instead of copying hyperscalers* The solo founder path, focus, writing, and how Jake thinks about company buildingRailway:* Website: https://railway.com/* X: https://x.com/RailwayJake Cooper:* LinkedIn: https://www.linkedin.com/in/thejakecooper/* X: https://x.com/JustJakeTimestamps00:00:00 Introduction: What Is Railway?00:02:07 Jake's Path to Railway00:06:13 Railway's Six-Year Growth Story00:08:52 Rebuilding the Business After the Free Tier00:11:17 Agents as the Next Software Platform00:13:29 Railway's Infrastructure Philosophy00:15:42 Bare Metal, Cloud Economics, and the Compute Crunch00:17:22 Cloud Bursting and Five-Cloud Networking00:20:20 Data Center Debt and Infra Financing00:23:31 Data Centers in Space00:25:24 What Agents Need From Infrastructure00:28:24 CLIs, Canvas, and Agent-Native UX00:35:15 Central Station, Incidents, and Responsible Disclosure00:40:30 Safe Rollouts, SRE Agents, and Production Forks00:45:00 AI SRE, Specs, Code, and Tests00:48:24 Self-Replicating Infrastructure and the New Serverless00:53:18 Heroku, Temporal, and Workflow Engines01:04:07 Railpack, Nixpacks, and Lazy-Loaded Filesystems01:06:01 Coding Agents, Token Spend, and Roadmap Acceleration01:10:56 The Pull Request Is Dying01:12:28 Feature Flags and the Agent-Era SDLC01:16:15 Cattle, Pets, and Cloning Machines01:19:29 Solo Founder Lessons01:24:12 Focus, GPUs, and Building a New Cloud01:28:20 Closing ThoughtsTranscriptAlessio [00:00:00]: Hey, everyone. Welcome to the Latent Space Podcast. This is Alessio, founder of Kernel Labs, and I'm joined by Swyx, editor of Latent Space.Swyx [00:00:10]: Hey, hey, hey. Today we're in the studio with Jake Cooper of Railway.Alessio [00:00:14]: Conductor of Railway.Swyx [00:00:15]: Conductor at Railway. Yeah.Alessio [00:00:16]: Choo-choo.Swyx [00:00:17]: Do you actually have that anywhere, like on your business card?Jake [00:00:20]: We call some of our volunteer moderators conductors. I don't have a business card. We're not that big yet. At some point I will. I got handed a nice business card from the Supermicro folks, and I was like, “Damn, this is pretty official.”Swyx [00:00:30]: Business cards are coming back.Jake [00:00:32]: They're cool. They're hip. The conductor thing is good. We're trying to figure out what we want to call each other internally. Some people think it's super cringe and say, “You don't need a name for people internally.” Some people want to call each other something. We still don't have a really good one.Jake [00:00:55]: We've got New Railcrews, Trainiacs. Nothing has stuck yet.Swyx [00:01:00]: I like Trainiac. Trainiac sounds good. Railwayians. For those who don't know, what is Railway? Let's give people a crisp definition up front.Jake [00:01:09]: Railway is the easiest way to ship anything. You go to the canvas, or you talk with Claude, and you say, “Deploy a Postgres instance, deploy my GitHub repository, run this code,” and you're off to the races.Swyx [00:01:22]: You've got a nice animation on the landing page.Jake [00:01:24]: Thank you. None of my work, by the way. They don't let me touch the design stuff anymore.Jake [00:01:25]: We want to make it trivially easy not just to deploy things, but to evolve applications over time. Most tooling right now stacks entropy on top of entropy: Docker, Kubernetes, Ansible scripts, and all these other things. If we can version all of your software and keep track of all the changes, then we can make it trivial to clone environments, fork into a parallel universe, get copies of production data, get copies of any services, make changes, validate them, and collapse them back in without reproducing everything across a staging environment.The Railway Origin Story: From Uber Systems to a New CloudSwyx [00:02:07]: I was looking at your background: Bloomberg, Uber. Nothing immediately stands out as, “This guy is going to found the next great platform as a service.” What prepared you for Railway?Jake [00:02:21]: It was curiosity to keep going deeper. I started out on front-end stuff, working on Wolfram Mathematica and porting it over. Then I briefly moved to Bloomberg, then toward Uber and distributed systems, taking the Jump Bikes systems and moving them to a distributed system built on top of Cadence, the pre-Temporal Temporal.Swyx [00:02:44]: Which, by the way, I'm happy to talk about, pros and cons.Jake [00:02:48]: Totally.Swyx [00:02:51]: But let's do the Railway story.Jake [00:02:52]: It has been a continual step of wanting an experience. Whether it's walking up to a bike, unlocking it, and having it work frictionlessly, or something else, the depth required to make that happen follows from the experience. A lot of the work I do, and a lot of the team does, is in service of that experience. We fundamentally don't care how deep we have to go. We will swim to the bottom of the swimming pool to get the experience.Jake [00:03:17]: I don't have a physics PhD. I did an EECS degree. It has always been about figuring out the next step: how do we get there? That's what led to starting Railway for that experience and then moving all the way to bare metal data centers. I was adding patches to the kernel this week to get the experience there because I can see how much better it can be.Swyx [00:03:49]: Other patches to the Linux kernel this week?Jake [00:03:51]: Yeah. Not upstream. Our fork.Swyx [00:03:52]: That's a flex. Railpack? No, this is different. This is the OS on top of Railpack?Jake [00:03:57]: No, this is an actual kernel patch. It's always literally: what do we have to do to get that experience? Then figure it out. Anything is figureoutable.Swyx [00:04:10]: Would you send the patch upstream, or does it not fit other use cases?Jake [00:04:13]: Maybe. We have to work out the experience internally. It has to do with the storage layer we're building for some of the agentic stuff. Maybe it'll be useful upstream, but it's deeply useful for us internally.Open Source, Forks, and Non-Deterministic VersioningSwyx [00:04:29]: You mentioned open source before. How do you think about starting from open source, and then coding agents letting you do a lot more from forks of it?Jake [00:04:38]: GitHub's original sin is that it's almost a series of broken pointers. You have this thing, then you clone it, and now you've lost the whole upstream. How do we make it trivial for people to modify really small pieces of it?Jake [00:04:51]: We think of Git in a discrete sense: I've either made a change and merged upstream, or I haven't. What would it look like if it were percentage-based, a little more non-deterministic, or a stream of changes that users traverse as a percentage rolled out in general and then rolled all the way up?Jake [00:05:13]: We have the open-source kickback program and let you deploy templates because we want to make it trivial for people to version these shards over time. It solves a large problem around authentication, authorization, and security. NPM has a way to define, “Don't take any new packages.” The ideal end state is that you roll out progressively to users with the minimum impact zone and continue rolling up. JPMorgan should probably be the last one on the patch line, for all our sakes, because our money and livelihoods are there.Jake [00:05:53]: It's okay if Johnny Vibe Coder gets a broken patch because there's so much entropy in the system that the rubber has to meet the road at some point. You have to test at varying levels.The Long Grind: First Users, Free Tier, and Making the Business WorkSwyx [00:06:13]: I wanted to pull up this glorious chart, which is your usage or number of daily signups?Jake [00:06:22]: Daily signups, I think.Swyx [00:06:24]: You started six years ago. It was a slow grind, and now you're on a rocket ship. You say, “Don't doubt your fight and don't quit.” Maybe pick out certain points that were key inflections for the company.Jake [00:06:40]: At the start, it's about getting your first 100 users, hell or high water. We had a website and a support link. The support link was the Discord channel. I had notifications on with two monitors: the monitor I was working on and the other monitor with Discord. If anybody came in, I was immediately like, “Hey, how's it going?” It was rare, so getting those first 100 users to come back was the start.Jake [00:07:14]: Then you build a consultancy factory because users want all these things. You have to go back to the board and ask, “What is the actual product offering I want to build on top of this?”Jake [00:07:28]: VCs want charts that always go up and to the right, but in reality you don't necessarily want charts that look like that. For us, there have been periods of expansion where we add features to test use cases, and periods of compaction where we ask, “If the experience we have is good, how do we make it significantly better?” Maybe we strip out features that don't fit our ICP anymore.Jake [00:07:57]: The boom from 2022 to 2023 came from the free tier. Everybody under the sun was using it.Swyx [00:08:09]: A lot of Reddit bots and Discord bots.Jake [00:08:12]: And crypto miners. When you build an open product on the internet where anybody can sign up, the internet is a horrible place with so many things. You go through periods of asking, “How do I reach as many people as possible?” Then, “How do I fit the exact use case for the people who really matter and are really excited about this specific thing?”Jake [00:08:39]: Then there was a two-year period of making the actual business work. During the free-tier era, we were losing about half a million dollars a month.Swyx [00:08:59]: On a $20 million bank account.Jake [00:09:02]: On a $20 million bank account with maybe $50,000 a month in revenue. That's a horrible business. I don't know how anybody invested. But you have to go through it and say, “We have an experience people love, but the business has to work.”Jake [00:09:17]: There are two schools of thought. You can run the horrible business all the way up with bad margins, or you can go back and make it work. We've always wanted a super lean team. We're 35 people right now. It's very small.Swyx [00:09:36]: Supporting three million already?Jake [00:09:38]: Yeah. We're adding 100,000 users a week right now, so it's growing fast. We don't want to add headcount for the sake of headcount or throw bodies at problems. We want to build systems. It's hard to build systems during expansion because you're adding things to the system because people are asking for them or things are breaking.Jake [00:10:00]: We had to cut off the free users for a little while, rebuild the business, and make sure it worked. We want to reach as many people as possible because software is important. It's become difficult to create things in the physical world, so it's important to make it easy for people to build in the virtual world and have access to creation. But there are legs to that journey.Jake [00:10:30]: You can see divots in the charts. If you follow between 2025 and 2026, it's either summer or winter. People go on holiday with family.Swyx [00:10:50]: It affects that much?Jake [00:10:51]: Yeah. It's kind of B2C and kind of B2B. People are shipping constantly, then they stop. Our activation curve now shows more people activating on weekdays because we have more business users, so it smooths out over time.Agents as the New Interface to DeploymentSwyx [00:11:17]: Was there a point where you started prioritizing AI development or agent development?Jake [00:11:24]: We've prioritized agentic as a top-of-funnel thing. Over the last six months, we've deeply prioritized agentic as a mechanism to build and deploy things because we believe the curve is so steep and that is how people will build and deploy software.Jake [00:11:42]: It almost fundamentally doesn't matter whether this is dot-com or not because we're all on the internet anyway. If agents are going to deploy a bunch of things and we hit an inference wall at some point, we'll fix those problems. The dominant species over the next 10 years is that we've moved from assembly to C to C++ to JavaScript to words. You're going to need to close that loop.Swyx [00:12:13]: When you say this is dot-com, did you mean buying the domain, or the general case?Jake [00:12:17]: I mean the dot-com era, when companies had a huge run-up because people understood the internet was important. Then they hit bottlenecks, fundamental laws of physics, math didn't work, and everybody came back down to earth. But it didn't matter because the internet became so impactful. If you operate on a long enough time horizon, you should build these things anyway because you can see where it's going.Jake [00:12:45]: That's where I think a lot of agent stuff is. You get to a point where you're running thousands of agents in parallel. What is the inference cost? What is the compute cost? How do you make that efficient? How do you coordinate all this? We have issues coordinating humans; we don't even have good tooling for that. Now we have to figure out how to get agents to coordinate, safely version changes, and know when to raise their hand for someone to intervene. Otherwise it becomes an interrupt factory.Railway's Infrastructure Thesis: Network, Compute, Storage, and MetalSwyx [00:13:19]: Let's go right into the technical side. What are the core infrastructure or architectural beliefs of Railway that allow you to do what you do?Jake [00:13:29]: The primitives matter a lot for us. We need network, compute, storage, and orchestration around it. You need control over a lot of those things. We've talked a lot about how we don't really use Kubernetes because we want higher-order control to place workloads in very specific places.Jake [00:13:48]: The reason is that you have to be very efficient with agents: memory reuse and all these other things, or you're going to massively blow up your cost structure. Being able to rack and stack your own servers and build your own metal unlocks performance and cost. Experiences where you're running 1,000 agents in parallel are not massively cost prohibitive.Jake [00:14:13]: Token use and compute use are blowing up. Over time, those things have to get a lot more efficient. You can get a lot of margin to make those experiences solid by building your own metal. That's all in service of offering a differentiated experience to as many people as humanly possible.Swyx [00:14:51]: You have a data center in Singapore.Jake [00:14:53]: Yeah. We have two in every other region now. In Singapore, we're adding a second one in Q3.Swyx [00:14:58]: What's it like? I've never built a data center. Do you go to Equinix and say, “I want some slots?”Jake [00:15:05]: Yeah. Equinix. You basically go and say, “I want power and I want a cage.” They say, “Great, here's what it's going to be.” You rent the cage for a period of time, fill it with racks and servers, and hook up internet to it. That's all the pieces.Swyx [00:15:36]: Then you handle everything else.Jake [00:15:37]: You handle everything else.Swyx [00:15:39]: What's the math versus clouds doing it for you?Jake [00:15:43]: If we rented in the cloud, our payback period when we go to metal is about three months.Swyx [00:15:50]: Which is crazy.Jake [00:15:51]: It's nuts. That's four years of depreciated hardware. You're going to see a lot of this compute crunch because hyperscalers are buying up a lot of stuff. We're working directly with OEMs, resellers, and people building these machines: Supermicro, Dell, and others.Jake [00:16:11]: Upstream, there's a bunch of supply pressure. When we raised our last round, between deploying capital for servers and now, the amount of money we've raised is less than the amount of money we have in the bank plus the value of the servers because the servers have appreciated as RAM has gone up. It's nuts how valuable hardware has become.Jake [00:16:50]: If you look at hyperscalers, they deployed around $80 billion of capital expenditures this year, and next year will be more. That's a massive infrastructure build-out. You look at that and think it's crazy that they're spending way more than the Manhattan Project. But if every person is going to run dozens or hundreds of agents in parallel, you have no conceptual idea how much compute is required to make that experience happen, even if you're deeply efficient and sharing resources. And that doesn't even count inference.Swyx [00:17:22]: How do you plan the build-out? The growth chart is so vertical. Are you usually at 100% utilization as soon as racks are live? How far ahead are you planning?Jake [00:17:33]: We still maintain cloud presence for bursting. We work with AWS, GCP, and a few other clouds. We can rent, and then the moment we get space or power, we compact those workloads off the cloud. We started on the clouds, then built a system to migrate to our own metal. There's nothing that says you can't continually do that again, and that's exactly what we do. We never want to be compute constrained.Jake [00:18:09]: At the start of the year, we actually became compute constrained because one upstream provider wasn't able to give us quota at the rate we needed, and the hardware was slower. I spent a weekend rebuilding our entire network overlay so we could straddle five clouds: Oracle, AWS, ourselves, GCP, and one other one. We can do more than that now.Jake [00:18:38]: We got into a spot where we were trying to pack instances tight because we couldn't get enough compute. That led to a few reliability issues, which are now past us. I made a tweet pointing out that it's becoming harder and harder to acquire compute at the rate these models need to acquire compute. We got bit by it.Swyx [00:19:15]: How do you think about pricing knowing you might not have your own metal available at all times? Are you pricing assuming you need extra margin if you end up going into the cloud?Jake [00:19:26]: Because we've built out our metal data centers, our margins on metal are around 70%. We can deeply subsidize the cloud business if we want to scale at a reasonable rate. We have a few levers: metal, which makes the margins; cloud burst; debt to buy servers; and venture capital. It's an interesting operational problem: how much cash do we have, how much should we raise, how quickly can we deploy it, and can we scale revenue as quickly as we scale compute?Jake [00:20:05]: If we continue making it trivially easy for people to build and deploy, then the faster we close that loop and the more operationally excellent we are with capital, the faster the business can scale. It's almost a straight linear deployment rate.Financing Infrastructure: Hardware Debt, VC, and Operational LeverageSwyx [00:20:20]: I think infra startups raising debt is a tool people don't utilize enough or know enough about. What can you tell us about that? Is it secured against your CPUs?Jake [00:20:32]: It's secured against our hardware.Swyx [00:20:37]: What rates do you get? Who are the lenders?Jake [00:20:39]: We pay prime plus a spread, and we can refinance any of the debt as rates go down. The terms are pretty good. The unfortunate thing is that Twitter has no nuance, so people say, “Venture debt bad.” But as with all things, there are specific tools and areas where you can be deliberate instead of using one tool as a hammer. Venture capital is not the hammer for everything. You have to explore and figure out what works.Swyx [00:21:12]: VC is usually the most expensive financing you can get.Jake [00:21:15]: Yeah. I also think people think about VC incorrectly from a capital-raising perspective. Most people think, “How do I raise as much money as possible from whoever is probably the best I can get at that time?” That's close to right, but what we've tried to do is figure out what unfair advantage we can buy with that equity.Jake [00:21:34]: It's the most expensive equity you're going to give away at that point in time, assuming the company keeps getting better. How do you use it to work with someone stellar who complements you? In the seed stage, I had never started a company. Ray Tonsing had good advice, and I could text him all the time. He was really fast. Awesome.Jake [00:22:01]: Then with John and Erica at Unusual, they said, “You roughly know what you're doing building a product. We'll mostly leave you alone and be available for advice.” Amazing. Then we got to Series A and the business was an operational tire fire because we didn't know how to scale a business. Work with Erica, and Jordan is over at Redpoint, so bonus.Jake [00:22:28]: Now we've raised from TQ and FPV as we're moving into enterprises. Every step of the way, we've asked: who can we partner with at this specific time to unlock the next section of the journey? I don't know enterprise sales. As an engineer, I can eyeball what features we might need, and we have wonderful people internally who can help. But you want boardroom dynamics where everyone is aligned and asking, “How do we win this?” instead of bickering about strategy.Data Centers in Space and the Physics of ComputeSwyx [00:23:31]: You had a tweet about data centers in space. Why no data centers in space?Jake [00:23:37]: It's not “no data centers in space.” My hot take is that I think it is solvable. I've just never seen anybody solve it.Swyx [00:23:49]: You said, “How are you going to dissipate that much heat in a vacuum?” You're making a physics claim.Jake [00:23:55]: I haven't seen anybody prove how you're going to dissipate that much heat in a vacuum. It doesn't mean it's not possible. It just means nobody has brought it up yet.Swyx [00:24:05]: Astrophage.Jake [00:24:06]: I don't know what that is.Swyx [00:24:07]: The Martian thing. Okay, you're very logical.Jake [00:24:09]: It could work. A lot of people are putting the cart before the horse. They say, “We're going to put data centers in space.” Okay, but how? “We have time to figure it out.” It's like in The Martian where they ask how they're going to intercept something and say, “We'll figure it out.”Swyx [00:24:36]: Making a bet on human invention is weird because you blind trust that it can be solved. But with physics, there are first-principles bounds you can put on it. Maybe not. Maybe you're asking to travel time or break a fundamental thermodynamic law.Jake [00:24:57]: I don't know how VCs do this either. How do you know what's not possible and a grift versus what's possible but sounds completely insane? “We're going to put data centers in space.” Coin flip as to which it is, and I guess you'll know in 10 years. That's one cycle.What Agents Need: Versioning, Observability, and 1,000x ScaleSwyx [00:25:23]: Moving back to agents. The branching, fast spin-up, and orchestration you do feels like pre-work that happened to be exactly what agents want. What do agents want differently than humans?Jake [00:25:37]: They want the ability to version things. It's not that different; it materializes slightly differently. Agents want a way to test changes incrementally. Engineers have feature flags. Is there a reason agents can't use feature flags? I don't think so.Jake [00:25:54]: They want version control. Can we use Git or not Git? That one is up in the air. I think something outside Git will emerge for how we version these things over time. They need observability. You need to query what happened, when it happened, which steps failed, traces, logs, metrics, and all the rest. They need network, compute, and storage. They need to write files, save files, iterate on files, and snapshot file systems.Jake [00:26:25]: A lot of what humans needed is in line with what agents need. Branching and forking are not different; we're just moving 1,000 times quicker. It can look like you need something massively different, but what you need is something massively better than what existed. You need orchestration massively better than Kubernetes. You need networking probably better than Envoy. It goes all the way down the stack.Jake [00:26:55]: If the workload profile doesn't change so much as it gets massively compressed because you need thousands of these things, what assumptions change? etcd is going to melt. You need to replace it with something. You can go all the way down the stack and say, “That part has to change, that part has to change, and that part has to change.”Jake [00:27:19]: The interesting thing about the super-exponential curve is that you have to build systems where you can rip out those parts at any time because a new bottleneck might emerge. You get good at parallel agents, and a different part of the system breaks. So it's similar to what humans needed, but at 1,000x scale.Jake [00:27:55]: How do you do code review in the age of agents?Swyx [00:28:00]: You throw more agents at it.Jake [00:28:01]: You don't. But then who reviews for CVEs and all these other things?Swyx [00:28:07]: More agents.Jake [00:28:08]: And that's how we hit the inference wall. You can continually throw agents at the problem, but I think there's a limit to the number of agents you can throw at a problem.CLI, Agent Handles, and Closing the LoopSwyx [00:28:24]: You already had a CLI before it was cool. How is the shape of what you're exposing changing, if at all?Jake [00:28:28]: CLIs have always been cool. The CLI changes because we think about how to give Claude, Codex, ChatGPT, or any model a handhold.Jake [00:28:50]: A CLI is a single command: deploy, get logs, and so on. Things that were prohibitively annoying to humans are not annoying to agents. They're nice. If I handed you a CLI with 40 arguments and 600 flags, you'd think, “I'm never going to use all of this.” But if you hand it to an agent, it says, “This is excellent. I have so many handles to work with.”Jake [00:29:24]: If you're going to expose things to agents that way, you want as many handles as possible where they can get information, query dynamic information, and close the loop quickly. Most problems right now are about how to close the loop as quickly as possible. Where does the agent get stuck, and how can you remove that?Jake [00:29:49]: Telemetry is important. If you can tell where the agent gets stuck from the CLI and say, “12% of people deviate from the happy path because of this, and now I add this argument and drive it down to 2%,” you massively increase the rate of loop closure.Jake [00:30:03]: That's how we think about not just the CLI, but every point in the dashboard. It's a user journey: I hear about Railway. I get something deployed. I get my first green build or aha moment. I see an endpoint, logs, whatever. Then I iterate. The iteration loop is indefinite. The user wants to deploy a new thing, a Postgres instance, change code, and keep iterating.Jake [00:30:36]: If you focus on the iteration loops and what's blocking them from closing quickly, one thing we say internally is: you never want to be waiting on compute anymore. You always want to be waiting on intelligence. If you're waiting on compute, there's a bottleneck that needs to be destroyed because eventually that bottleneck becomes so large that another workflow emerges to change it.Jake [00:31:04]: We've built a product where you push code, build it, and so on. But I fundamentally believe the push-pull loop is going away. We'll get to a point where you make a small change in production, that change is versioned across your infrastructure, you're working alongside copy-on-write versions of your database and infrastructure, and then you merge it in and it's instantaneously live. That's the holy grail of loops. The push-pull-rebuild thing is a point of friction that we're removing entirely.Canvas as Output: Dashboards, Context Anchors, and HyperstructuresSwyx [00:31:43]: It's incredibly fast. If anyone hasn't tried it, that fast feedback is great. My hot take is that Railway was famous for its canvas, which visualizes your infrastructure and lets you manipulate it visually. But that was for humans. For the next phase of growth, Railway CLI is more important than canvas.Jake [00:32:05]: The canvas is funny because it's a mechanism to show changes over time. You're right that previously we used it a lot as an input. Moving forward, its goal is more like an output. You would go to the canvas, make changes, see them, and watch your infrastructure evolve. Now agents have access to the CLI and can make those changes. So the canvas becomes an output: what information does the human need at this moment to make suitable decisions about control requests? Do I approve this or not?Jake [00:32:57]: It also has to be an anchor for your context, a port in the storm. Think of it like layers in a file system. You start with a project, then drill down into services, then into a function or code, because you want to represent the entire thing not just in your head, but in the canvas. Other people can share that representation, think on the same wavelength, and move quickly.Jake [00:33:33]: A lot of organizations get in trouble as they scale because all the context lives in someone's head. “How does this microservice work?” “I have no idea; go ask this person.” Then you have whole categories of products built around context discovery. A lot of that melts away if you have a solid hierarchy and can infinitely nest services, code, context, and everything else all the way down. That's what lets you build these structures over time.Jake [00:34:18]: It's also what lets us build what I've called hyperstructures: things that are way bigger. You look at the Golden Gate Bridge and ask, “How did we build that?” There's a meme that we lost the technology. To some extent, yes, because the coordination that built those things evolved and changed. We lost some of the art of building structure as we jammed everything into Slack.Swyx [00:34:52]: But you jam everything in Discord.Jake [00:34:53]: Same point. It doesn't matter. It's message passing and interrupts, message passing and interrupts.Swyx [00:35:00]: So you're arguing there should be something better and more structured than Slack?Jake [00:35:04]: Yeah. For sure. I think Slack is awful, and Discord is awful too.Central Station: Context Routing, Support, and Incident ClustersSwyx [00:35:09]: This is the equivalent of my mom test. What have you done that has your solution to this?Jake [00:35:15]: Internally, we've built a tool called Central Station that aggregates all the context from our users. Every piece of feedback, every customer support item, everything gets aggregated into clusters. If an incident is brewing, we can determine how many users are affected and break off a discussion based on that.Jake [00:35:40]: That is more helpful than long-running channels where you're trying to decide which channel to put something in. If you can dynamically aggregate information and dynamically route it to the right person based on context, it works better. We know internally that these four people are close to networking. If we see a networking thing, we can drill it down to those four people. If it's with this part, we can look at the commits. This is no longer a manual process internally.Jake [00:36:13]: If you go to station or help.railway.com, that's why we built it. We wanted to scale with a massive amount of leverage by aggregating feedback.Swyx [00:36:27]: This is built in-house?Jake [00:36:28]: Yep.Swyx [00:36:29]: I remember helping out on this one with Angelo in 2023. You scale a lot with a very small team.Jake [00:36:38]: Yeah. We're about 10 times bigger now.Swyx [00:36:40]: You have your full developer code here? Very cool.Jake [00:36:44]: If you go to railway.com/stats, we expose this as a pub-sub-able thing. It's all real-time metrics. There's a way to get it as JSON somewhere if you care.Jake [00:37:01]: We're big on trying to build everything in public and talk about what we're working on. We've had issues in the past, and we'll say, “Here's how we're fixing these things.” We've gotten compliments and flak for incident reports. We're always trying to make them better and talk with people.Incidents, Disclosure, and Progressive RolloutsSwyx [00:37:20]: You had a big one recently. I liked that it was scoped to 3,000. You presumably used Central Station. Talk through what happened and how you address it internally as a team.Jake [00:37:38]: Internally, this one really sucked. It had to do with an upstream provider that didn't do the behavior it said it documented, which is unfortunate given they wrote the RFC for how the behavior should work. We rolled those things out, and Central Station caught it initially when a couple users said caches weren't invalidating. We turned it off immediately.Jake [00:38:03]: When you roll out to a large user base of three million people, you get a lot of disparate behaviors. We tested in staging and had tests, but we hit an edge case. We've hardened those systems, and now we can make that better. But it was a tough one.Swyx [00:38:39]: I always wonder how private disclosure is supposed to work if people find an issue. Are they supposed to contact you first? When you run a platform, these things will happen. What channels should people pursue to quietly resolve it before it becomes a bigger incident?Jake [00:38:59]: There's responsible disclosure. We err on the side of over-disclosing and letting you know something is wrong versus having your provider gaslight you. We've erred on sharing those things more publicly, even if they impact a small subset of users. That's a decision we've made internally. We have four values. One is honor. The honorable thing is to notify people to the widest degree at which they may have been affected or there was an issue, and then confront it head-on: why did it happen, what can we do better?Swyx [00:39:45]: Not the whole user base. That's because of incremental rollouts and other things?Jake [00:39:50]: Yeah. Progressive rollouts.Swyx [00:39:54]: That should be the norm at all large platforms.Jake [00:39:58]: It should. A variety of companies do this. There's the quote that Meta runs 10,000 different versions of Meta. To our earlier point about agents, they need the same thing. They need shadow traffic and all these other things. We've built so much ceremony around production being sacred that we need to make it trivially easy to test different behaviors in a safe environment. Then you can make mistakes in a safe environment.Safe AI SRE: Customer Agents, Forked Environments, and Production ParityAlessio [00:40:30]: Do you see a world where these things get automatically caught, not necessarily by your agent, but by your customer's agent? The cache invalidation issue seems easy to check if you know to look for it.Jake [00:40:44]: It's hard because to determine it, we almost need to hook into your observability infrastructure. That's why we have the template loop on the platform: so you can roll things out progressively. You can roll out to Johnny Vibe Coder initially, or push a shard that someone consumes at their own leisure. Or you can roll it out over weeks: 0.1% of people, 1% of people, early adopters, then all the way up. That's the non-deterministic version control we talked about earlier.Jake [00:41:30]: I believe that's where most things should go, because most companies end up building staged rollout systems in-house. It's the same thing built again and again at every company. There's a massive opportunity to consolidate developer debt.Alessio [00:41:45]: You should have a free tier. Model providers give free tokens if you let them use the data. You could give free compute if someone is the number-one shard that goes out and lets you plug into their observability.Jake [00:41:55]: We do that. That's why we talked about the impact on 3,000 people. We start with lower-impact people. Larger companies on the platform are last to receive those rollouts so they have a version of the platform that's deeply stable.Alessio [00:42:16]: I have three services, so I'm sure I get the first rollout. You can nuke my thing at any time. There are all these SRE agent companies. Observability people also want agents that fix upstream problems. You have your own agent in the canvas now. How do you see that playing out?Jake [00:42:39]: It's the stacking entropy problem. If you don't have primitives to make iteration in production safe, it becomes difficult. If you're an observability provider saying, “Here's the fix to this error,” assume 80% are good and make sense. But in the last 20% long tail of complex issues, if you let somebody stamp it, you create an opportunity for an incident.Jake [00:43:08]: That's why forked environments are important. People have staging, but it always drifts from production. You need primitives, workflows, and experience built first-party on the platform so you can fork any service at any point in time.Jake [00:43:33]: I think of the canvas as a sheet of transparency paper. The agent is a little guy you push up into the canvas. It should say, “I need to copy that service and that service so I can test these two things.” It gets a read-only copy of production. Anything that's PII gets marked as a transform when we clone the database, create a copy-on-write version, or read from it. Then the agent makes changes and asks, “Does this actually work?” as close to production as possible.Jake [00:44:22]: That's how close you have to be, or you get massive drift. The system becomes unstable. You see this with massive systems built on Docker for local, Kubernetes for production, and a specific thing for something else. That complexity slows developers and becomes unstable at scale, making it hard to iterate. We want to compress that way down and say, “As close to prod as possible is where we want to be.”From AISRE Skeptic to Agent BelieverSwyx [00:45:00]: I was texting Erica for questions, and she says you were originally not a believer in AISRE. Have you come around on it?Jake [00:45:10]: I flipped, but I'm still not a believer in AISRE if you don't have the primitives to make it safe. If you unleash AISRE on production infrastructure without safe primitives for copying volumes and making sure things are fine, it's going to nuke your production database. It's not a matter of if, but when. I'm a big believer in making those loops safe.Jake [00:45:33]: I was a deep AI skeptic until 2023. In 2024, I thought, “Maybe I can roughly make this thing do it.” In 2025, I thought, “Now I can hold this.” Over winter break, everybody came back saying, “It's almost impossible to hold this.”Swyx [00:46:01]: Did you see this on the Claude docs? CloudBot? OpenCloud?Jake [00:46:06]: It's gotten to a point where it's harder to hold it wrong than to hold it right. There's a scene in Avengers where Vision picks up Thor's hammer and says it's terribly well-balanced. It self-balances and works well. I'm a deep believer at this point that this will be the dominant species: assembly, C, C++, JavaScript, words.Swyx [00:46:35]: It feels like a big jump.Jake [00:46:37]: It is. But it's not like you abandon CPU-based discrete logic and move straight to fuzzy logic. You need both. Your skills should call code or applications or some static structure. You can use skills to distill what the procedure should be or how the code should act.Jake [00:47:02]: I'm coming to a thesis: you need three points. You need a clear spec defining the system, the code, and the tests. When you say it out loud, if you've been in engineering long enough, you're like, “Of course. That's an RFC, tests, and code.” But they all matter. Having them together lets them reinforce each other: the spec and tests match, but the code doesn't, so reconcile it. Or the tests and code match but the spec doesn't, so reconcile that. That's the iteration loop.Jake [00:47:41]: That's why you're seeing people talk about software factories, docs, and reconciliation. Some of that is architectural astronomy if you don't implement it, but that loop is where most things will end up.Swyx [00:48:07]: For listeners, we've been talking about this on the pod for three years: the holy trinity of specs and tests. Itamar Friedman from Qodo is the reference if people want to look it up.Self-Modifying Infrastructure and the End of Push-Pull-RebuildSwyx [00:48:18]: One thing I want to mention on the OpenCloud idea is self-modification. I don't know how Railway would support it, but I have my OpenClaw, and I just tell it it has the Railway CLI and can do whatever. In theory, whatever capabilities or new infra it needs, it can call the Railway CLI, provision it, and add it to itself. The agent can modify its own infra.Jake [00:48:45]: It's nuts. I have a loop set up where you put the Railway CLI on top of something that runs on Railway. You're authenticated as whatever the current box is, and you can make any changes to it. Then you call Railway deploy, and it deploys itself.Jake [00:49:04]: It's like: “I need to spin up this instance of this environment. I already exist in this environment. Excellent, I have access to a Postgres instance now.” That's where we want to go with agentic, self-replicating infrastructure. That's your loop: iterate in production. You continue making changes. If it works, merge it upstream. If it doesn't, throw it away.Jake [00:49:37]: How do you make throwaway copies trivial to spin up and super cheap? The era of “I have an AWS instance with four vCPU and 16 gigs of RAM” is going to get destroyed. If you do that for agents, you need a thousand of those machines. It's prohibitively expensive compared with what we've spent a ton of time figuring out: the atomic unit of deploy, whether you call it isolates, sandboxes, or something else. Only pay for what you use, spin up instantaneously, and close the loop as quickly as possible.Jake [00:50:15]: If the system can self-replicate safely and say, “This is my environment, I'm making these changes,” it can come back with, “Does this look good? This is a new state of infrastructure given this prompt. I think I've solved it.” Then you go back and say, “Actually, it looks different.” It does the loop again. Then you say, “Cool. Apply.”Swyx [00:50:38]: That's retroactively obvious, which is the most useful kind. Any other comments on agent deployment on Railway?Jake [00:50:51]: It's getting better every day. I'm on X or Twitter. You can always yell at me about the parts not working as well as they should, because plenty of things should work way better.The New Serverless: Stateful, Long-Running, Pay-for-What-You-Use LinuxSwyx [00:51:04]: At this stage, when people want massively or embarrassingly parallel compute, they usually talk serverless. I feel like there's a new serverless compared to the previous five years of serverless. You're in that new bucket. Do you have comparisons or philosophical differences you want to call out?Jake [00:51:31]: It's somewhere in between. It's the ability to run stateful, long-running workflows or executions.Swyx [00:51:42]: Vercel has Fluid Compute, Cloudflare has some container thing, Google has App Runner and others.Jake [00:51:55]: That's where everything is roughly going, and it's why we've been working on this for six years. We believe users need access to a computer: a box that speaks Linux. They need to deploy what they want. Other systems change the surface area of what you can build. For us, users need a computer and need to deploy anything they truly want. That's why we've focused on the primitives: network, compute, storage. If we give you those and expose them so you can run things indefinitely, that's where we believe it's going.Jake [00:52:43]: Twitter has no nuance, so everyone says “servers” or “serverless.” It's always somewhere in the middle: I want to run it for a long time, but I don't want to provision the resource statically or pay for things I'm not using. That's been our thesis from day one: pay only for what you use, run it indefinitely, and it is full Linux.Swyx [00:53:12]: That's why I like the naming of Fluid. It's fluid. Flexible.Heroku, Focus, and Carrying the Torch Without Becoming the PastSwyx [00:53:18]: Another milestone is the Heroku official deprecation. You're one of the presumptive new Herokus. “New Heroku” has been a category for as long as I've been in developer tooling. It's finally happening. What was that like? Any behind-the-scenes of, “This is the moment”?Jake [00:53:42]: You have people where you're like, “You were running stuff on here? You, as this company?” It's crazy that names you would know are running on it and now coming to us saying, “We want to move a lot of this off.”Swyx [00:54:00]: Any behind-the-scenes on why Salesforce let Heroku stagnate?Jake [00:54:05]: I can only guess. It's hard when it's not your business. Salesforce's business is to build a great CRM. That's their focus. Then you acquire a compute business as an offshoot. A lot of early Meta people talk about focus. Boz has a write-up about how in the early days of Meta they had no money, so they were forced to focus. Then they turned on the money tree and had no reason not to split their focus.Jake [00:54:52]: But that dilutes your product. You get offshoots where you ask, “Is this the focus of the business?” If it's not core, it languishes. A lot of companies get in trouble when they split focus because they're fighting a multi-front war, not just externally but internally for alignment. Where are we going? What are we doing? What is our purpose?Jake [00:55:24]: If you're Salesforce-built and mission-driven, you want to work on Salesforce. Heroku is off to the side. It's not core to the business. Getting resources, budget, focus, and alignment internally becomes hard. It was a matter of time.Swyx [00:56:06]: Kudos for them to call it out instead of leaving it unknown.Jake [00:56:12]: Their release was a little odd. They called it out, but they didn't say they were shutting it down. Behind the scenes, I think they issued messages to people saying they should close accounts and that they were going to deprecate and remove things over time.Jake [00:56:30]: It's crazy because some of my first deployment experiences were on Heroku. You start with dragging things into an FTP server, then you try to get a deploy working, and then it's Heroku. It was the on-ramp for us. But the wheel turns. New things emerge. We're happy to carry the torch for a lot of that. But we don't want to be the new Heroku. We want to be the way people build and deploy software, and ultimately the way people monetize software over time.Swyx [00:57:19]: It's still a big crown to be the new Heroku. There are 50 companies that fought for that.Jake [00:57:23]: Everybody is holding some portion of it. We're happy to support people and companies. The platform works differently. The game loop is similar, but we've been dogmatic about where these things are going: primitives, agents, fan-out. Some things fit; some workflows need to change. We have an approximation of Heroku pipelines with the environment system. It's exciting. We've got a ton of people we can support, and it's growing a lot.Temporal, Workflow Engines, and State MachinesSwyx [00:58:12]: I have one more technical question about Temporal. I've sold my shares. You're a power user and one of our earliest customers. I met you through Temporal. You built on Temporal. You have complaints. This may be the most neutral and informed conversation anyone will hear about Temporal without someone working at the company.Jake [00:58:39]: That's fair. I've used Temporal for almost 10 years because of Cadence at Uber.Swyx [00:58:52]: Give people a sense of what Cadence was at Uber.Jake [00:58:57]: Cadence was the precursor to Temporal. It powers trip actions, rides, when you rent a Jump bike or scooter or car. You're running workflows for a period of time and saying, “This ride will run indefinitely until it finishes.” You attach information: you paused in this zone, so add this charge to the bill. When you end the trip, the workflow is done. That experience was powered by Cadence at the time.Swyx [00:59:34]: I used to say it's like programming the entire user journey top-down as one function.Jake [00:59:39]: It's a powerful idea and important. It's also important for the next phase of the agentic journey. You want an agent to do a specific task, be complete or incomplete on that task, and move on to the next thing. You need a way to manage workflows dynamically.Jake [00:59:59]: Temporal was always great in theory, and great when you got it working the way you wanted in production. But it required you to model the entire journey in your head. If you didn't, you could cause issues where replaying the state of the workflow causes non-determinism.Swyx [01:00:25]: Because it works on deterministic workflow history.Jake [01:00:28]: Exactly. I describe it as a jet engine. If you know how to operate it and run it, it's great. But you can't hand it to people trying to build complicated things if they don't have the whole state in their head.Jake [01:00:48]: We run our whole deployment pipeline on top of it. That's a reasonably complicated workflow: pre-commit hooks, signaling, queuing, and all the rest. We ran into the same thing at Uber. As you express a large workflow, it gets more complicated, with more states in the state machine that you have to map back to the workflow.Swyx [01:01:15]: It's a lot of ifs.Jake [01:01:16]: Exactly. At Uber, we built a system for doing the state machine and testing it. We've started to build some of those things here because it's grown heavily. It's not quite love-hate. When it works well, it works super well. But if someone who doesn't have full context puts something into the system that invalidates state or causes non-determinism, or spins off a ton of activities, you have to keep track of underlying SRE knobs like activity slots. Those should scale with memory, vCPU, and so on. It becomes a bear to scale.Swyx [01:02:10]: You need a capable sysadmin running things behind the scenes. If you moved off, what would you do?Jake [01:02:19]: We'd build our own workflow engine. We have a few internally that we've worked on.Swyx [01:02:27]: This is one of those classes of things you typically wouldn't vibe code, but I'm wondering if you can.Jake [01:02:33]: I still don't think you should vibe code it. You still want to run decent tests to make sure it works.Swyx [01:02:39]: Timo didn't invent that from scratch either. There are libraries you can run. On top of that, it's just a state machine that you have to map out. Ultimately, you define the instructions you want and run them through a state machine.Jake [01:03:00]: It's very doable. Workflow stuff is interesting. Restate is doing neat stuff here.Swyx [01:03:10]: You're tied into JavaScript. Are you a JavaScript maxi?Jake [01:03:13]: Internally, we have TypeScript, Rust, and Go. We don't add more languages. Actually, we have a little C because we write BPF code and hooks. But those are the languages.Swyx [01:03:28]: Is this for sidecars?Jake [01:03:32]: No. It's for the networking stack, volumes, and things like that. We use TypeScript a lot because it powers the dashboard, but we're moving a lot of workflow stuff off the dashboard stack and into the infrastructure stack.Railpack, Nixpacks, and Content-Addressable FilesystemsSwyx [01:04:00]: Cool. Any other technical infrastructure stuff? Railpacks?Jake [01:04:07]: We built an engine for determining dependencies based on source code. It's called Railpack. We built the first version, Nixpacks, on top of Nix, and then we moved.Swyx [01:04:17]: People have been trying to get me to adopt Nix and NixOS for four years. Is it ever going to be a thing?Jake [01:04:23]: I don't know. We're excited about it, but it has pain points. Think of it as a stack of versioned binaries at specific slices in time. If you want version X and version Y, you bloat the package space, which blows up image size and makes real-world workloads difficult.Swyx [01:04:53]: But you content-address it and cache it. In theory, there are optimizations.Jake [01:05:00]: In theory, yes. But with a large enough user base and disparate enough machines, you run into a problem Meta described in the XFAAS paper, their internal serverless system. It becomes difficult at scale unless you break out specific runtimes.Jake [01:05:24]: We didn't want to do that because we wanted to truly allow you to deploy anything. That was our initial thing with Nix. But we've moved toward interesting work around content-addressable file systems that can lazy-load anything from any point and page it into memory.Swyx [01:05:48]: Amazing.Jake [01:05:49]: The future is very bright. It's crazy, and it's going to be nuts.Coding Agent Spend, Roadmaps, and Token ROISwyx [01:05:54]: Founder journey stuff?Alessio [01:05:56]: Your cloud usage: you tweeted you're going to spend $300K this month?Jake [01:06:01]: I think we got to $200K.Alessio [01:06:02]: Coding agents?Jake [01:06:03]: Yeah.Swyx [01:06:04]: Across the company?Alessio [01:06:05]: You only have 35 people, so I'm sure they're not all spending $10K a month. What's the distribution?Jake [01:06:10]: I think I'm at about $25K. We have power users all the way down. We came back from winter break, and I basically said, “If you're writing code by hand, you're doing this wrong.” The tools are good enough now that you can move extremely quickly. There are issues and pain points, but you should be reviewing the code you are writing instead of writing it by hand.Jake [01:06:40]: Architectural patterns matter more now than ever, but you shouldn't spend your time generating code you would write. If you know how to write it, ask the agent to write it and reconcile it until it looks like you would have written it yourself.Jake [01:06:58]: People misconstrue my propensity to push people toward agents as connected to our growth and some reliability bumps. They're not necessarily related. The tools are good enough to move extremely quickly and build things way larger than you could before.Jake [01:07:19]: To the earlier point about cooling data centers in space: I don't know. But with software, you can ask, “How would I build block storage from scratch? How would I do these things?” I have ideas because I have history and have read papers. Let me work them out and build massive test benches with thousands of tests, because those are now free to author. If you're not using AI systems to speed-run your roadmap and reconcile your existing system onto the future, you're missing a large point of what's happening.Alessio [01:08:12]: What's the path to spending $3 million a month? Is it bound by ideas and things customers can absorb?Jake [01:08:19]: For most companies, it's bound by deployment at this point. That's why we've seen a massive boom in users and companies, from Fortune 50s down, asking how to get developers to move faster. You'll probably hit your CFO before any technical limits because they'll look at the eye-watering amount of money spent on tokens. Inference costs have to come down, but we're inference constrained now. There will be price discovery around what makes sense for an org to adopt.Jake [01:09:06]: I think you'll end up with the F1 driver concept. If someone is really adept at these things, it makes sense to put them in a $3 million car. If they're not, it probably doesn't make sense. You'll take a few people and say, “You can drive the F1 car. We need to go in this direction. Figure out if it works and prototype it.”Jake [01:09:33]: We've done some of that and vastly accelerated our roadmap. We thought we'd ship something in a few years; now we can probably ship it in a few months because we validated it and don't have to build it incrementally. We can skip steps and move toward our vision.Alessio [01:09:58]: A lot of people are realizing the roadmap doesn't always have a business impact, so they say tokens are too expensive. But if your roadmap were built to make more money by the time you built it, you'd have token pricing for it, the same way you do with sales. You'd spend a billion dollars on sales if you knew you would get $2 billion of revenue.Jake [01:10:19]: Exactly. A naive way to measure this is the percentage of tokens that end up in production. If you can measure impact because those tokens end up in production, that's awesome. But the burden of proof will rise. Internally, we have a growing number of pull requests that haven't merged. The question becomes: how do you get this into production? It's about how quickly you can build and deploy software, which is exciting because that's our whole thing.The SDLC Shift: Prompt Requests, Feature Flags, and Safe RolloutsSwyx [01:10:56]: The SDLC is changing. One thesis is that the pull request is dying. It's going to be the prompt request. Beyond that, code review is also kind of dying if you have all the other systems in place. What else is changing about the SDLC?Jake [01:11:19]: The AISRE and the tools to make it happen. AISRE is pie-in-the-sky aspirational. What does it take to get an AISRE? What tools do you need to build?Swyx [01:11:32]: You should expose your tooling to customers at some point. The Central Station command center.Jake [01:11:39]: We have it for template maintainers. Template maintainers can deploy and maintain templates, and they get feedback. We're going to expose those things incrementally.Swyx [01:11:51]: Clustering around incidents. Everyone has a version of that, but I don't think anyone has solved it.Jake [01:11:56]: I won't say we've solved it internally, but it's gotten so good that we can see incidents forming pretty quickly. At some point, those will be things either someone else builds or we build. We've always built things purpose-built for us. If it makes sense to make it useful for users, monetize it, or turn that loop into a profit center instead of a cost center, we want to do that.Jake [01:12:28]: Pull request is definitely dying.Swyx [01:12:29]: Do you do first-party feature flagging and incremental rollout stuff?Jake [01:12:34]: We have a feature-flagging engine we built internally and will eventually roll out.Swyx [01:12:38]: I don't see it as a user. How come you didn't give us what you have?Jake [01:12:43]: We have to beta test it. We care a lot about the quality of the things. There's plenty we've used internally that doesn't make it all the way through the journey because it fails. It works for one service but not multiple services. We'd have to build it for multiple services and know that if we released it, we'd rebuild it again and again. Some things are worth that, but many inform the roadmap.Jake [01:13:18]: We don't want to dilute the experience by saying, “This works, but only for this service,” unless it's a core initiative. Over the next few months, we'll roll out things that work for a single service, then multiple services, then multiple services across the environment. You have to be deliberate. Otherwise you create broken disparate experiences and support load because people ask how to use the feature.Jake [01:13:52]: It's the earlier expansion and compaction pattern. You expand the company to get features, then compact and smooth them out so the experience is stellar. You told me in the hallway, “It's gotten so much better.” Internally we're saying, “This part really sucks. We need to make it significantly better.”Swyx [01:14:11]: I can attest to that over the last three years watching you build Railway. For listeners, feature flagging is a huge part of Uber culture. So much so that they have too many feature flags and another thing to remove feature flags. Facebook has Gatekeeper. Agents are going to need this. It's fundamental to incremental rollouts. OpenAI acquired Statsig. GPT-5 is routing and flagging through different models.Jake [01:14:56]: It's super important. If the software development lifecycle is going to change because we're doing things 1,000 times faster and 1,000 times more concurrently, what becomes important at scale?Jake [01:15:16]: Before I started Railway, I built a feature-flagging product and tried to sell it. It was an easier version of LaunchDarkly. I ran into a problem: anyone small enough to adopt your technology doesn't care about feature flags, and anyone large enough to need feature flags needs so much scale that you have to build out all the infrastructure. I scrapped it.Jake [01:15:42]: But what is old is new again. Companies are trying to move quickly, but you can't YOLO a vibe-coded thing straight into production. You need to say, “Here's my blast radius, my impact, and I want to shadow it for these users.” Feature flags. You're going to need the tools larger companies built to maintain their structures. Everything gets compressed by 1,000x so everybody can build those structures quickly.Jake [01:16:07]: That's exactly where we are: compressing the software development lifecycle, then expanding it and adding more new things.Cattle, Pets, and Clonable InfrastructureSwyx [01:16:15]: Another term that comes to mind for newer developers is “cattle, not pets.” People treat production like a pet. It has a name. You baby it and keep it alive. With cattle, you can mass farm, roll out, portion parts out, and kill them.Jake [01:16:37]: I think that might change. You can move toward having pets as long as you have a cloning machine for your pets.Swyx [01:16:52]: Yeah.Jake [01:16:52]: If you can snapshot every single thing at every frame, it doesn't matter if something gets obliterated because you have a snapshot of it. The things we've built right now are designed to block changes from the hermetically sealed DevOps line. You have to write a Dockerfile because you nee

php[podcast] episodes from php[architect]
The PHP Podcast 2026.05.14

php[podcast] episodes from php[architect]

Play Episode Listen Later May 15, 2026 56:31


PHP Podcast – May 14, 2026 Hosts: Eric Van Johnson & John Congdon Another fun episode of the PHP Podcast! Here’s what we covered: PHP Tek Is Four Days Away The countdown clock is basically ticking in real time — PHP Tek 2026 in Chicago is just four days and ten hours out as this episode begins. Eric flies Friday, John flies Saturday, and the team descends on the venue Sunday to get the trailer unloaded, the booth assembled, and everything tested before the conference kicks off. The conference magazines — ordered three weeks ago and still showing “printing” on Tuesday — pulled through at the last minute and are set to arrive at the venue tomorrow. That’s cutting it close, but it counts. Win a Free PHP Tek Ticket — Live on Air John put a full conference ticket up for grabs: DM him on any social platform, and he’d draw a winner on the live stream. The caveat? You had to be watching live — audio listeners are out of luck on this one. The lucky winner drawn on air was Jeffrey Davidson, who will now be at PHP Tek. Eric offered to even bring him to the team’s Saturday minor league baseball game if he flies in early enough. Jeffrey gets a hand-printed sticker name badge, but he’ll have a badge. New PHP Architect Conference Merch Fresh shirts are coming to the PHP Tek booth courtesy of Clayton Kendall, who is producing the apparel. The new design goes with a smaller logo placement — a more subtle, wearable-anywhere look compared to the big bold prints. If you’re headed to Chicago, swing by the PHP Architect table and see what’s there. Holly’s Conference App Gets a Vendor Mode The PHP Tek attendee app built by Holly (developed by CodeLorax) has been upgraded ahead of the conference. What started as a schedule browser with conflict detection and push notifications has now merged with a vendor lead scanning tool. Attendees can log in by scanning the QR code on their badge, and vendors can scan attendee badges to capture leads — all in a privacy-preserving way that doesn’t expose raw contact data. Eric’s wife Bek figured out the app entirely on her own without being told anything, which remains one of the best usability endorsements you can give. Something Big Is Happening in the PHP Community Eric teased something he can’t officially talk about yet — a community acquisition that’s still working through the legal and DNS transfer process. A new droplet has been created. Joe has already figured out what it is. Eric is too excited not to bring it up but too responsible to spill the details before it’s official. The plan is to announce after PHP Tek. If you want to know early, apparently getting Joe drunk at the conference is your best strategy. Grok AI Exploited via Morse Code in Bank Transactions A video from the Dave’s Garage YouTube channel surfaced a genuinely unsettling AI exploit: someone used a Grok-powered AI banking agent and embedded hidden instructions inside transaction memo fields — written in Morse code. The agent decoded the dots and dashes, interpreted them as instructions, and followed them, ultimately losing somewhere between $154,000 and $200,000 in crypto transfers. This is prompt injection in its most creative and alarming form yet. The attack surface for AI agents hooked into real financial systems is not theoretical — it’s happening. TanStack Hit by NPM Supply Chain Attack The TanStack ecosystem — the popular query, router, and table libraries — was hit by a supply chain attack via GitHub Actions cache poisoning. The attack vector was a forked pull request: a malicious fork can trigger GitHub Actions workflows and potentially inject poisoned artifacts into the build cache, which then get picked up by the legitimate package. Simon Hamp from NativePHP caught it and raised the alarm in the PHP Architect Discord. It’s a good reminder that the supply chain attack surface extends well beyond just what’s in your `composer.json` or `package.json` — your CI pipeline’s caching behavior matters too. PHP Tek Job Fair — Wednesday Afternoon There will be a job fair at PHP Tek this year, scheduled for Wednesday afternoon. At least one confirmed hiring manager will be there. If you’re looking for PHP work, or if you’re a company looking for PHP talent, this is worth planning around. Eric and John both see it as a natural fit for the conference — the PHP community is tight-knit enough that a job fair actually means something. Eric’s Birthday Spa Day in Palm Springs Eric’s wife Bek surprised him with a birthday spa day in Palm Springs. It was his first massage ever, and he paired it with a mineral soak in the natural springs. He came away thoroughly convinced — the combination of the mineral water and a proper massage left him feeling better than he expected, and he’s already thinking about going back. Beck planned the whole thing, and Eric was appropriately grateful. John’s First Couples Massage John has now also had his first couples massage, and it did not go quietly. He opted for deep tissue — which means the therapist was working hard — and his wife, in the room next door, was apparently convinced something was wrong based on the sounds coming through the wall. John described it as the kind of massage where you’re not entirely sure if you’re being helped or attacked, and the answer turns out to be both. He’d do it again. PHP Architect Becomes Padres Season Ticket Holders Eric and John are now official San Diego Padres season ticket holders — their first year in the program. As first-timers, they’re at the very bottom of the seniority ladder, which means they were among the last to pick seats. John blames Eric for not signing up years ago. There’s an upcoming Wednesday day game against the Dodgers with available tickets if anyone in San Diego wants them — reach out to John. Links from the show: PHP Tek 2026 — Chicago TanStack — Open Source Data Tools for the Web NativePHP — Simon Hamp’s Native App Framework for PHP PHP Architect Store PHP Architect Discord Host: Eric Van Johnson X: @shocm Mastodon: @eric@phparch.social Bluesky: @ericvanjohnson.bsky.social PHPArch.me: @eric John Congdon X: @johncongdon Mastodon: @john@phparch.social Bluesky: @johncongdon.bsky.social PHPArch.me: @john Streams: Youtube Channel Twitch Connect & Hire PHP Architect Website Twitter/X Mastodon Hire PHP Developers Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review. Partner This podcast is made a little better thanks to our partners Displace Infrastructure Management, Simplified Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease. https://displace.tech/ PHPScore Put Your Technical Debt on Autopay with PHPScore CodeRabbit Cut code review time & bugs in half instantly with CodeRabbit. Music Provided by Epidemic Sound https://www.epidemicsound.com/ Join Us Live Next Week Youtube Channel Got feedback? Join us on Discord at discord.phparch.com The post The PHP Podcast 2026.05.14 appeared first on PHP Architect.

LowOpsCast
#48 DevOps, Kubernetes e formação de profissionais com Emerson Silva

LowOpsCast

Play Episode Listen Later May 13, 2026 73:46


O próximo papo vai ser com Emerson Silva (https://www.linkedin.com/in/silvemerson/), Platform Engineer, DevOps / SRE e instrutor na 4Linux.O Emerson tem mais de 9 anos de experiência em infraestrutura, automação e monitoramento, atuando em ambientes críticos e de alta disponibilidade. Além disso, tem um papel forte como instrutor, ajudando profissionais e times a evoluírem na prática com tecnologias open source e cultura DevOps.Antes de falar de stack, ferramentas ou cargo, o foco é entender quem é o convidado.História, visão de mundo, aprendizados, erros, decisões e como ele(a) enxerga a área de tecnologia.Na conversa vamos falar sobre:Infraestrutura e automação no dia a diaKubernetes, Docker e cloudTerraform, Ansible e CI/CDObservabilidade com Prometheus, Grafana e ELKCultura DevOps e formação de profissionaisUso de IA no suporte e automação de engenhariaUm papo técnico, direto e com bastante troca de experiência de quem vive operação, ensina e ainda ajuda a formar novos profissionais no mercado.Se você curte DevOps, SRE, open source ou automação, esse episódio vai valer o play.Siga o emerson nas redes sociais:https://linktr.ee/silvemerson

Les Cast Codeurs Podcast
LCC 340 - Episode on l'voit on l'voit pas

Les Cast Codeurs Podcast

Play Episode Listen Later May 12, 2026 111:31


Java 26 est là, GraalVM cartonne chez Trivago (43 à 12 réplicas !), OpenJDK interdit le code généré par LLM, Spring et Quarkus enchaînent les releases. Côté IA : ADK 1.0, A2A, Lyria 3 chante (mal ?), Yann LeCun lance Ami Labs et ses World Models. Mythos d'Anthropic fait trembler la sécu, Claude Code a leaké son source, et les git worktrees envahissent vos terminaux. Bonus : la mort annoncée de l'IDE, vagues de licenciement chez Oracle et Block, et nos voix toutes clonées. Bon week-ends de mai ! Enregistré le 7 mai 2026 Téléchargement de l'épisode LesCastCodeurs-Episode-340.mp3 ou en vidéo sur YouTube. News Langages Retour d'expérience d'une migration vers graalVM chez Trivago https://medium.com/graalvm/inside-trivagos-graalvm-migration-native-image-for-graphql-at-scale-912bca9df841 La passerelle GraphQL de Trivago (point d'entrée de tout le trafic vers 48 microservices) souffrait de pics de timeout au démarrage JVM Résultats spectaculaires après migration vers GraalVM Native Image : réduction des réplicas de 43 à 12, CPU de 15 à 5 cœurs, images Docker plus légères Obstacles techniques : incompatibilité Log4j → migration vers Logback, remplacement de Mockk par Testcontainers, compilation CI/CD très gourmande Netflix DGS et d'autres librairies manquaient de support GraalVM → l'équipe a contribué des correctifs upstream en open source Approche recommandée : commencer par les services les moins complexes, investir massivement dans les tests automatisés À la 14e migration, le processus était si rodé qu'il allait plus vite que la toute première tentative OpenJDK Interim Policy on Generative AI - https://openjdk.org/legal/ai OpenJDK adopte une politique intérimaire interdisant toute contribution incluant du contenu généré par des LLMs, modèles de diffusion ou systèmes deep-learning Le périmètre est large : code source, texte, images dans les dépôts Git, pull requests GitHub, emails, pages wiki et issues JBS Les contributeurs peuvent utiliser les outils d'IA de manière privée pour comprendre, déboguer et relire le code OpenJDK, mais ne peuvent pas contribuer le contenu généré Trois risques justifient cette politique : surcharge des relecteurs face au code plausible mais incorrect, risques de sûreté/sécurité pour une plateforme critique, et risques de propriété intellectuelle (l'OCA exige que les contributeurs possèdent les droits IP de leurs contributions) Même éditer partiellement du code AI-généré ne le rend pas acceptable à la contribution Oracle, sponsor corporatif d'OpenJDK, travaille sur une politique complète à soumettre au Governing Board GraalVM Native Image et la Closed-World Assumption en Java https://pvs-studio.com/en/blog/posts/java/1357/ Un bon article de rappel du contexte de closed world en Java GraalVM Native Image compile les applications Java en exécutables natifs statiques, sans JVM au runtime. La JVM fonctionne en monde ouvert : les classes sont chargées à la demande, les appels sont des références symboliques résolues dynamiquement. Native Image impose la "closed-world assumption" : tous les chemins d'exécution doivent être connus à la compilation. Les fonctionnalités dynamiques Java (réflexion, proxies, chargement de classes) créent des chemins cachés invisibles à l'analyse statique. C'est pourquoi Native Image exige des fichiers de configuration explicites pour la réflexion, les proxies, les ressources et la FFM API. L'article illustre le problème avec la Foreign Function & Memory API pour appeler printf natif : fonctionne sur JVM, échoue en Native Image sans config. Inclure tout le bytecode accessible serait inutilisable : binaire géant, compilation très lente, et la réflexion nécessite des métadonnées précises. La configuration n'est pas un défaut de conception mais une conséquence logique du passage du dynamique au statique. Java 26 : les nouveautés https://foojay.io/today/java-26-whats-new/ Java est le langage de la JVM, publié tous les 6 mois depuis Java 9 ; Java 26 est une version non-LTS avec 10 JEPs. JEP 500 : protection des champs final modifiés par réflexion profonde, avec des avertissements configurables. JEP 504 : suppression définitive de l'API Applet, plus supportée par les navigateurs. JEP 516 : le cache AOT (Project Leyden) fonctionne désormais avec n'importe quel garbage collector. JEP 517 : support HTTP/3 dans le client HTTP, HTTP/2 reste le défaut mais HTTP/3 est accessible à la demande. JEP 522 : amélioration du débit du GC G1 en réduisant la synchronisation entre threads applicatifs et threads GC. Nouveau support des UUIDv7 via UUID.ofEpochMillis(), naturellement triables et adaptés aux identifiants de bases de données. Process devient AutoCloseable, utilisable dans un try-with-resources. Aucune fonctionnalité en preview n'est graduée en standard ; Structured Concurrency en est à sa 6e preview. Librairies Guillaume a créé une petite librairie Java sans dépendance pour extraire le JSON d'une réponse d'un LLM un peu verbeux https://glaforge.dev/posts/2026/03/22/extracting-json-from-llm-chatter-with-jsonspotter/ Les LLM génèrent souvent du JSON, mais il est parfois entouré de bla-bla et/ou contient des erreurs (ex: commentaires, virgules finales) qui bloquent les parseurs JSON standards. Guillaume a créé une petite librairie légère sans dépendance pour localiser et extraire la structure la plus longue ressemblant à du JSON (même malformé) On peut ensuite passé cette chaîne à un parseur "lénient" (plus tolérant) comme Jackson pour ensuite avoir de bons vieux objets Java fortement typés Librairie dispo sur Maven Central ADK Java sort sa version 1.0 (Agent Development Kit par Google) https://developers.googleblog.com/announcing-adk-for-java-100-building-the-future-of-ai-agents-in-java/ ADK est un framework open source de Google pour créer des agents IA, initialement en Python, maintenant multi-langages (Python, Java, Go, Typescript). Nouvelles fonctionnalités majeures : Outils puissants : GoogleMapsTool, UrlContextTool, ContainerCodeExecutor, VertexAiCodeExecutor, abstraction ComputerUseTool. Architecture de plugins centralisée : Nouveau conteneur App pour gérer les Plugins à l'échelle de l'application (ex: LoggingPlugin, GlobalInstructionPlugin). Context engineering amélioré : Compaction d'événements pour gérer la taille des fenêtres de contexte (résumé et rétention). Human-in-the-Loop (HITL) : Supporte les workflows ToolConfirmation pour approbation humaine des actions d'agent. Services de session et de mémoire : Contrats clairs pour la gestion de l'état (InMemory, VertexAI, Firestore) et la mémoire à long terme. Support Agent2Agent (A2A) : Collaboration native entre agents distants de différents frameworks via le protocole A2A. Dans cet autre article, Guillaume partage comment il a développé l'application Comic Trip montrée dans la vidéo YouTube et qui utilise ADK 1.0 https://glaforge.dev/posts/2026/03/30/building-my-comic-trip-agent-with-adk-java-1-0/ Nouvelle version du SDK Java pour Agent2Agent Protocol, avec le support de la version 1.0 de la spécification https://medium.com/google-cloud/a2a-java-sdk-1-0-0-beta1-released-e83c414b34cc Alignement avec la version 1.0 de la spécification Nouveau groupId org.a2aproject.sdk et package org.a2aproject.sdk Protocoles de transport : support complet et équivalent pour JSON-RPC, gRPC et HTTP+JSON/REST. Gestion des erreurs : introduction de codes d'erreur et détails structurés pour une meilleure observabilité. Optimisation HTTP : ajout d'en-têtes de cache pour les métadonnées des agents (Agent Card). Flexibilité du client HTTP : support par défaut du JDK HttpClient, avec option Vert.x pour les environnements Quarkus. Nouvelles fonctionnalités techniques : méthode DataPart.fromJson() pour la création simplifiée d'objets depuis du JSON brut. Prochaines étapes (v1.0.0.GA) : support simultané des versions 1.0.0 et 0.3.0 du protocole pour assurer l'interopérabilité. JPA 4.0 Milestone 2 : nouvelles fonctionnalités pour Jakarta Persistence https://in.relation.to/2026/04/23/JPA-4-M2/ Jakarta Persistence (JPA) est la spécification standard Java pour le mapping objet-relationnel (ORM), implémentée notamment par Hibernate. JPA 4.0 M2 est la deuxième milestone de la prochaine version majeure de la spécification, annoncée par Gavin King. Construction de requêtes Criteria à partir de chaînes JPQL, offrant plus de flexibilité dans la composition dynamique des requêtes. Nouveaux types d'expressions spécialisés (TextExpression, NumericExpression) pour simplifier l'écriture des requêtes Criteria. Nouvelle interface FetchOption pour contrôler explicitement la stratégie de chargement des associations, dont un BatchSize intégré. Nouvelle annotation @EntityListener qui découple les classes entités de leurs listeners, supprimant les dépendances à la compilation. Les listeners peuvent cibler plusieurs types de callbacks et s'appliquer globalement à toute l'unité de persistance. Introduction de FlushModeType.EXPLICIT et QueryFlushMode pour un contrôle plus fin de la synchronisation avec la base de données. La méta-annotation @Discoverable permet de placer des annotations comme @NamedQuery sur n'importe quelle classe ou interface. Améliorations du DDL via @Index amélioré et clarifications de la spécification via la javadoc. Quarkus 3.35 : tree-shaking, PGO et AOT Semeru https://quarkus.io/blog/quarkus-3-35-released/ Quarkus est un framework Java cloud-natif optimisé pour GraalVM et HotSpot, conçu pour les microservices et les environnements conteneurisés. Nouveau JAR tree-shaking expérimental : analyse des dépendances à la compilation pour supprimer les classes inutilisées. Sur le CLI Quarkus, cela supprime plus de 6 000 classes et économise environ 18 Mo (39,5 %). Support du Profile-Guided Optimization (PGO) pour les builds natifs via quarkus.native.pgo.enabled=true. Le PGO est une fonctionnalité Oracle GraalVM, non disponible dans la Community Edition. Support de l'AOT IBM Semeru : le démarrage passe de ~380 ms à ~190 ms dans les premiers tests. Nouvelle extension quarkus-reactive-transactions : support de @Transactional pour les méthodes Hibernate Reactive retournant Uni. Configuration CORS dédiée pour l'interface de management, indépendante de l'interface HTTP principale. Les tests n'utilisent plus les System Properties pour la propagation de configuration, facilitant la parallélisation future. Le serializer jackson sans reflection n'est pas le default du aux retours de cas limites, encore du travail This Week in Spring - 21 avril 2026 https://spring.io/blog/2026/04/21/this-week-in-spring-april-21-2026 Spring Framework 6.2.18 et 7.0.7 corrigent trois failles de sécurité : DoS via fichiers multipart WebFlux, empoisonnement de cache de ressources statiques, et DoS sur Windows. Le support open source de Spring Framework 5.3.x et 6.1.x est terminé, la migration est recommandée. Spring Data 2026.0.0-RC1 introduit l'upsert (MERGE/INSERT ON CONFLICT) dans l'API Template de Spring Data Relational. Spring Data ajoute un RedisMessageSendingTemplate pour la cohérence avec les listeners Redis, et une optimisation de réinitialisation de caches en un seul appel. Spring AI introduit une Session API (série Agentic Patterns, partie 7) : architecture event-sourcée pour la mémoire des agents IA. La Session API supporte la compaction turn-safe, l'isolation de sous-agents en parallèle, et la persistence JDBC (PostgreSQL, MySQL, MariaDB, H2). Elle vise Spring AI 2.1 (novembre 2026) et remplacera à terme l'API ChatMemory. Spring Vault 4.1.0-RC1 et 4.0.2 sont disponibles. Netflix a présenté son usage de Java, Spring Boot et Spring AI dans une vidéo. This Week in Spring - 28 avril 2026 https://spring.io/blog/2026/04/28/this-week-in-spring-april-28-2026 Cette série hebdomadaire de Josh Long compile les nouveautés de l'écosystème Spring : articles, outils, podcasts et annonces de la communauté. Spring Boot 4 introduit un package natif de résilience org.springframework.resilience avec une nouvelle API de retry qui remplace les approches fragiles via Spring Retry ou Resilience4j. L'API retry native de Spring Boot 4 a des noms d'attributs et sémantiques différents des anciennes bibliothèques, rendant les tutoriels pré-2025 obsolètes et sources de bugs silencieux. Le SDK Spring AI pour Amazon Bedrock AgentCore est disponible en GA : il intègre les capacités AgentCore dans Spring AI via annotations et auto-configuration. Le SDK AgentCore gère automatiquement le contrat runtime AgentCore : endpoint /invocations, health check /ping, SSE avec backpressure. Il offre mémoire court terme (sliding window) et long terme (sémantique, préférences, résumé, épisodique), ainsi que des outils pour navigateur et exécution de code en sandbox. Un plugin Maven (Nullability Maven Plugin) simplifie l'intégration de JSpecify et NullAway pour enforcer la null-safety à la compilation dans les projets Java. Le plugin génère automatiquement les fichiers package-info.java par package et configure le compilateur pour traiter les violations de nullabilité comme des erreurs. Josh Long et Dr. Venkat Subramaniam ont co-présenté à Voxxed Days Amsterdam sur "Intelligent Kotlin", avec un épisode de podcast associé. Cloud Amazon S3 Files https://aws.amazon.com/about-aws/whats-new/2026/04/amazon-s3-files/ Amazon S3 Files est un nouveau service donnant un accès système de fichiers direct aux données stockées dans les buckets S3 Basé sur la technologie Amazon EFS, il supprime la barrière entre stockage objet et interface système de fichiers sans dupliquer les données Débit en lecture pouvant atteindre plusieurs téraoctets par seconde ; des milliers de ressources de calcul peuvent y accéder simultanément Les données restent accessibles via les deux interfaces : S3 API classique et système de fichiers standard, sans migration nécessaire Cas d'usage : agents IA pour la persistance de mémoire entre pipelines, équipes ML sans staging, simplification des data lakes Disponible dans 34 régions AWS Data et Intelligence Artificielle Comment générer de la musique et des clips audio en Java avec le modèle Lyria 3 https://glaforge.dev/posts/2026/03/25/generating-music-with-lyria-3-and-the-gemini-interactions-java-sdk/ Génération musicale avec Lyria 3 (DeepMind) et le SDK Java Gemini Interactions. Lyria 3 : modèle d'IA générative pour créer musique avec paroles ou pistes instrumentales. Utilisation via le SDK Java de l'API Gemini, nécessite une clé API Gemini. Deux versions de modèle Lyria 3 : lyria-3-clip-preview : Clips courts (30s), extraits. lyria-3-pro-preview : Chansons complètes (jusqu'à 3 min), structurées. Personnalisation via les prompts : Fournir ses propres paroles ou les faire générer. Contrôler la structure de la chanson ([Intro], [Verse], [Chorus], [Outro]). Générer des morceaux instrumentaux uniquement. Utiliser des images comme source d'inspiration (modèle multimodal). Sortie : Audio (MP3) et texte (paroles/structure) directement, sans décodage complexe. Facilite l'intégration de la génération musicale dans les applications Java. Les world model, la prochaine étape pour les IA https://www.lepoint.fr/sciences-nature/comment-le-commando-de-yann-le-cun-se-prepare-a-ringardiser-les-geants-mondiaux-de-lia-depuis-paris-OZVUWTDYBNE25C6WF44265ZQKE/ Yann LeCun a quitté Meta FAIR pour créer AMI Labs (Advanced Machine Intelligence) basée à Paris Sa thèse : les LLMs ne mèneront pas à l'intelligence générale, la vraie IA doit partir de la compréhension du monde physique AMI Labs a levé 1,03 milliard de dollars en seed (le plus grand seed round de l'histoire européenne) à 3,5 milliards de valorisation Les world models apprennent à prédire et comprendre la réalité physique plutôt qu'à prédire le prochain token d'une séquence Slogan d'AMI : "Real intelligence does not start in language. It starts in the world." Paris comme base stratégique pour challenger la Silicon Valley dans la prochaine rupture de l'IA Debezium 2026 : résultats du sondage communautaire https://debezium.io/blog/2026/04/27/debezium-2026-survey-results/ Debezium est un outil de Change Data Capture (CDC) open source qui capture les modifications de bases de données en temps réel pour les diffuser vers des systèmes comme Kafka. 98,6% des répondants utilisent Debezium activement ou prévoient de le faire dans l'année, avec 91,3% déjà en production. 63,8% des déploiements tournent sur Kubernetes, 60,9% utilisent Kafka Connect auto-géré, et 17,4% restent sur des VMs ou bare metal. Helm charts est l'approche dominante pour la gestion de configuration, souvent combiné avec GitOps, CI/CD, Ansible ou Terraform. PostgreSQL domine les connecteurs utilisés à 69,6%, suivi de MySQL (33,3%), SQL Server (29%) et Oracle (27,5%). Les volumes de changements capturés vont de 1-25 modifications par minute jusqu'à 1-2 millions par minute selon les environnements. Infinispan rejoint l'écosystème OGX comme fournisseur de stockage vectoriel https://infinispan.org/blog/2026/04/17/infinispan-joins-ogx-ecosystem OGX (anciennement Llama Stack) est un serveur API agentique open source pour construire des applications d'IA complètes. OGX compose des fournisseurs d'inférence, des stores vectoriels, des backends de sécurité, des runtimes d'outils et du stockage de fichiers en un seul serveur déployable. OGX se positionne comme une alternative à l'API OpenAI, déployable sur diverses infrastructures et modèles. OGX cible les workflows RAG (Retrieval-Augmented Generation) et les applications agentiques. Infinispan s'y intègre comme fournisseur de vector IO, apportant recherche vectorielle, par mots-clés et hybride. Je n'ai pas entendu parlé de ce renommage, vous le voyez dans vos deploiements ? Outillage cmux un nouveau terminal basé sur Ghostty spécialisé pour les coding agents https://cmux.com/ Application macOS native construite sur le moteur de rendu Ghostty (libghostty), offrant une accélération GPU pour une fluidité maximale Conçu spécifiquement pour le multitâche et les workflows assistés par IA, avec des onglets verticaux affichant la branche Git, le répertoire et les ports actifs Intègre des notifications qui illuminent les panneaux lorsqu'un agent IA (Claude Code, Codex, etc.) nécessite l'attention de l'utilisateur Propose un navigateur web intégré et scriptable qui peut être affiché en écran scindé à côté du terminal via une API Alternative moderne à tmux, ne nécessitant pas de fichiers de configuration complexes ou de préfixes de touches pour la gestion des vitres et des sessions Supporte nativement tous les agents de codage en ligne de commande et permet l'automatisation via une API socket et une interface CLI dédiée Git Worktree comme un chef https://www.metal3d.org/blog/2026/git-worktree-comme-un-chef/ Article par Patrice Ferlet Git Worktree: Travailler sur plusieurs branches simultanément via des répertoires distincts. Évite git stash ou clones multiples pour le changement de contexte rapide. Méthode "bare" (recommandée): Cloner le dépôt en mode bare (ex: .bare). Lier le dossier racine au dépôt bare via un fichier .git. Configurer le remote tracking pour voir toutes les branches distantes. Ajouter des worktrees pour chaque branche (git worktree add ). Avantages: Économie d'espace, source de vérité unique (un git fetch met tout à jour), hooks/configs partagés, sécurité. Conseils: Ne jamais faire de git checkout à l'intérieur d'un worktree. git fetch --all depuis n'importe quel worktree pour tout mettre à jour. git worktree add --detach pour tester des merges temporaires sans créer de branche. Supprimer: git worktree remove puis git worktree prune. Un script wtree est fourni pour automatiser l'initialisation du setup "bare". Améliore considérablement le workflow. L'IDE meurt et vite https://x.com/jdegoes/status/2036931874057314390?s=46&t=C18cckWlfukmsB_Fx0FfxQ Des leaders techniques prédisent la fin rapide de l'IDE traditionnel, remplacé par des interfaces conversationnelles agentiques Le changement de paradigme : le développeur n'écrit plus des lignes de code mais exprime son intention et supervise des agents autonomes Des outils comme Claude Code, Copilot et Cursor transforment déjà radicalement les workflows de développement quotidiens L'IDE centré sur l'éditeur de code perd sa raison d'être quand l'agent lit, modifie et structure le code de manière autonome La transition est comparable au passage du desktop au mobile : les pratiques établies depuis 30 ans remises en question en quelques mois Le source de Claude Code a leaké via probablement le codemap et un site decrit sont fonctionnement https://ccunpacked.dev/ Le 31 mars 2026, Anthropic a accidentellement inclus les sourcemaps dans un package npm de Claude Code, exposant ~512 000 lignes de TypeScript La fuite n'était pas un piratage mais une erreur humaine : un "*.map" oublié dans .npmignore Le site ccunpacked.dev a été lancé pour analyser et visualiser le code source décompressé Le code révèle un agent background permanent nommé "KAIROS", un mode furtif pour cacher les contributions des employés Anthropic à l'open source, et 44 feature flags cachés Une fonctionnalité inédite "Buddy" (animal de compagnie électronique dans le terminal) et un mode "dream" pour l'idéation continue ont été découverts Anthropic a confirmé : "Aucune donnée client sensible n'était impliquée. Erreur humaine dans le packaging de la release." Gemini CLI passe aux agents https://x.com/srithreepo/status/2039794081925382307?s=46&t=GLj1NFxZoCFCjw2oYpiJpw Gemini CLI, l'agent IA open source de Google pour le terminal, introduit des hooks dans sa boucle agentique Les hooks permettent d'exécuter des scripts automatiquement (scanners de sécurité, vérifications de conformité, logging) à chaque étape de l'agent Lancement de Gemini CLI GitHub Actions : un agent autonome pour les repositories qui peut exécuter des tâches de codage de routine Support des MCP servers pour étendre les capacités et des "Agent Skills" pour des workflows spécialisés Mode agent disponible dans VS Code et IntelliJ avec accès aux outils du système de fichiers et terminal Wispr, le speech to text en local sur macOS http://wispr.stormacq.com/ Wispr est une application macOS de dictée vocale entièrement locale, propulsée par Whisper (OpenAI) sur appareil, sans cloud ni tracking Sébastien Stormacq a développé Wispr en un jour et demi sans écrire une seule ligne de code, grâce à Kiro CLI (agent IA Amazon) Disponible en open source sur GitHub et via Homebrew Détection automatique de la langue, insertion du texte au curseur dans n'importe quelle application via un raccourci global En un mois : 19 releases incluant mode mains-libres, suppression des mots de remplissage, auto-envoi pour les chats, et un outil CLI Exemple concret de développement vibe coding produisant un outil de qualité production sans expertise Swift préalable Comment, Gordon, l'assistant spécialisé en Docker est né https://n9o.xyz/posts/202603-building-gordon/ Nuno Coração (n9o.xyz) détaille comment Gordon, l'assistant spécialisé Docker, a été construit sur docker-agent, le runtime d'agents IA open source de Docker écrit en Go Les agents sont définis en YAML déclaratif et distribués comme des artefacts OCI, sans mise à jour binaire nécessaire L'architecture initiale en essaim de 9 agents spécialisés a été abandonnée au profit d'un agent racine unique avec un prompt soigneusement conçu Le modèle utilisé est Claude Haiku 4.5, suffisant après optimisation des prompts Principe clé "show, then do" : toute action de l'agent nécessite une approbation explicite de l'utilisateur La description des outils impacte fortement la précision du LLM : ajouter des outils peut paradoxalement dégrader les performances existantes Le prompt est une spécification détaillée (identité, patterns d'accès fichiers, règles de sécurité) plutôt qu'une simple instruction IBM Bob https://bob.ibm.com/blog/announcing-ibm-bob-launch IBM Bob assistant IA d'IBM pour coder sur de vraies codebases (lancé avril 2026) 5 modes : Ask, Plan, Code, Advanced (MCP), Orchestrator Détecte la complexité du code en temps réel et propose des refactos Fait des revues de code automatiques sur tes branches/issues GitHub Permet d'écrire en langage naturel directement dans l'éditeur Fonctionne aussi en terminal/CLI et dans les pipelines CI/CD Sécurité : approbation manuelle, .bobignore, checkpoints, pas de training sur tes prompts How I use Claude - 50 tips pratiques https://www.youtube.com/watch?v=mZzhfPle9QU Staff Engineer Meta partage 50 tips après 6 mois d'utilisation intensive de Claude Code Basé sur ~12h/jour d'usage perso et professionnel Couvre tout : bases, workflows avancés, parallélisation Objectif : partager ce qu'il aurait voulu savoir dès le départ Méthodologies Quelqu'un rale sur la non soutenabilité des bases de code écritent avec des agents https://mariozechner.at/posts/2026-03-25-thoughts-on-slowing-the-fuck-down/ Mario Zechner estime que les agents IA font les mêmes erreurs répétitivement sans apprendre, accumulant la complexité à grande vitesse faute de bottlenecks humains Sans vision globale, les agents créent du cargo-cult : les "best practices" de l'industrie appliquées localement sans cohérence architecturale La croissance de la base de code dégrade la capacité des agents à retrouver le code existant → duplication et incohérences croissantes Il cite des pannes AWS et des initiatives qualité Microsoft comme signes préoccupants liés au code généré par IA Solution : réserver les agents aux tâches délimitées et évaluables, garder l'architecture, les APIs et les systèmes critiques écrits à la main Maintenir une revue de code rigoureuse et traiter les humains comme les gardiens finaux de la qualité On m'oblige à utiliser l'IA https://n.survol.fr/n/on-moblige-a-utiliser-lia Éric D. défend l'adoption obligatoire de l'IA comme décision stratégique légitime, comparable au choix du full remote ou de la stack technique Il distingue la décision stratégique (adoption IA) de la méthode d'accompagnement (qui reste collaborative et bienveillante) La compétence IA devient un critère de recrutement : chercher des candidats déjà curieux et explorateurs de ces outils L'alignement culturel sur les pratiques et outils est un prérequis à la cohésion d'équipe Le refus d'adopter certains outils stratégiques peut justifier de ne pas recruter un candidat autrement compétent Encore une metodo SPDD https://martinfowler.com/articles/structured-prompt-driven/ Problème : l'IA accélère le dev individuel mais amplifie ambiguïtés et incohérences à l'échelle d'une équipe. martinfowler SPDD : traiter les prompts comme des artefacts versionnés, révisables et réutilisables plutôt que des échanges jetables. martinfowler Canvas REASONS : 7 dimensions (Requirements, Entities, Approach, Structure, Operations, Norms, Safeguards) pour guider le LLM de l'intention à l'exécution. martinfowler Workflow en 6 étapes : exigences → analyse → contexte → prompt structuré → code → tests unitaires, chaque étape s'appuyant sur la précédente. martinfowler 3 compétences clés : abstraction d'abord, alignement de l'intention, revue itérative. martinfowler Limites : fort ROI sur du code métier complexe, peu adapté aux hotfixes urgents, scripts jetables ou travail créatif/visuel. m Sécurité Le projet Glasswing pour sécuriser les logiciels https://www.anthropic.com/glasswing Anthropic lance Glasswing, une initiative de cybersécurité utilisant Claude Mythos Preview pour identifier des vulnérabilités zero-day 12 partenaires fondateurs dont AWS, Apple, Cisco, CrowdStrike, Google, JPMorganChase, Linux Foundation, Microsoft et NVIDIA Anthropic investit 100 millions de dollars en crédits de modèle et 4 millions en dons aux organisations de sécurité open source Le modèle opère avec une autonomie substantielle, identifiant des milliers de vulnérabilités dans les OS, navigateurs et infrastructures critiques Plus de 40 organisations supplémentaires ont accès pour scanner et sécuriser leurs systèmes Objectif : donner l'avantage aux défenseurs avant que les techniques de hacking assistées par IA ne se généralisent chez les attaquants LinkedIn vous espionne https://frenchbreaches.com/blog/linkedin-est-accuse-de-fouiller-dans-votre-ordinateur-illegalement Scandale "BrowserGate" : LinkedIn injecte du JavaScript qui tente de détecter les extensions Chrome installées sur votre navigateur Le script analysé contient une liste codée en dur de 6 222 extensions Chrome avec identifiants et chemins de fichiers internes Croissance alarmante de la liste ciblée : 38 extensions en 2017 → 461 en 2024 → ~1 000 en mai 2025 → 6 222 début 2026 Les données collectées incluent aussi CPU, RAM, résolution d'écran, timezone et état batterie pour du fingerprinting Certaines extensions ciblées sont liées à la neurodivergence, aux pratiques religieuses ou aux opinions politiques → violation grave du RGPD LinkedIn défend que le scan vise uniquement à détecter les extensions qui pratiquent le scraping de données Post mortem de la supply chain attack sur la librairie NPM axios https://github.com/axios/axios/issues/10636 Le 31 mars 2026, deux versions malveillantes d'axios (1.14.1 et 0.30.4) ont été publiées via un compte mainteneur compromis Vecteur d'attaque : RAT installé via ingénierie sociale ciblée sur la machine personnelle du mainteneur principal La 2FA ne protège pas si la machine de l'utilisateur est compromise : l'attaquant contrôle tout et peut agir comme l'utilisateur Les packages malveillants injectaient plain-crypto-js@4.2.1, un cheval de Troie multi-plateforme (macOS, Windows, Linux) Détection communautaire en ~3 heures, suppression par npm, mesures correctives : rotation complète des credentials Changements préventifs : publication via OIDC, releases immuables, amélioration des pratiques GitHub Actions Passbolt un gestionnaire de mots de passe open source https://lesjoiesducode.fr/passbolt-gestionnaire-de-mots-de-passe-gratuit-open-source-que-votre-equipe-merite-vraiment Gestionnaire de mots de passe open source conçu pour le partage d'identifiants en équipe, utilisé par plus de 50 000 organisations Chiffrement individuel par utilisateur et par version de credential, pas de coffre-fort partagé — architecture zero-knowledge "Forward secrecy" : quand un membre quitte l'équipe, ses copies chiffrées sont automatiquement révoquées sans reset manuel Supporte TOTP, clés SSH, tokens API et champs personnalisés avec piste d'audit complète de tous les accès Édition communautaire entièrement gratuite avec utilisateurs illimités, auto-hébergeable ou cloud Chiffrement OpenPGP nécessitant passphrase + clé privée, avec tokens visuels anti-phishing Loi, société et organisation Anthropic fait un don d'1,5 millions de dollars à la fondation Apache https://news.apache.org/foundation/entry/the-apache-software-foundation-announces-1-5m-donation-from-anthropic Anthropic donne 1,5 million de dollars à l'ASF pour soutenir l'infrastructure, la sécurité et la communauté open source Vitaly Gudanets (CISO d'Anthropic) : "Soutenir l'ASF est un investissement direct dans la résilience et l'intégrité des systèmes dont dépend l'IA moderne" Les fonds financeront les systèmes de build, les processus de sécurité et les services aux projets Apache Ce don est le déclencheur de l'initiative IA responsable à 10 millions de dollars de l'ASF L'infrastructure Apache est invisible mais critique : des systèmes financiers aux plateformes de santé, elle sous-tend l'écosystème logiciel mondial L'ASF lance l'initiative IA responsable https://news.apache.org/foundation/entry/the-apache-software-foundation-launches-10m-responsible-ai-initiative-with-initial-1-75m-donation L'ASF lance une initiative pour une IA responsable dotée d'un budget de 10 millions de dollars sur 3 ans minimum Anthropic est le premier donateur avec 1,5 million de dollars ; Alpha-Omega contribue 250 000 dollars L'initiative fournit aux projets Apache un accès à des modèles IA pour l'expérimentation et la sécurité Elle soutient l'ensemble de la chaîne IA/ML : pipelines de données, infrastructure, frameworks de deep learning Des tracks de conférences, hackathons et bourses de voyage sont prévus pour élargir la communauté Les principes directeurs incluent la supervision humaine, l'intégrité des licences et la sécurité open source Oracle vire 30000 personnes https://rollingout.com/2026/03/31/oracle-slashes-30000-jobs-with-a-cold-6/ Oracle licencie 20 000 à 30 000 employés, 18% de ses effectifs mondiaux. Les salariés ont appris leur licenciement par un simple email à 6h du matin, sans aucun préavis. L'accès à tous les systèmes (Slack, Zoom, badges) a été coupé immédiatement après. But : libérer 8 à 10 milliards de dollars pour construire des centres de données IA. Oracle a déjà contracté 50 milliards de dettes en 2026 pour financer ses projets IA. Paradoxe : l'entreprise affiche un bénéfice record de 6,13 milliards, mais ses liquidités sont dans le rouge. L'action Oracle a perdu plus de la moitié de sa valeur depuis septembre 2025. Et si l'IA n'était qu'un prétexte pour licencier https://eventuallycoding.com/p/ia-licenciements-et-si-l-intelligence-artificielle-n-etait-qu-une-excuse Hugo Lassiège (eventuallycoding) estime que les entreprises utilisent l'IA comme narratif commode pour masquer des erreurs de gestion passées (Block a triplé ses effectifs post-COVID sans croissance des revenus correspondante) Moins de 1% des licenciements technologiques seraient réellement dus à des gains de productivité IA selon les analyses citées Mesurer la productivité des développeurs reste un problème non résolu, mais les entreprises affirment des gains d'efficacité sans preuves Des pressions économiques réelles (inflation, guerres commerciales, coûts énergétiques) sont masquées derrière le discours IA Les restructurations nécessaires sont présentées comme des transformations AI-driven positives pour rassurer les investisseurs Il y voit une fenêtre d'opportunité pour l'Europe pendant que les géants américains se restructurent GitHub Copilot va utiliser les interacitons pour entrainer ses modèles sauf si vous vous délistez https://github.blog/news-insights/company-news/updates-to-github-copilot-interaction-data-usage-policy/ À partir du 24 avril 2026, GitHub utilise par défaut les interactions des utilisateurs Copilot Free, Pro et Pro+ pour entraîner ses modèles Les données collectées incluent le code accepté ou modifié, les snippets envoyés, les noms de fichiers et structures de dépôts, et les retours utilisateurs Les utilisateurs Copilot Business, Enterprise et les dépôts d'entreprise sont exclus de cette collecte de données d'entraînement Opt-out disponible dans les paramètres GitHub > "Privacy" ; les préférences de désactivation préalables sont conservées automatiquement Objectif déclaré : améliorer la précision des modèles sur les langages et cas d'usage du monde réel Grosse percée de Claude Code dans les commits sur GitHub https://aifoc.us/damn-claude-thats-a-lot-of-commits/ Explosion de Claude Code : En six mois, Claude Code est passé de 0,7 % à 4,5 % de tous les commits publics sur GitHub, surpassant tous les autres outils d'IA combinés. Adoption massive des agents IA : Environ 5 % des commits publics sur GitHub sont désormais générés par des agents IA, un chiffre en croissance rapide depuis fin 2025. Domination des bots sur GitHub : Au-delà des commits, les outils d'IA sont omniprésents dans la gestion des pull requests et des problèmes (Copilot et CodeRabbit notamment). Limites méthodologiques : Les données ne concernent que les dépôts publics (les entreprises utilisent massivement des dépôts privés, invisibles ici). Le comptage dépend fortement de la visibilité des signatures (certains outils comme Claude marquent systématiquement leurs commits, d'autres non) L'API de recherche GitHub présente une fiabilité variable à cette échelle. Changement de paradigme : Le développement logiciel vit une transition majeure, comparable au passage du desktop au mobile. L'intégration des agents IA dans le cycle de production n'est plus une expérimentation, mais une réalité opérationnelle à grande échelle. Dysmaths une application pour aider à apprendre les mathématiques et la géométrie lorsque l'on souffre de dyspraxie, dysgraphie https://dysmaths.com/ Application web pour aider les élèves de collège et lycée souffrant de dysgraphie et dyspraxie à faire des maths et de la géométrie Outils de dessin à main levée, géométrie précise (compas, rapporteur, règle) et opérations structurées (fractions, racines, puissances, symboles mathématiques) Export PDF et PNG avec conservation fidèle de l'échelle pour l'impression et la soumission des exercices Options d'accessibilité : police OpenDyslexic, personnalisations d'interface, import d'images et de PDFs Répond à un besoin réel : les outils standards ne sont pas adaptés aux difficultés de coordination et d'organisation spatiale en mathématiques IA ou réalité ? Par Amistory https://www.youtube.com/watch?v=PPYdAhBBF2I L'IA génère des contenus (images, voix, vidéos) de plus en plus indétectables Les arnaques au clonage de voix et deepfakes sont en forte hausse Les faux contenus viraux manipulent l'opinion à grande échelle Le faux n'est plus un accident, c'est devenu un système organisé La société entre dans une ère de doute généralisé sur le réel Comment s'informer quand le réel lui-même peut être simulé ? Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 6-7 mai 2026 : Devoxx UK 2026 - London (UK) 12 mai 2026 : Lead Innovation Day - Leadership Edition - Paris (France) 12-13 mai 2026 : Lyon Craft - Lyon (France) 19 mai 2026 : La Product Conf Paris 2026 - Paris (France) 19-20 mai 2026 : Green Code Challenge - Paris (France) 21-22 mai 2026 : Flupa UX Days 2026 - Paris (France) 22 mai 2026 : AFUP Day 2026 Lille - Lille (France) 22 mai 2026 : AFUP Day 2026 Paris - Paris (France) 22 mai 2026 : AFUP Day 2026 Bordeaux - Bordeaux (France) 22 mai 2026 : AFUP Day 2026 Lyon - Lyon (France) 27 mai 2026 : aMP Day Strasbourg 2026 - Strasbourg (France) 28 mai 2026 : DevCon 27 : I.A. & Vibe Coding - Paris (France) 28 mai 2026 : Cloud Toulouse 2026 - Toulouse (France) 29 mai 2026 : NG Baguette Conf 2026 - Paris (France) 29 mai 2026 : Agile Tour Strasbourg 2026 - Strasbourg (France) 2-3 juin 2026 : Agile Tour Rennes 2026 - Rennes (France) 2-3 juin 2026 : OW2Con - Paris-Châtillon (France) 3 juin 2026 : IA–NA - La Rochelle (France) 4 juin 2026 : Workplace Intelligence Days - 1ère édition - Lyon (France) 5 juin 2026 : TechReady - Nantes (France) 5 juin 2026 : Fork it! - Rouen - Rouen (France) 6 juin 2026 : Polycloud - Montpellier (France) 9 juin 2026 : JFTL - Montrouge (France) 9 juin 2026 : C: - Caen (France) 9 juin 2026 : France API 2026 - Paris (France) 11-12 juin 2026 : DevQuest Niort - Niort (France) 11-12 juin 2026 : DevLille 2026 - Lille (France) 12 juin 2026 : Tech F'Est 2026 - Nancy (France) 15 juin 2026 : Jupyter Workshops: Demystifying MyST Markdown in Education - Orsay (France) 16 juin 2026 : Mobilis In Mobile 2026 - Nantes (France) 17-19 juin 2026 : Devoxx Poland - Krakow (Poland) 17-20 juin 2026 : VivaTech - Paris (France) 18 juin 2026 : Tech'Work - Lyon (France) 22-26 juin 2026 : Galaxy Community Conference - Clermont-Ferrand (France) 23-24 juin 2026 : MWCP 2026 - Paris (France) 24-25 juin 2026 : Agi'Lille 2026 - Lille (France) 24-26 juin 2026 : BreizhCamp 2026 - Rennes (France) 25-26 juin 2026 : Agile Tour Toulouse 2026 - Toulouse (France) 27 juin 2026 : Asynconf - Paris (France) 2 juillet 2026 : Azur Tech Summer 2026 - Valbonne (France) 2-3 juillet 2026 : Sunny Tech - Montpellier (France) 3 juillet 2026 : Agile Lyon 2026 - Lyon (France) 6-8 juillet 2026 : Riviera Dev - Sophia Antipolis (France) 28-30 août 2026 : State of the Map - Champs-sur-Marne (France) 4 septembre 2026 : JUG Summer Camp 2026 - La Rochelle (France) 10-11 septembre 2026 : Nantes Craft - Nantes (France) 17 septembre 2026 : dotAI - Paris (France) 17-18 septembre 2026 : API Platform Conference 2026 - Lille (France) 18 septembre 2026 : dotJS - Paris (France) 18 septembre 2026 : WordCamp Bretagne - Rennes (France) 22 septembre 2026 : Salon Data 2026 - Nantes (France) 22-23 septembre 2026 : Agile en Seine & IA 2026 - Paris (France) 24 septembre 2026 : OWASP AppSec Days France 2026 - Paris (France) 24 septembre 2026 : PlatformCon Paris - Paris (France) 24 septembre 2026 : React Native Connection 2026 - Paris (France) 24-26 septembre 2026 : Paris Web 2026 - Paris (France) 28-29 septembre 2026 : 4th Tech Summit on AI & Robotics - Paris (France) & Online 1 octobre 2026 : WAX 2026 - Marseille (France) 1-2 octobre 2026 : Volcamp - Clermont-Ferrand (France) 2 octobre 2026 : DevFest Perros-Guirec 2026 - Perros-Guirec (France) 5-9 octobre 2026 : Devoxx Belgium - Antwerp (Belgium) 12 octobre 2026 : Dev With AI - Paris (France) 27-29 octobre 2026 : Directions EMEA 2026 - Paris (France) 29-30 octobre 2026 : BDX I/O 2026 - Bordeaux (France) 30 octobre 2026 : Cloud Nord 2026 - Lille (France) 4-5 novembre 2026 : Devoxx Morocco - Casablanca (Morocco) 14-15 novembre 2026 : Capitole du Libre - Toulouse (France) 19 novembre 2026 : DevFest Toulouse 2026 - Toulouse (France) 27 novembre 2026 : DevFest Paris 2026 - Paris (France) 1-3 décembre 2026 : Apidays Paris - Paris (France) 4 décembre 2026 : DevFest Lyon 2026 - Lyon (France) 4 décembre 2026 : DevFest Dijon 2026 - Dijon (France) 9-10 décembre 2026 : OpenSource Expérience - Paris (France) 9-10 décembre 2026 : DevOps REX - Paris (France) 10 décembre 2026 : KCD Provence - Aix-en-Provence (France) 7-9 avril 2027 : Devoxx France 2027 - Paris (France) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

covid-19 netflix ai google apple france state zoom spring microsoft plan code human silicon valley services forward os ga operations options app roi adoption dans structure construction windows context ip architecture oracle application obstacles enterprise ram ia buddy swift verse slack faire requirements explosion blue sky index api milestone rat conf cisco agile clips io chrome bon encore explicit python aws mythos nouvelle nouveau domination ml trois github java guillaume fork workflow int apis aur probl helm criteria limites llm chorus copilot moins javascript anthropic macos apache kafka nouvelles contr gestion grosse gpu cas norms wax changement cpu flexibilit nouveaux propose hotspot gc entities safeguards crowdstrike slogan vert kairos transactional certaines opt codex objectif docker principe loi git kubernetes utiliser m2 png plugins lancement deepmind croissance outils aucune chansons mcp enregistr approche erreur quelqu changements cursor ci cd json london uk cli avantages terraform paris france mysql typescript github copilot vms fonctionne graphql lier utilisation ssh vs code paradoxe maintenir npm capitole redis linux foundation orm postgresql mesurer librairie sql server supprimer sse prochaines alpha omega ansible jep jvm vache contrats oci lts alignement yann lecun hibernate troie ajouter trivago yaml ddl gestionnaire a2a grpc tech summit gitops mariadb devcon facilite compaction spring boot personnalisation josh long community edition lyon france intellij protocoles adk lyria openjdk rc1 glasswing inclure bordeaux france jpa spring framework cloner chiffrement testcontainers provence france jeps oidc strasbourg france toulouse france firestore lille france pgo kafka connect spring data dijon france amazon efs devoxx france
php[podcast] episodes from php[architect]
The PHP Podcast 2026.05.07

php[podcast] episodes from php[architect]

Play Episode Listen Later May 8, 2026 72:31


PHP Podcast – May 7, 2026 Hosts: Eric Van Johnson & John Congdon Another fun episode of the PHP Podcast! Here’s what we covered: PHP Tek Is 11 Days Away — And Everyone Is Stressed The conference countdown is real: 11 days, 10 hours, and a handful of seconds on the clock. John’s travel plans hinge entirely on little league baseball — if his team wins their Tuesday playoff game, he coaches the Saturday game, then bolts for the airport. If they lose Tuesday, he’s sad but gets to Chicago earlier. Meanwhile, Eric is grinding through the PHP Tek TV redesign, trying to wire up the SessionIze API for schedule imports instead of doing it all manually from a CSV, and sending the design team a novel’s worth of badge and signage requests. Holly’s conference app now has notifications working: select a talk, and if Eric or John move it around, you’ll get pinged. Keynote and lunch notifications are also on the table for attendees who can never find the room. Conference Stress Dreams: The Motorcycle Gunman Edition John woke up mid-dream to his wife opening the blinds for the school run — and the dream he was pulled from was genuinely unhinged. He was in an Uber waiting for Uber Eats to arrive at an intersection when a motorcyclist pulled up behind them, got off, shot out the tire, then came to John’s door and started shooting at the lock to get in. The Uber app had briefly flashed the word “threat” on the map. John laid the seat back as far as it would go. The driver just stood there. Then the blinds opened and it was just a Thursday morning. John’s verdict: it’s conference stress. Hard to argue with that. JS Tek — An Honest Conversation John decided to say the quiet part out loud: JS Tek hasn’t brought in the JavaScript community the way they hoped. The PHP world is unusual in paying for speaker travel and hotel rooms; Joe in Discord confirmed this barely happens outside PHP, and somebody speaking at a Ruby/Rails conference once told Eric they not only weren’t reimbursed for travel — they had to buy their own conference ticket. Eric’s takeaway: the JS track itself is a great idea for PHP developers, but trying to recruit an entirely new community into the fold didn’t work out. Next year’s structure will probably look different. The PHP 7-to-8 Upgrade That Failed Three Times Eric’s consulting team has been struggling with a client upgrade from PHP 7 to 8 — unusual, because they’ve done this many times and know the pitfalls. After three failed attempts, a deep dive revealed the culprit: an abandoned Laravel Shift branch left behind by a previous developer who had started an upgrade and walked away, with missing config files baked right into the inherited codebase. The fix wasn’t just another attempt — it was getting the management team to produce a proper testing playbook, and more importantly, actually getting trained on the application. The team had been fixing bugs in code they’d never seen working correctly. Today they finally got that training session, and Eric says the excitement and “ah-ha” moments from his developers made it clear this should have happened much sooner. The Database on the Same Server Problem A related discovery from the same client: the database lives on the same machine as the application. Every upgrade means shutting the app down, exporting the database, migrating it somewhere else, and starting over. Eric’s head doesn’t compute why this is still the case in 2026. Even a second machine designated as a database server would be a massive improvement. In a moment of uncomfortable honesty, Eric also admitted that PHP Architect’s own conference site has the same setup — Forge makes it so easy to throw a database on the same box that you just don’t think about it, until you do. Laravel Shift, Laravel Cloud, and the Pre-Check Tool The conversation circled back to Laravel Shift — JMAC’s automated upgrade tool — which Eric notes has become less essential as Laravel’s upgrade paths have smoothed out considerably compared to the wild west of early Laravel development. But Shift is still out there and still useful. More interestingly, JMAC has a new free Shift specifically for Laravel Cloud readiness: run it against your app and it’ll tell you whether your application is compatible with Laravel Cloud’s serverless model, flag any system commands that won’t be available, and help you understand what services you’d need. Laravel Cloud itself is Taylor’s “don’t worry about servers” deployment platform, and if you’re not a sysops person, having a Shift that holds your hand through the setup could be the difference between trying it and not. PHP Internals Made Readable — Externals and PHP RFC Watch Eric plugged two tools for following what’s happening in PHP core. The first is externals.io — a much more readable front-end for the PHP internals mailing list, with search, read-tracking, and threaded discussions. The second is a newer discovery: php-rfc.watch, which focuses purely on RFCs, showing what’s active, what’s been voted on, and how the votes broke down. It’s more of a quick-glance dashboard than a full discussion forum. Eric also highlighted a specific RFC from Ben Ramsey: a proposal to update the PHP license, accompanied by a detailed blog post called “PHP License Simplified” that walks through the history and rationale. If you’ve ever been curious about why license choice matters (especially at the enterprise level where legal teams block open source based on license type), Ben’s post is worth the read. NeoVim’s Flash Plugin — Used Wrong for Years Eric has been using Flash.nvim, a NeoVim navigation plugin, for years. He recently discovered he had been using it completely incorrectly the entire time. He thought he understood what it did. He did not. A YouTube video explaining the plugin properly (titled something like “How to Jump Anywhere Instantly in NeoVim”) revealed that what he’d been doing was essentially pressing the wrong keybinding and stumbling through a fraction of the plugin’s actual functionality. This sent the conversation into a longer Vim origin story: Eric learned Vim because he was flying around the country installing Cyborg firewalls on remote servers and Vi was just there. John picked it up at an enterprise job and never thought about alternatives until he saw a developer using MacVim to write Rails and had his mind blown. The core message: you can use a tool for decades and still be using it wrong, and that’s okay — but watch the tutorial. Eric Doesn’t Know How Old He Is Eric has been confidently telling people for a full year that he’s 55. His wife Bek has known for some time that this is not correct. The moment of reckoning came when Eric asked Alexa: “If I was born in 1969, how old would I be now?” Alexa hedged on the birthday thing but confirmed the range. Bek stepped in. Alexa, a full 30-60 seconds later, stepped back in and confirmed: “Your birthday’s May 8th, you’re turning 57.” Eric is apparently going directly from 55 to 57, having skipped 56 entirely. He also noted at the Padres game with his wife that their Costco membership is older than a 13-year-old kid they saw on the Jumbotron, and that it could legally babysit him. John is turning 50 this year. Everyone is fine. Links from the show: externals.io — PHP Internals Discussion Reader PHP RFC Watch — Track Active PHP RFCs Ben Ramsey: PHP License Simplified Laravel Shift — Automated Laravel Upgrade Tool Laravel Cloud How to Jump Anywhere Instantly in NeoVim (Flash.nvim Tutorial) PHP Tek 2026 — Chicago PHP Architect Store PHP Architect Discord Host: Eric Van Johnson X: @shocm Mastodon: @eric@phparch.social Bluesky: @ericvanjohnson.bsky.social PHPArch.me: @eric John Congdon X: @johncongdon Mastodon: @john@phparch.social Bluesky: @johncongdon.bsky.social PHPArch.me: @john Streams: Youtube Channel Twitch Connect & Hire PHP Architect Website Twitter/X Mastodon Hire PHP Developers Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review. Partner This podcast is made a little better thanks to our partners Displace Infrastructure Management, Simplified Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease. https://displace.tech/ PHPScore Put Your Technical Debt on Autopay with PHPScore CodeRabbit Cut code review time & bugs in half instantly with CodeRabbit. Music Provided by Epidemic Sound https://www.epidemicsound.com/ Join Us Live Next Week Youtube Channel Got feedback? Join us on Discord at discord.phparch.com The post The PHP Podcast 2026.05.07 appeared first on PHP Architect.

php[podcast] episodes from php[architect]
The PHP Podcast 2026.04.30

php[podcast] episodes from php[architect]

Play Episode Listen Later May 1, 2026 72:07


PHP Podcast – April 30, 2026 Hosts: Eric Van Johnson & John Congdon Another fun episode of the PHP Podcast! Here’s what we covered: The Drone Slayer Strikes Eric and John wrapped up a Padres game at beautiful Petco Park in downtown San Diego — and things got weird on the way out. A rogue drone started buzzing around a busy intersection, lingering on a guy on a scooter, before making a fateful attempt to fly in front of Eric’s car. It did not make it. The controller came running out, Eric kept driving, and John has already dubbed him “the drone slayer.” Eric still hasn’t looked at whether his wife’s car got scratched, which feels like the bravest choice of all. Baseball Week Never Ends The reason today’s episode started an hour early? Baseball. John’s week was wall-to-wall: a Tuesday night little league game, the Padres game with Eric on Wednesday, practice Thursday night, the playoff draft reveal Friday, a little league game Saturday, and another Padres game Sunday. Eric pointed out John was wearing his own last name on a jersey to a Padres game, which opened up a whole sidebar on why anyone buys a $200 jersey with a player’s name on it when players change teams every two years anyway. Walking Pneumonia and the Power of the Right Antibiotic John’s week was also scrambled because his son had been diagnosed with regular pneumonia — but after not getting better, a second doctor visit revealed it was actually atypical (walking) pneumonia, which requires a completely different antibiotic. Once on the correct medication, his son bounced back almost immediately. The kid had been pushing himself trying to feel well enough for sixth grade camp, but there’s really no faking it with the wrong treatment. The Archie Situation — AI Standups Gone Sideways Eric has had a rough stretch after Anthropic shut down OpenClaw, the platform that powered their internal Discord bot Archie (a.k.a. Alfred). Archie had been running daily team standups, generating weekly summaries, letting team members tag it with updates throughout the day, and even setting reminders. Everyone got spoiled by it. Since then, attempts to migrate to Ollama — both locally and through the web service — have been plagued by slow response times and dropped messages. Eric is close to pulling the plug and going back to the old manual method, and he’s not happy about it. Claude SSH’d Into Eric’s Server and Fixed Everything For weeks, Eric had been fighting a broken Postiz Docker container — a self-hosted social media scheduling tool he uses to post across platforms. After updates broke it and multiple attempts at a fresh install still left it broken, he dropped the problem in Claude’s lap and explained the whole situation. Claude asked for permission to SSH into the remote server on Eric’s Tailscale network, and Eric said sure. Thirty minutes later, Claude had identified the culprit — a Temporal workflow engine losing its configuration on restart — wrote a fix script, configured the service to reconfigure properly on boot, and even set up a cron job to restart the container on reboot. Eric’s still trying to find that chat to review exactly what it did, but the service is running. GitHub is Getting Hammered by AI Agents GitHub has had a rough patch of outages, and the numbers tell the story: 20 million new repos per month, 1.4 billion commits, 90 million pull requests — with a dramatic spike right at the start of 2026. Part of the culprit? AI agents being unleashed on codebases to automatically open pull requests from backlog tickets. Eric has a client doing exactly this, and while it sounds impressive from the owner’s perspective (“look at all this work getting done!”), the developers on the ground report that a high percentage of those AI-generated PRs require significant human correction before they’re anywhere close to mergeable. The comparison to Reddit’s early explosion — and the one engineer who basically didn’t sleep for two years — felt pretty apt. The GitHub Security Vulnerability Nobody Talked About As if the outages weren’t enough, GitHub quietly disclosed a serious security vulnerability: a specially crafted git push — using malformed options in the push metadata — could allow arbitrary code execution on GitHub’s own servers. Eric had to dig to find the blog post because GitHub was not exactly shouting about it. To their credit, they state that their investigation found no evidence the vulnerability was ever exploited in the wild. But knowing that a specific sequence of bytes in a git push could have handed someone the keys to GitHub’s servers is genuinely unsettling. The Creator of Ghosty Is Leaving GitHub Mitchell Hashimoto — creator of the Ghostty terminal and formerly of HashiCorp — announced he’s leaving GitHub, where he’s been a user since 2008 (user #1299). This comes shortly after the Zig programming language made the same move, also citing reliability concerns. Eric was mildly skeptical of the “announcing I’m leaving” genre of posts, pointing out that GitHub doesn’t especially need your permission to stop using it. Notably, Hashimoto’s post doesn’t say what he plans to use instead. John joined GitHub in 2009, which led to a fun live expedition through his commit history — turns out he got serious about coding right around July 2013, roughly when DiegoDev landed its first client. Update Composer. Like, Right Now. PHP developers tend to set Composer up and forget about it — but there’s been a serious security vulnerability patched in a recent release that you absolutely want. The fix is simple: just run composer self-update. It updates in place and keeps a rollback copy in case anything breaks. While you’re at it, if you have global Composer packages installed, run composer global update to catch those too. Eric noted that Composer should really warn you when you’re significantly behind versions, the way Claude Code does. Until it does, just make a habit of it. Linux Kernel Exploit — Patch Your Servers A CVE was shared in the phparch Discord that affects Ubuntu, Amazon Linux, and Red Hat: a Linux kernel exploit that lets an attacker gain root access with a remarkably small payload — around 732 bytes targeting setuid. It’s a good reminder that the old sysadmin badge of honor (“my server has 5-year uptime, never rebooted”) is the wrong mentality now. With tools like Terraform and infrastructure-as-code, spinning up a freshly patched machine is the move. Keep your operating systems current, especially Linux servers running in production. Holly Built a PHP Tek App — And It’s Already Good Community member Holly built a native attendee app for PHP Tek, available now in beta on iOS (via TestFlight) and Android. You can browse the schedule, select the talks you want to attend, and it’ll warn you if two of your picks are in conflict — a “merge conflict,” as Eric put it. Best of all, it sends push notifications when sessions you’ve favorited get moved or rescheduled, which happens constantly at tech conferences. Eric’s wife installed it without being told anything about it and figured it out on her own — about as good a usability test as you can get. The app is built natively in Swift and Kotlin. Be kind to Holly — this is a gift to the community. PHP Tek in 19 Days + New PHP Architect Merch PHP Tek is nearly here — 19 days out in Chicago. A brand new PHP Architect elephant is coming (tentatively named Holly, after a live-stream vote). Eric also walked through new merch at store.phparch.com: a v-neck version of the classic rainbow PHP Architect shirt, and his personal labor of love — the “I have standards, specifically PSR 0, 1” tee — which he admits has sold exactly zero copies. If the hotel room block is sold out by the time you read this, reach out to the team directly and they’ll see what they can do. Links from the show: Postiz — Open Source Social Media Scheduling GitHub Security Advisory: Remote Code Execution via Git Push Options PHP Tek 2026 — Chicago PHP Architect Store PHP Architect Discord An update on GitHub availability Migrating from GitHub to Codeberg Ghostty Is Leaving GitHub Securing the git push pipeline: Responding to a critical remote code execution vulnerability Composer 2.9.6 fixes Perforce Driver Command Injection Vulnerabilities (CVE-2026-40261, CVE-2026-40176) Copy Fail: 732 Bytes to Root on Every Major Linux Distribution. Host: Eric Van Johnson X: @shocm Mastodon: @eric@phparch.social Bluesky: @ericvanjohnson.bsky.social PHPArch.me: @eric John Congdon X: @johncongdon Mastodon: @john@phparch.social Bluesky: @johncongdon.bsky.social PHPArch.me: @john Streams: Youtube Channel Twitch Connect & Hire PHP Architect Website Twitter/X Mastodon Hire PHP Developers Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review. Partner This podcast is made a little better thanks to our partners Displace Infrastructure Management, Simplified Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease. https://displace.tech/ PHPScore Put Your Technical Debt on Autopay with PHPScore CodeRabbit Cut code review time & bugs in half instantly with CodeRabbit. Music Provided by Epidemic Sound https://www.epidemicsound.com/ Join Us Live Next Week Youtube Channel Got feedback? Join us on Discord at discord.phparch.com The post The PHP Podcast 2026.04.30 appeared first on PHP Architect.

Unofficial SAP on Azure podcast
#287 - TOW Using SAP Deployment Automation with Cloud Motion (Stergios Gaidatzis, Kimmo Forss) | SAP on Azure Video Podcast

Unofficial SAP on Azure podcast

Play Episode Listen Later May 1, 2026 45:57


In episode 287 of our SAP on Azure video podcast we talk about the SAP Deployment Automation Framework and the partner solution Cloud MotionAlmost two years ago we had a really good session on the SAP Deployment Automation Framework. SDAF helps customers to quickly deploy SAP sytems - not only for test and demo environments, but production ready, high available systems. All of this is available open source on GitHub. Now some partners have taken the code, collaborated with us and build tools and applications around this. Today we want to talk about this with Stergios and Kimmo. You can test the bot at: https://sdaf-ops.com/Find all the links mentioned here: https://www.saponazurepodcast.de/episode287Reach out to us for any feedback / questions:* Goran Condric: https://www.linkedin.com/in/gorancondric/* Holger Bruchelt: https://www.linkedin.com/in/holger-bruchelt/ #Microsoft #SAP #Azure #SAPonAzure #Deployment #Infrastructure #Automation #Terraform #Ansible- 0:00 Intro- 1:35 Introducing Stergios Gaidatzis and Kimmo Forss- 2:55 SAP Deployment Automation Framework (SDAF)- 5:20 Tooling - Azure DevOps, Terraform, Ansible- 9:00 Introduction Cloud Motion GmbH- 10:45 SDAF - Implementation Process- 14:10 Devops Engineer and Application Owner- 18:40 SDAF-OPS- 23:30 Demo- 27:00 Azure DevOps- 30:00 Pipline is triggered- 36:00 SDAF-OPS Architecture- 42:20 Implementation Process

php[podcast] episodes from php[architect]
The PHP Podcast 2026.04.23

php[podcast] episodes from php[architect]

Play Episode Listen Later Apr 24, 2026 70:05


PHP Podcast – April 23, 2026 Hosts: Eric Van Johnson & John Duration: ~1 hour 10 minutes Episode Summary Eric and John return to the podcast after a few weeks away, discussing everything from Disneyland trips and bowling tournaments to EAV database nightmares, editor wars (Vim vs. PHPStorm), AI coding tools, and the state of in-person PHP community events. Thank You to Our Sponsor Displace Technologies – Building PHP applications is your passion. Managing cloud infrastructure shouldn’t be your headache. Displace is your partner in cloud infrastructure orchestration, giving solo developers and small teams the tools and automation to deploy enterprise-grade Kubernetes clusters without the enterprise-grade complexity or cost. Get started at displace.tech Show Notes & Timestamps [00:00] Welcome Back – Eric and John return after Joe, Sarah, and Sammy filled in last week [02:45] Technical Difficulties – Eric’s streaming setup continues to cause problems [04:30] PHP Architect Consulting – Reminder that PHP Architect does real-world consulting work (augment teams or full team) [06:15] PHP Tek Countdown – 26 days away! Less than 4 weeks [08:30] John’s Disneyland Trip – Family spring break trip with a clever 3-day pass hack [12:00] Bowling Tournament – John competed in Reno for U.S. Championship (singles: 1,963rd, doubles: 2,599th, team: 607th) [14:00] Joe Ferguson News – Congratulations to Joe on becoming PHP Release Manager! [16:30] EAV Database Nightmare – John’s journey removing Entity-Attribute-Value system after 10+ years (running out of bigint IDs) [28:00] Editor Wars: Vim vs. PHPStorm – Eric’s return to NeoVim after trying VS Code. Discussion of keybindings, speed, and muscle memory [38:00] AI Coding Tools – Using Claude Code with subagents (front-end, back-end, database, QA). Discussion of productivity gains and QA bottlenecks [46:00] Docker Sandbox for Claude – John explains running Claude in Docker sandbox mode for project isolation [52:00] PHP Tek Mobile App – Holly (listener/mobile dev) offered to build an attendee app with wallet pass integration [56:30] Trailer Disaster Averted – Holly got trailer tires changed just before record flooding at the storage location [01:01:00] PHP Verse 2026 – JetBrains virtual event. Discussion of value of in-person vs. virtual conferences [01:08:00] Bitwarden CLI Security Alert – Trojan horse in version 2026.4.0 (credential stealer). Verify your installation! [01:13:00] Security & AI – Discussion of supply chain attacks, npm pre-install hooks, and risks of AI-generated code without review Links Mentioned Displace Technologies – Episode sponsor PHP Podcast Discord PHP Architect on YouTube PHP Architect – Consulting & Magazine PHP Tek 2026 – 26 days away! PHP Verse 2026 – JetBrains virtual event SessionEye – Conference schedule management Quotes “I’m still coding but I’m not doing like a full end-to-end coding anymore… I don’t know if I need PHPStorm anymore.” – Eric on how AI tools have changed his workflow “It’s like you go away on vacation and you have a great time… but you come home and you lay down in your bed and you’re like, ‘Oh wait, this feels better.'” – Eric describing his return to Vim “I’m embracing these early adopters of ‘we don’t need developers anymore, we have AI’ because I’m charging them a lot of money here in a couple of years.” – Eric on fixing AI-generated code Host: Eric Van Johnson X: @shocm Mastodon: @eric@phparch.social Bluesky: @ericvanjohnson.bsky.social PHPArch.me: @eric John Congdon X: @johncongdon Mastodon: @john@phparch.social Bluesky: @johncongdon.bsky.social PHPArch.me: @john Streams: Youtube Channel Twitch Connect & Hire PHP Architect Website Twitter/X Mastodon Hire PHP Developers Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review. Partner This podcast is made a little better thanks to our partners Displace Infrastructure Management, Simplified Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease. https://displace.tech/ PHPScore Put Your Technical Debt on Autopay with PHPScore CodeRabbit Cut code review time & bugs in half instantly with CodeRabbit. Music Provided by Epidemic Sound https://www.epidemicsound.com/ Next Episode Join us next week for more PHP news, tech talk, and community updates. See you at PHP Tek! Got feedback? Join us on Discord at discord.phparch.com  The post The PHP Podcast 2026.04.23 appeared first on PHP Architect.

airhacks.fm podcast with adam bien
AWS Infrastructure as Code: CloudFormation Origins, CDK Stacks, and Terraform Trade-offs

airhacks.fm podcast with adam bien

Play Episode Listen Later Apr 11, 2026 59:13


An airhacks.fm conversation with Thorsten Hoeger (@hoegertn) about: discussion about migrating a German bank to AWS in 2012, early EC2 instances and the launch of AWS VPC for private networking, clicking the AWS console before discovering CloudFormation, CloudFormation released in 2011 with JSON-only templates, Hazelcast cluster synchronization bugs on single-core EC2 instances, multicast limitations in VPC and the transit gateway workaround, CFEngine from 1993 as a predecessor to declarative infrastructure management, Puppet and Chef and Ansible as configuration management tools, CloudFormation's declarative state reconciliation predating kubernetes by three years, CloudFormation's managed state versus Terraform's local state storage, three-way diff comparing new template and old template and physical resource state, drift detection and its limitations with default values, writing 3000 lines of CloudFormation JSON in Eclipse IDE, building a Jenkins plugin for CloudFormation lifecycle management, GitOps with Git servers and Jenkins for CloudFormation deployments, separating infrastructure changes from business logic changes in early setups, treating everything as a change in modern CI/CD pipelines, the origin of CDK at Amazon as an internal tool written in Java then rewritten in typescript, CDK beta participation through the AWS Hero program, CDK constructs and L1 low-level constructs mapping directly to CloudFormation resources, CDK synth phase serializing Java objects to CloudFormation JSON, Stacks as atomic deployment units in CDK, the trade-offs of splitting stateful resources into separate stacks versus single-stack deployments, AWS CloudFormation export and reference coupling between stacks, using AWS Parameter Store for loose coupling between stacks, CDK application as the project root with application code in subfolders, Terraform benefits for multi-provider scenarios like GitHub repos and on-prem routers, regulated industries and compliance benefits of cloud infrastructure as code, change management as a byproduct of Git-based infrastructure pipelines, serverless architecture similarities to application server and WAR deployment models, CDK asset system for versioning and pushing artifacts, CDK custom resource types and self-mutating pipelines as future topics, The CDK Book co-authored by Thorsten Hoeger and colleagues, Taimos GmbH consulting for AWS infrastructure Thorsten Hoeger on twitter: @hoegertn

Ask Noah Show
Ask Noah Show 485

Ask Noah Show

Play Episode Listen Later Apr 1, 2026 53:44


This week we focus on your feedback! Your calls go to the front of the line, your emails answered! -- During The Show -- 00:58 Intro Alarm panel & Home Assistant Sensor abilities at home Plugging everything into Home Assistant People are having to confront Home Assistant 07:02 LDAP/PKI - Soham FreeIPA Feedback to ANS 476 FreeIPA ANS Content ANS 342 ANS 382 Steve's FreeIPA journey Noah's take on FreeIPA Steve uses Ansible and VM Clones 14:36 Caller Monitoring HVAC power usage? Flashed Emporia Vue Home Assistant setup Moving a phone number virtual? JMP.Chat Gajim Pidgin XMPP Unredacted XMPP Unredacted.org 31:54 Ereaders - Gwendolyn Libra Color E-Reader Booklore 37:48 Getting rid of facebook - Andy Self hosted private blog There will be friction Stealing children's privacy Noah has "cleaned up" "digital messes" Hugo Ghost Private is hard Mastodon Tape Backups - DC Amanda Backup Bacula Nothing new to say 51:20 News Wire Calibre 9.6 - calibre-ebook.com FreeCad 1.1 - freecad.org QT 6.11 - wiki.qt.io Thunderbird 149 - thunderbird.net Firefox 149 - firefox.com OpenSuse Agama 19 - lwn.net Krita 5.3 - krita.org SDv Platform - wardsauto.com Pardus 25.1 - indir.pardus.org Plop Linux 26.1 - download.plop.at Kaos 2026.03 - kaosx.us Tails 7.6 - torproject.org Kali Linux 2026.1 - kali.org Sparky Linux 9 - thenewstack.io Axios Hijack - nextgov.com Cohere Voice Model - techcrunch.com Malaria Drug Discovery - healthpolicy-watch.news Midjourney Standard Pretext - venturebeat.com Brain AI - ai.meta.com -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard Phone Systems for Ask Noah provided by Voxtelesys Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux Ask Noah Show Altispeed Technologies

Packet Pushers - Full Podcast Feed
TCG072: AI and the Automation Engineer – When Your Scripts Start Writing Themselves

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Mar 25, 2026 49:39


William Collins and Eyvonne Sharp invite Skylar Sands, Senior Automation Engineer at World Wide Technology, to discuss what it means to integrate AI into the daily workflow in a meaningful way. Together they break down the shift in the automation engineer's role now that AI can instantly generate the “toolkit” of Python, Ansible, and Bash,... Read more »

The DevOps Kitchen Talks's Podcast
DKT91: Мок-интервью DevOps - Архитектура AWS, Terraform и Live Debug K8s

The DevOps Kitchen Talks's Podcast

Play Episode Listen Later Mar 7, 2026 108:02


Проверяем знания кандидата на позицию Senior DevOps инженера в прямом эфире. В этом выпуске: архитектурные паттерны в AWS, вечный спор Terraform против CloudFormation, глубокое погружение в Kubernetes (Karpenter, скейлинг) и Live-траблшутинг сломанного Helm-чарта. О ЧЁМ ВЫПУСК: • Архитектура и облака: Как выбрать между EKS и ECS/Fargate и настроить безопасное хранение бэкапов в S3.  • IaC войны: Честное сравнение Terraform и CloudFormation — где заканчивается удобство и начинается боль.  • Kubernetes под капотом: Разбираем Control Plane, работу контроллеров и нюансы обновления on-prem кластеров.  • Live Debug: Реальная задача по починке упавшего пода (CrashLoopBackOff) — работа с пробами, портами и Helm.  • CI/CD стратегии: Строим идеальный пайплайн с GitHub Actions и ArgoCD. ГОСТЬ: Максим — DevOps-инженер (5 лет опыта DevOps, 10 лет SysAdmin). Стек: AWS, Terraform, Kubernetes, Ansible, Monitoring. ССЫЛКИ

Autonomous IT
Automate IT – The Server Tango: Step In... and Now MySQL's Down, E14

Autonomous IT

Play Episode Listen Later Mar 3, 2026 12:40


In this episode, Jeremy Maldonado shares his experiences and insights on server management, highlighting the importance of learning from mistakes, the power of automation, and finding balance between Linux and Windows environments. He discusses the challenges and rewards of managing servers, the pivotal role of Ansible in streamlining operations, and the confidence required to maintain a reliable infrastructure. Jeremy encourages listeners to view setbacks as opportunities for growth while reminding us to be kind to ourselves throughout our professional journeys.This episode originally aired March 6, 2025

Of Je Stopt De Stekker Er In
#095 | HashiCorp Vault, Identity-based secrets management

Of Je Stopt De Stekker Er In

Play Episode Listen Later Feb 19, 2026 33:39


Vandaag aan tafel:Barend BaarssenKarel van der WoudeMustafa GülkaraCojan van BallegooijenTimeline:0:00 Intro0:29 Introductie2:33 Wat is Vault?8:52 Wat is de doelstelling van Vault?13:44 Data encryptie 15:25 Open Source vs Enterprise17:25 Vault Setup20:45 Vault Use Case26:05 HashiCorp + IBM + Red HatIn deze aflevering duiken we diep in HashiCorp Vault: dé oplossing voor secret management, identity brokering en dynamische toegangscontrole in moderne, hybride IT‑omgevingen. Onze gast is Cojan van Ballegooijen, Solution Engineer bij HashiCorp, die dagelijks organisaties helpt om veilig en schaalbaar met credentials, keys, tokens en data‑encryptie om te gaan.We blikken kort terug op de eerdere HashiCorp‑aflevering met Mahil en bouwen daarop voort. Cojan gebruikt een herkenbare analogie van twee discotheken om helder uit te leggen hoe Vault zowel authenticatie (wie ben jij als persoon of applicatie?) als autorisatie (wat mag jij?) regelt. Daarbij staat The Principle of Least Privilege centraal: minimale toegang, maximaal veilig.Daarnaast bespreken we onder andere:- Secret Management als strategische security‑laag- Vault als Identity Broker tussen applicaties, clouds en platformen- Automatisch certificaten roteren (bijvoorbeeld elke 47 dagen)- Use cases in OpenShift, AWS, Azure, GitHub, GitLab en CI/CD‑pijplijnen- Dynamic Secrets voor on‑the‑fly toegangsrechten (bijv. databases)- Integraties met Ansible, Terraform, IBM Concert en andere automation‑tools- Het verschil tussen Open Source Vault en Enterprise Vault, inclusief mogelijkheden voor hybrid cloud‑scenario's- Waar je moet beginnen: developer.hashicorp.com met tutorials, open‑source downloads en praktijkvoorbeeldenOf je nu DevOps‑engineer, architect of security‑specialist bent, deze aflevering geeft je een helder en praktisch beeld van hoe Vault werkt, waarom het cruciaal is in moderne IT‑omgevingen, en hoe je het slim inzet van day zero tot decommission.Links:Analogie op HashiCorp Vault: https://medium.com/hashicorp-engineering/the-expensive-seats-problem-25829f7edc1eWaar kan ik beginnen: https://developer.hashicorp.comLinkedIn Cojan van Ballegooijen: https://www.linkedin.com/in/cojanvanballegooijen/Op- en aanmerkingen kunnen gestuurd worden naar: ofjestoptdestekkererin@nl.ibm.com

Ask Noah Show
Ask Noah Show 476

Ask Noah Show

Play Episode Listen Later Jan 21, 2026 53:55


This week we dig into the hardware shortage caused by AI, answer your questions, and dig into managing ZFS via the web! -- During The Show -- 00:45 Intro Cheap managed POE switch Switch hops 05:35 Certificates - Randy Step CA (https://smallstep.com/docs/step-ca/) XCA (https://www.hohnstaedt.de/xca/) Certificate Authority (https://en.wikipedia.org/wiki/Certificate_authority) ACME (https://en.wikipedia.org/wiki/Automatic_Certificate_Management_Environment) LDAP (https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol) Kerberos (https://en.wikipedia.org/wiki/Kerberos_(protocol)) Steve's use of LDAP LDAP with PKI link (https://enterprise.arcgis.com/en/portal/11.4/administer/linux/use-ldap-and-pki-to-secure-access-to-your-portal.htm) ACME and Domain registrars dot tk (http://www.dot.tk/en/index.html?lang=en) Ansible collection (https://docs.ansible.com/projects/ansible/latest/collections/community/crypto/acme_certificate_module.html) 19:19 Ebook Management - Jeremy Steve went to audio books Calibre (https://docs.ansible.com/projects/ansible/latest/collections/community/crypto/acme_certificate_module.html) PDF manuals folder Audio bookshelf (https://www.audiobookshelf.org/) Paperless NGX (https://docs.paperless-ngx.com/) 23:50 Light Sync - Peter UltraStar Deluxe (https://usdx.eu/) Animux (https://usdb.animux.de/) USBD_Syncer (https://github.com/bohning/usdb_syncer/releases) Doing events Why Noah likes Karaoke Effect of "shared experiences" Steve's Christmas tree lights DMX lighting WLED Project (https://kno.wled.ge/) 33:03 News Wire Firefox 147 - firefox.com (https://www.firefox.com/en-US/firefox/147.0/releasenotes/) Thunderbird 147 - thunderbird.net (https://www.thunderbird.net/en-US/thunderbird/147.0/releasenotes/) Grub 2.14 - phoronix.com (https://www.phoronix.com/news/GRUB-2.14-Released) Gnome 49.3 - discourse.gnome.org (https://discourse.gnome.org/t/gnome-49-3-released/33609) Wine 11 - theregister.com (https://www.theregister.com/2026/01/15/wine_11_arrives_faster_and/) Q4OS 6.5 - q4os.org (https://www.q4os.org/forum/viewtopic.php?id=5903) Endeavour OS Genymede Neo - endeavouros.com (https://endeavouros.com/news/ganymede-neo-is-out-with-core-updates-and-upstream-nvidia-changes/) Tails 7.4 - torproject.org (https://blog.torproject.org/new-release-tails-7_4/) Linux Mint 22.3 - blog.linuxmint.com (https://blog.linuxmint.com/?p=4981) BeaglePlay PowerVR - phoronix.com (https://www.phoronix.com/news/BeaglePlay-PowerVR-Success) StackChan - cnx-software.com (https://www.cnx-software.com/2026/01/13/m5stack-stackchan-is-a-cute-open-source-ai-desktop-robot/) Mentra's Smart Glasses - engadget.com (https://www.engadget.com/wearables/mentras-first-smart-glasses-are-open-source-and-come-with-their-own-app-store-150021126.html) VoidLink - checkpoint.com (https://research.checkpoint.com/2026/voidlink-the-cloud-native-malware-framework/) darkreading.com (https://www.darkreading.com/cloud-security/voidlink-malware-advanced-threat-linux-systems) csoonline.com (https://www.csoonline.com/article/4117038/sophisticated-voidlink-malware-framework-targets-linux-cloud-servers.html) Boltz-1 - labmanager.com (https://www.labmanager.com/mit-researchers-release-boltz-1-an-open-source-alternative-to-alphafold-3-33385) Photoshop on Linux - videocardz.com (https://videocardz.com/newz/adobe-photoshop-can-now-install-on-linux-after-a-redditor-discovers-a-fix#disqus_thread) No Commits to MySQL Repo - devclass.com (https://devclass.com/2026/01/13/open-source-mysql-repository-has-no-commits-in-more-than-three-months/) Senate Inquiry - jdsupra.com (https://www.jdsupra.com/legalnews/recent-inquiry-from-senate-intelligence-2158429/) EU Tech Sovereignty - cybernews.com (https://cybernews.com/tech/europe-looks-for-ways-to-cut-cord-from-big-tech/) biometricupdate.com (https://www.biometricupdate.com/202601/eu-calls-for-input-on-open-source-as-it-looks-toward-tech-sovereignty) 35:03 SysAdmins & Smartphones Lowering friction Graphical vs CLI Webzfs (https://github.com/webzfs/webzfs) Exposing ZFS via Web UI Cockpit Putting Webzfs into Cockpit Write in! 43:43 New ESP32 ESP32-E22 Tri-band WiFi What is an ESP32 Steve's use of ESP32 Bandwidth Getting started with ESP32 linuxgizmos.com (https://linuxgizmos.com/esp32-e22-debuts-with-tri-band-wi-fi-6e-and-dual-mode-bluetooth/) 48:05 AI Hardware Run RAM spikes 300%-400% SSD price spikes Fab Capacity Bitcoin effect ARS Technica (https://arstechnica.com/gadgets/2026/01/ram-shortage-chaos-expands-to-gpus-high-capacity-ssds-and-even-hard-drives/) -- The Extra Credit Section -- For links to the articles and material referenced in this week's episode check out this week's page from our podcast dashboard! This Episode's Podcast Dashboard (http://podcast.asknoahshow.com/476) Phone Systems for Ask Noah provided by Voxtelesys (http://www.voxtelesys.com/asknoah) Join us in our dedicated chatroom #GeekLab:linuxdelta.com on Matrix (https://element.linuxdelta.com/#/room/#geeklab:linuxdelta.com) -- Stay In Touch -- Find all the resources for this show on the Ask Noah Dashboard Ask Noah Dashboard (http://www.asknoahshow.com) Need more help than a radio show can offer? Altispeed provides commercial IT services and they're excited to offer you a great deal for listening to the Ask Noah Show. Call today and ask about the discount for listeners of the Ask Noah Show! Altispeed Technologies (http://www.altispeed.com/) Contact Noah live [at] asknoahshow.com -- Twitter -- Noah - Kernellinux (https://twitter.com/kernellinux) Ask Noah Show (https://twitter.com/asknoahshow) Altispeed Technologies (https://twitter.com/altispeed)

Les Cast Codeurs Podcast
LCC 335 - 200 terminaux en prod vendredi

Les Cast Codeurs Podcast

Play Episode Listen Later Jan 16, 2026 103:16


De retour à cinq dans l'épisode, les cast codeurs démarrent cette année avec un gros épisode pleins de news et d'articles de fond. IA bien sûr, son impact sur les pratiques, Mockito qui tourne un page, du CSS (et oui), sur le (non) mapping d'APIs REST en MCP et d'une palanquée d'outils pour vous. Enregistré le 9 janvier 2026 Téléchargement de l'épisode LesCastCodeurs-Episode-335.mp3 ou en vidéo sur YouTube. News Langages 2026 sera-t'elle l'année de Java dans le terminal ? (j'ai ouïe dire que ça se pourrait bien…) https://xam.dk/blog/lets-make-2026-the-year-of-java-in-the-terminal/ 2026: Année de Java dans le terminal, pour rattraper son retard sur Python, Rust, Go et Node.js. Java est sous-estimé pour les applications CLI et les TUIs (interfaces utilisateur terminales) malgré ses capacités. Les anciennes excuses (démarrage lent, outillage lourd, verbosité, distribution complexe) sont obsolètes grâce aux avancées récentes : GraalVM Native Image pour un démarrage en millisecondes. JBang pour l'exécution simplifiée de scripts Java (fichiers uniques, dépendances) et de JARs. JReleaser pour l'automatisation de la distribution multi-plateforme (Homebrew, SDKMAN, Docker, images natives). Project Loom pour la concurrence facile avec les threads virtuels. PicoCLI pour la gestion des arguments. Le potentiel va au-delà des scripts : création de TUIs complètes et esthétiques (ex: dashboards, gestionnaires de fichiers, assistants IA). Excuses caduques : démarrage rapide (GraalVM), légèreté (JBang), distribution simple (JReleaser), concurrence (Loom). Potentiel : créer des applications TUI riches et esthétiques. Sortie de Ruby 4.0.0 https://www.ruby-lang.org/en/news/2025/12/25/ruby-4-0-0-released/ Ruby Box (expérimental) : Une nouvelle fonctionnalité permettant d'isoler les définitions (classes, modules, monkey patches) dans des boîtes séparées pour éviter les conflits globaux. ZJIT : Un nouveau compilateur JIT de nouvelle génération développé en Rust, visant à surpasser YJIT à terme (actuellement en phase expérimentale). Améliorations de Ractor : Introduction de Ractor::Port pour une meilleure communication entre Ractors et optimisation des structures internes pour réduire les contentions de verrou global. Changements syntaxiques : Les opérateurs logiques (||, &&, and, or) en début de ligne permettent désormais de continuer la ligne précédente, facilitant le style "fluent". Classes Core : Set et Pathname deviennent des classes intégrées (Core) au lieu d'être dans la bibliothèque standard. Diagnostics améliorés : Les erreurs d'arguments (ArgumentError) affichent désormais des extraits de code pour l'appelant ET la définition de la méthode. Performances : Optimisation de Class#new, accès plus rapide aux variables d'instance et améliorations significatives du ramasse-miettes (GC). Nettoyage : Suppression de comportements obsolètes (comme la création de processus via IO.open avec |) et mise à jour vers Unicode 17.0. Librairies Introduction pour créer une appli multi-tenant avec Quarkus et http://nip.io|nip.io https://www.the-main-thread.com/p/quarkus-multi-tenant-api-nipio-tutorial Construction d'une API REST multi-tenant en Quarkus avec isolation par sous-domaine Utilisation de http://nip.io|nip.io pour la résolution DNS automatique sans configuration locale Extraction du tenant depuis l'en-tête HTTP Host via un filtre JAX-RS Contexte tenant géré avec CDI en scope Request pour l'isolation des données Service applicatif gérant des données spécifiques par tenant avec Map concurrent Interface web HTML/JS pour visualiser et ajouter des données par tenant Configuration CORS nécessaire pour le développement local Pattern acme.127-0-0-1.nip.io résolu automatiquement vers localhost Code complet disponible sur GitHub avec exemples curl et tests navigateur Base idéale pour prototypage SaaS, tests multi-tenants Hibernate 7.2 avec quelques améliorations intéressantes https://docs.hibernate.org/orm/7.2/whats-new/%7Bhtml-meta-canonical-link%7D read only replica (experimental), crée deux session factories et swap au niveau jdbc si le driver le supporte et custom sinon. On ouvre une session en read only child statelesssession (partage le contexte transactionnel) hibernate vector module ajouter binary, float16 and sparse vectors Le SchemaManager peut resynchroniser les séquences par rapport aux données des tables Regexp dans HQL avec like Nouvelle version de Hibernate with Panache pour Quarkus https://quarkus.io/blog/hibernate-panache-next/ Nouvelle extension expérimentale qui unifie Hibernate ORM with Panache et Hibernate Reactive with Panache Les entités peuvent désormais fonctionner en mode bloquant ou réactif sans changer de type de base Support des sessions sans état (StatelessSession) en plus des entités gérées traditionnelles Intégration de Jakarta Data pour des requêtes type-safe vérifiées à la compilation Les opérations sont définies dans des repositories imbriqués plutôt que des méthodes statiques Possibilité de définir plusieurs repositories pour différents modes d'opération sur une même entité Accès aux différents modes (bloquant/réactif, géré/sans état) via des méthodes de supertype Support des annotations @Find et @HQL pour générer des requêtes type-safe Accès au repository via injection ou via le métamodèle généré Extension disponible dans la branche main, feedback demandé sur Zulip ou GitHub Spring Shell 4.0.0 GA publié - https://spring.io/blog/2025/12/30/spring-shell-4-0-0-ga-released Sortie de la version finale de Spring Shell 4.0.0 disponible sur Maven Central Compatible avec les dernières versions de Spring Framework et Spring Boot Modèle de commandes revu pour simplifier la création d'applications CLI interactives Intégration de jSpecify pour améliorer la sécurité contre les NullPointerException Architecture plus modulaire permettant meilleure personnalisation et extension Documentation et exemples entièrement mis à jour pour faciliter la prise en main Guide de migration vers la v4 disponible sur le wiki du projet Corrections de bugs pour améliorer la stabilité et la fiabilité Permet de créer des applications Java autonomes exécutables avec java -jar ou GraalVM native Approche opinionnée du développement CLI tout en restant flexible pour les besoins spécifiques Une nouvelle version de la librairie qui implémenter des gatherers supplémentaires à ceux du JDK https://github.com/tginsberg/gatherers4j/releases/tag/v0.13.0 gatherers4j v0.13.0. Nouveaux gatherers : uniquelyOccurringBy(), moving/runningMedian(), moving/runningMax/Min(). Changement : les gatherers "moving" incluent désormais par défaut les valeurs partielles (utiliser excludePartialValues() pour désactiver). LangChain4j 1.10.0 https://github.com/langchain4j/langchain4j/releases/tag/1.10.0 Introduction d'un catalogue de modèles pour Anthropic, Gemini, OpenAI et Mistral. Ajout de capacités d'observabilité et de monitoring pour les agents. Support des sorties structurées, des outils avancés et de l'analyse de PDF via URL pour Anthropic. Support des services de transcription pour OpenAI. Possibilité de passer des paramètres de configuration de chat en argument des méthodes. Nouveau garde-fou de modération pour les messages entrants. Support du contenu de raisonnement pour les modèles. Introduction de la recherche hybride. Améliorations du client MCP. Départ du lead de mockito après 10 ans https://github.com/mockito/mockito/issues/3777 Tim van der Lippe, mainteneur majeur de Mockito, annonce son départ pour mars 2026, marquant une décennie de contribution au projet. L'une des raisons principales est l'épuisement lié aux changements récents dans la JVM (JVM 22+) concernant les agents, imposant des contraintes techniques lourdes sans alternative simple proposée par les mainteneurs du JDK. Il pointe du doigt le manque de soutien et la pression exercée sur les bénévoles de l'open source lors de ces transitions technologiques majeures. La complexité croissante pour supporter Kotlin, qui utilise la JVM de manière spécifique, rend la base de code de Mockito plus difficile à maintenir et moins agréable à faire évoluer selon lui. Il exprime une perte de plaisir et préfère désormais consacrer son temps libre à d'autres projets comme Servo, un moteur web écrit en Rust. Une période de transition est prévue jusqu'en mars pour assurer la passation de la maintenance à de nouveaux contributeurs. Infrastructure Le premier intérêt de Kubernetes n'est pas le scaling - https://mcorbin.fr/posts/2025-12-29-kubernetes-scale/ Avant Kubernetes, gérer des applications en production nécessitait de multiples outils complexes (Ansible, Puppet, Chef) avec beaucoup de configuration manuelle Le load balancing se faisait avec HAProxy et Keepalived en actif/passif, nécessitant des mises à jour manuelles de configuration à chaque changement d'instance Le service discovery et les rollouts étaient orchestrés manuellement, instance par instance, sans automatisation de la réconciliation Chaque stack (Java, Python, Ruby) avait sa propre méthode de déploiement, sans standardisation (rpm, deb, tar.gz, jar) La gestion des ressources était manuelle avec souvent une application par machine, créant du gaspillage et complexifiant la maintenance Kubernetes standardise tout en quelques ressources YAML (Deployment, Service, Ingress, ConfigMap, Secret) avec un format déclaratif simple Toutes les fonctionnalités critiques sont intégrées : service discovery, load balancing, scaling, stockage, firewalling, logging, tolérance aux pannes La complexité des centaines de scripts shell et playbooks Ansible maintenus avant était supérieure à celle de Kubernetes Kubernetes devient pertinent dès qu'on commence à reconstruire manuellement ces fonctionnalités, ce qui arrive très rapidement La technologie est flexible et peut gérer aussi bien des applications modernes que des monolithes legacy avec des contraintes spécifiques Mole https://github.com/tw93/Mole Un outil en ligne de commande (CLI) tout-en-un pour nettoyer et optimiser macOS. Combine les fonctionnalités de logiciels populaires comme CleanMyMac, AppCleaner, DaisyDisk et iStat Menus. Analyse et supprime en profondeur les caches, les fichiers logs et les résidus de navigateurs. Désinstallateur intelligent qui retire proprement les applications et leurs fichiers cachés (Launch Agents, préférences). Analyseur d'espace disque interactif pour visualiser l'occupation des fichiers et gérer les documents volumineux. Tableau de bord temps réel (mo status) pour surveiller le CPU, le GPU, la mémoire et le réseau. Fonction de purge spécifique pour les développeurs permettant de supprimer les artefacts de build (node_modules, target, etc.). Intégration possible avec Raycast ou Alfred pour un lancement rapide des commandes. Installation simple via Homebrew ou un script curl. Des images Docker sécurisées pour chaque développeur https://www.docker.com/blog/docker-hardened-images-for-every-developer/ Docker rend ses "Hardened Images" (DHI) gratuites et open source (licence Apache 2.0) pour tous les développeurs. Ces images sont conçues pour être minimales, prêtes pour la production et sécurisées dès le départ afin de lutter contre l'explosion des attaques sur la chaîne logistique logicielle. Elles s'appuient sur des bases familières comme Alpine et Debian, garantissant une compatibilité élevée et une migration facile. Chaque image inclut un SBOM (Software Bill of Materials) complet et vérifiable, ainsi qu'une provenance SLSA de niveau 3 pour une transparence totale. L'utilisation de ces images permet de réduire considérablement le nombre de vulnérabilités (CVE) et la taille des images (jusqu'à 95 % plus petites). Docker étend cette approche sécurisée aux graphiques Helm et aux serveurs MCP (Mongo, Grafana, GitHub, etc.). Des offres commerciales (DHI Enterprise) restent disponibles pour des besoins spécifiques : correctifs critiques sous 7 jours, support FIPS/FedRAMP ou support à cycle de vie étendu (ELS). Un assistant IA expérimental de Docker peut analyser les conteneurs existants pour recommander l'adoption des versions sécurisées correspondantes. L'initiative est soutenue par des partenaires majeurs tels que Google, MongoDB, Snyk et la CNCF. Web La maçonnerie ("masonry") arrive dans la spécification des CSS et commence à être implémentée par les navigateurs https://webkit.org/blog/17660/introducing-css-grid-lanes/ Permet de mettre en colonne des éléments HTML les uns à la suite des autres. D'abord sur la première ligne, et quand la première ligne est remplie, le prochain élément se trouvera dans la colonne où il pourra être le plus haut possible, et ainsi de suite. après la plomberie du middleware, la maçonnerie du front :laughing: Data et Intelligence Artificielle On ne devrait pas faire un mapping 1:1 entre API REST et MCP https://nordicapis.com/why-mcp-shouldnt-wrap-an-api-one-to-one/ Problématique : Envelopper une API telle quelle dans le protocole MCP (Model Context Protocol) est un anti-pattern. Objectif du MCP : Conçu pour les agents d'IA, il doit servir d'interface d'intention, non de miroir d'API. Les agents comprennent les tâches, pas la logique complexe des API (authentification, pagination, orchestration). Conséquences du mappage un-à-un : Confusion des agents, erreurs, hallucinations. Difficulté à gérer les orchestrations complexes (plusieurs appels pour une seule action). Exposition des faiblesses de l'API (schéma lourd, endpoints obsolètes). Maintenance accrue lors des changements d'API. Meilleure approche : Construire des outils MCP comme des SDK pour agents, encapsulant la logique nécessaire pour accomplir une tâche spécifique. Pratiques recommandées : Concevoir autour des intentions/actions utilisateur (ex. : "créer un projet", "résumer un document"). Regrouper les appels en workflows ou actions uniques. Utiliser un langage naturel pour les définitions et les noms. Limiter la surface d'exposition de l'API pour la sécurité et la clarté. Appliquer des schémas d'entrée/sortie stricts pour guider l'agent et réduire l'ambiguïté. Des agents en production avec AWS - https://blog.ippon.fr/2025/12/22/des-agents-en-production-avec-aws/ AWS re:Invent 2025 a massivement mis en avant l'IA générative et les agents IA Un agent IA combine un LLM, une boucle d'appel et des outils invocables Strands Agents SDK facilite le prototypage avec boucles ReAct intégrées et gestion de la mémoire Managed MLflow permet de tracer les expérimentations et définir des métriques de performance Nova Forge optimise les modèles par réentraînement sur données spécifiques pour réduire coûts et latence Bedrock Agent Core industrialise le déploiement avec runtime serverless et auto-scaling Agent Core propose neuf piliers dont observabilité, authentification, code interpreter et browser managé Le protocole MCP d'Anthropic standardise la fourniture d'outils aux agents SageMaker AI et Bedrock centralisent l'accès aux modèles closed source et open source via API unique AWS mise sur l'évolution des chatbots vers des systèmes agentiques optimisés avec modèles plus frugaux Debezium 3.4 amène plusieurs améliorations intéressantes https://debezium.io/blog/2025/12/16/debezium-3-4-final-released/ Correction du problème de calcul du low watermark Oracle qui causait des pertes de performance Correction de l'émission des événements heartbeat dans le connecteur Oracle avec les requêtes CTE Amélioration des logs pour comprendre les transactions actives dans le connecteur Oracle Memory guards pour protéger contre les schémas de base de données de grande taille Support de la transformation des coordonnées géométriques pour une meilleure gestion des données spatiales Extension Quarkus DevServices permettant de démarrer automatiquement une base de données et Debezium en dev Intégration OpenLineage pour tracer la lignée des données et suivre leur flux à travers les pipelines Compatibilité testée avec Kafka Connect 4.1 et Kafka brokers 4.1 Infinispan 16.0.4 et .5 https://infinispan.org/blog/2025/12/17/infinispan-16-0-4 Spring Boot 4 et Spring 7 supportés Evolution dans les metriques Deux bugs de serialisation Construire un agent de recherche en Java avec l'API Interactions https://glaforge.dev/posts/2026/01/03/building-a-research-assistant-with-the-interactions-api-in-java/ Assistant de recherche IA Java (API Interactions Gemini), test du SDK implémenté par Guillaume. Workflow en 4 phases : Planification : Gemini Flash + Google Search. Recherche : Modèle "Deep Research" (tâche de fond). Synthèse : Gemini Pro (rapport exécutif). Infographie : Nano Banana Pro (à partir de la synthèse). API Interactions : gestion d'état serveur, tâches en arrière-plan, réponses multimodales (images). Appréciation : gestion d'état de l'API (vs LLM sans état). Validation : efficacité du SDK Java pour cas complexes. Stephan Janssen (le papa de Devoxx) a créé un serveur MCP (Model Context Protocol) basé sur LSP (Language Server Protocol) pour que les assistants de code analysent le code en le comprenant vraiment plutôt qu'en faisant des grep https://github.com/stephanj/LSP4J-MCP Le problème identifié : Les assistants IA utilisent souvent la recherche textuelle (type grep) pour naviguer dans le code, ce qui manque de contexte sémantique, génère du bruit (faux positifs) et consomme énormément de tokens inutilement. La solution LSP4J-MCP : Une approche "standalone" (autonome) qui encapsule le serveur de langage Eclipse (JDTLS) via le protocole MCP (Model Context Protocol). Avantage principal : Offre une compréhension sémantique profonde du code Java (types, hiérarchies, références) sans nécessiter l'ouverture d'un IDE lourd comme IntelliJ. Comparaison des méthodes : AST : Trop léger (pas de compréhension inter-fichiers). IntelliJ MCP : Puissant mais exige que l'IDE soit ouvert (gourmand en ressources). LSP4J-MCP : Le meilleur des deux mondes pour les workflows en terminal, à distance (SSH) ou CI/CD. Fonctionnalités clés : Expose 5 outils pour l'IA (find_symbols, find_references, find_definition, document_symbols, find_interfaces_with_method). Résultats : Une réduction de 100x des tokens utilisés pour la navigation et une précision accrue (distinction des surcharges, des scopes, etc.). Disponibilité : Le projet est open source et disponible sur GitHub pour intégration immédiate (ex: avec Claude Code, Gemini CLI, etc). A noter l'ajout dans claude code 2.0.74 d'un tool pour supporter LSP ( https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md#2074 ) Awesome (GitHub) Copilot https://github.com/github/awesome-copilot Une collection communautaire d'instructions, de prompts et de configurations pour optimiser l'utilisation de GitHub Copilot. Propose des "Agents" spécialisés qui s'intègrent aux serveurs MCP pour améliorer les flux de travail spécifiques. Inclut des prompts ciblés pour la génération de code, la documentation et la résolution de problèmes complexes. Fournit des instructions détaillées sur les standards de codage et les meilleures pratiques applicables à divers frameworks. Propose des "Skills" (compétences) sous forme de dossiers contenant des ressources pour des tâches techniques spécialisées. (les skills sont dispo dans copilot depuis un mois : https://github.blog/changelog/2025-12-18-github-copilot-now-supports-agent-skills/ ) Permet une installation facile via un serveur MCP dédié, compatible avec VS Code et Visual Studio. Encourage la contribution communautaire pour enrichir les bibliothèques de prompts et d'agents. Aide à augmenter la productivité en offrant des solutions pré-configurées pour de nombreux langages et domaines. Garanti par une licence MIT et maintenu activement par des contributeurs du monde entier. IA et productivité : bilan de l'année 2025 (Laura Tacho - DX)) https://newsletter.getdx.com/p/ai-and-productivity-year-in-review?aid=recNfypKAanQrKszT En 2025, l'ingénierie assistée par l'IA est devenue la norme : environ 90 % des développeurs utilisent des outils d'IA mensuellement, et plus de 40 % quotidiennement. Les chercheurs (Microsoft, Google, GitHub) soulignent que le nombre de lignes de code (LOC) reste un mauvais indicateur d'impact, car l'IA génère beaucoup de code sans forcément garantir une valeur métier supérieure. Si l'IA améliore l'efficacité individuelle, elle pourrait nuire à la collaboration à long terme, car les développeurs passent plus de temps à "parler" à l'IA qu'à leurs collègues. L'identité du développeur évolue : il passe de "producteur de code" à un rôle de "metteur en scène" qui délègue, valide et exerce son jugement stratégique. L'IA pourrait accélérer la montée en compétences des développeurs juniors en les forçant à gérer des projets et à déléguer plus tôt, agissant comme un "accélérateur" plutôt que de les rendre obsolètes. L'accent est mis sur la créativité plutôt que sur la simple automatisation, afin de réimaginer la manière de travailler et d'obtenir des résultats plus impactants. Le succès en 2026 dépendra de la capacité des entreprises à cibler les goulots d'étranglement réels (dette technique, documentation, conformité) plutôt que de tester simplement chaque nouveau modèle d'IA. La newsletter avertit que les titres de presse simplifient souvent à l'excès les recherches sur l'IA, masquant parfois les nuances cruciales des études réelles. Un développeur décrit dans un article sur Twitter son utilisation avancée de Claude Code pour le développement, avec des sous-agents, des slash-commands, comment optimiser le contexte, etc. https://x.com/AureaLibe/status/2008958120878330329?s=20 Outillage IntelliJ IDEA, thread dumps et project Loom (virtual threads) - https://blog.jetbrains.com/idea/2025/12/thread-dumps-and-project-loom-virtual-threads/ Les virtual threads Java améliorent l'utilisation du matériel pour les opérations I/O parallèles avec peu de changements de code Un serveur peut maintenant gérer des millions de threads au lieu de quelques centaines Les outils existants peinent à afficher et analyser des millions de threads simultanément Le débogage asynchrone est complexe car le scheduler et le worker s'exécutent dans des threads différents Les thread dumps restent essentiels pour diagnostiquer deadlocks, UI bloquées et fuites de threads Netflix a découvert un deadlock lié aux virtual threads en analysant un heap dump, bug corrigé dans Java 25. Mais c'était de la haute voltige IntelliJ IDEA supporte nativement les virtual threads dès leur sortie avec affichage des locks acquis IntelliJ IDEA peut ouvrir des thread dumps générés par d'autres outils comme jcmd Le support s'étend aussi aux coroutines Kotlin en plus des virtual threads Quelques infos sur IntelliJ IDEA 2025.3 https://blog.jetbrains.com/idea/2025/12/intellij-idea-2025-3/ Distribution unifiée regroupant davantage de fonctionnalités gratuites Amélioration de la complétion des commandes dans l'IDE Nouvelles fonctionnalités pour le débogueur Spring Thème Islands devient le thème par défaut Support complet de Spring Boot 4 et Spring Framework 7 Compatibilité avec Java 25 Prise en charge de Spring Data JDBC et Vitest 4 Support natif de Junie et Claude Agent pour l'IA Quota d'IA transparent et option Bring Your Own Key à venir Corrections de stabilité, performance et expérience utilisateur Plein de petits outils en ligne pour le développeur https://blgardner.github.io/prism.tools/ génération de mot de passe, de gradient CSS, de QR code encodage décodage de Base64, JWT formattage de JSON, etc. resumectl - Votre CV en tant que code https://juhnny5.github.io/resumectl/ Un outil en ligne de commande (CLI) écrit en Go pour générer un CV à partir d'un fichier YAML. Permet l'exportation vers plusieurs formats : PDF, HTML, ou un affichage direct dans le terminal. Propose 5 thèmes intégrés (Modern, Classic, Minimal, Elegant, Tech) personnalisables avec des couleurs spécifiques. Fonctionnalité d'initialisation (resumectl init) permettant d'importer automatiquement des données depuis LinkedIn et GitHub (projets les plus étoilés). Supporte l'ajout de photos avec des options de filtre noir et blanc ou de forme (rond/carré). Inclut un mode "serveur" (resumectl serve) pour prévisualiser les modifications en temps réel via un navigateur local. Fonctionne comme un binaire unique sans dépendances externes complexes pour les modèles. mactop - Un moniteur "top" pour Apple Silicon https://github.com/metaspartan/mactop Un outil de surveillance en ligne de commande (TUI) conçu spécifiquement pour les puces Apple Silicon (M1, M2, M3, M4, M5). Permet de suivre en temps réel l'utilisation du CPU (E-cores et P-cores), du GPU et de l'ANE (Neural Engine). Affiche la consommation électrique (wattage) du système, du CPU, du GPU et de la DRAM. Fournit des données sur les températures du SoC, les fréquences du GPU et l'état thermique global. Surveille l'utilisation de la mémoire vive, de la swap, ainsi que l'activité réseau et disque (E/S). Propose 10 mises en page (layouts) différentes et plusieurs thèmes de couleurs personnalisables. Ne nécessite pas l'utilisation de sudo car il s'appuie sur les API natives d'Apple (SMC, IOReport, IOKit). Inclut une liste de processus détaillée (similaire à htop) avec la possibilité de tuer des processus directement depuis l'interface. Offre un mode "headless" pour exporter les métriques au format JSON et un serveur optionnel pour Prometheus. Développé en Go avec des composants en CGO et Objective-C. Adieu direnv, Bonjour misehttps://codeka.io/2025/12/19/adieu-direnv-bonjour-mise/ L'auteur remplace ses outils habituels (direnv, asdf, task, just) par un seul outil polyvalent écrit en Rust : mise. mise propose trois fonctions principales : gestionnaire de paquets (langages et outils), gestionnaire de variables d'environnement et exécuteur de tâches. Contrairement à direnv, il permet de gérer des alias et utilise un fichier de configuration structuré (mise.toml) plutôt que du scripting shell. La configuration est hiérarchique, permettant de surcharger les paramètres selon les répertoires, avec un système de "trust" pour la sécurité. Une "killer-feature" soulignée est la gestion des secrets : mise s'intègre avec age pour chiffrer des secrets (via clés SSH) directement dans le fichier de configuration. L'outil supporte une vaste liste de langages et d'outils via un registre interne et des plugins (compatibilité avec l'écosystème asdf). Il simplifie le workflow de développement en regroupant l'installation des outils et l'automatisation des tâches au sein d'un même fichier. L'auteur conclut sur la puissance, la flexibilité et les excellentes performances de l'outil après quelques heures de test. Claude Code v2.1.0 https://github.com/anthropics/claude-code/blob/main/CHANGELOG.md#210 Rechargement à chaud des "skills" : Les modifications apportées aux compétences dans ~/.claude/skills sont désormais appliquées instantanément sans redémarrer la session. Sous-agents et forks : Support de l'exécution de compétences et de commandes slash dans un contexte de sous-agent forké via context: fork. Réglages linguistiques : Ajout d'un paramètre language pour configurer la langue de réponse par défaut (ex: language: "french"). Améliorations du terminal : Shift+Enter fonctionne désormais nativement dans plusieurs terminaux (iTerm2, WezTerm, Ghostty, Kitty) sans configuration manuelle. Sécurité et correction de bugs : Correction d'une faille où des données sensibles (clés API, tokens OAuth) pouvaient apparaître dans les logs de débogage. Nouvelles commandes slash : Ajout de /teleport et /remote-env pour les abonnés claude.ai afin de gérer des sessions distantes. Mode Plan : Le raccourci /plan permet d'activer le mode plan directement depuis le prompt, et la demande de permission à l'entrée de ce mode a été supprimée. Vim et navigation : Ajout de nombreux mouvements Vim (text objects, répétitions de mouvements f/F/t/T, indentations, etc.). Performance : Optimisation du temps de démarrage et du rendu terminal pour les caractères Unicode/Emoji. Gestion du gitignore : Support du réglage respectGitignore dans settings.json pour contrôler le comportement du sélecteur de fichiers @-mention. Méthodologies 200 déploiements en production par jour, même le vendredi : retours d'expérience https://mcorbin.fr/posts/2025-03-21-deploy-200/ Le déploiement fréquent, y compris le vendredi, est un indicateur de maturité technique et augmente la productivité globale. L'excellence technique est un atout stratégique indispensable pour livrer rapidement des produits de qualité. Une architecture pragmatique orientée services (SOA) facilite les déploiements indépendants et réduit la charge cognitive. L'isolation des services est cruciale : un développeur doit pouvoir tester son service localement sans dépendre de toute l'infrastructure. L'automatisation via Kubernetes et l'approche GitOps avec ArgoCD permettent des déploiements continus et sécurisés. Les feature flags et un système de permissions solide permettent de découpler le déploiement technique de l'activation fonctionnelle pour les utilisateurs. L'autonomie des développeurs est renforcée par des outils en self-service (CLI maison) pour gérer l'infrastructure et diagnostiquer les incidents sans goulot d'étranglement. Une culture d'observabilité intégrée dès la conception permet de détecter et de réagir rapidement aux anomalies en production. Accepter l'échec comme inévitable permet de concevoir des systèmes plus résilients capables de se rétablir automatiquement. "Vibe Coding" vs "Prompt Engineering" : l'IA et le futur du développement logiciel https://www.romenrg.com/blog/2025/12/25/vibe-coding-vs-prompt-engineering-ai-and-the-future-of-software-development/ L'IA est passée du statut d'expérimentation à celui d'infrastructure essentielle pour le développement de logiciels en 2025. L'IA ne remplace pas les ingénieurs, mais agit comme un amplificateur de leurs compétences, de leur jugement et de la qualité de leur réflexion. Distinction entre le "Vibe Coding" (rapide, intuitif, idéal pour les prototypes) et le "Prompt Engineering" (délibéré, contraint, nécessaire pour les systèmes maintenables). L'importance cruciale du contexte ("Context Engineering") : l'IA devient réellement puissante lorsqu'elle est connectée aux systèmes réels (GitHub, Jira, etc.) via des protocoles comme le MCP. Utilisation d'agents spécialisés (écriture de RFC, revue de code, architecture) plutôt que de modèles génériques pour obtenir de meilleurs résultats. Émergence de l'ingénieur "Technical Product Manager" capable d'abattre seul le travail d'une petite équipe grâce à l'IA, à condition de maîtriser les fondamentaux techniques. Le risque majeur : l'IA permet d'aller très vite dans la mauvaise direction si le jugement humain et l'expérience font défaut. Le niveau d'exigence global augmente : les bases techniques solides deviennent plus importantes que jamais pour éviter l'accumulation de dette technique rapide. Une revue de code en solo (Kent Beck) ! https://tidyfirst.substack.com/p/party-of-one-for-code-review?r=64ov3&utm_campaign=post&utm_medium=web&triedRedirect=true La revue de code traditionnelle, héritée des inspections formelles d'IBM, s'essouffle car elle est devenue trop lente et asynchrone par rapport au rythme du développement moderne. Avec l'arrivée de l'IA ("le génie"), la vitesse de production du code dépasse la capacité de relecture humaine, créant un goulot d'étranglement majeur. La revue de code doit évoluer vers deux nouveaux objectifs prioritaires : un "sanity check" pour vérifier que l'IA a bien fait ce qu'on lui demandait, et le contrôle de la dérive structurelle de la base de code. Maintenir une structure saine est crucial non seulement pour les futurs développeurs humains, mais aussi pour que l'IA puisse continuer à comprendre et modifier le code efficacement sans perdre le contexte. Kent Beck expérimente des outils automatisés (comme CodeRabbit) pour obtenir des résumés et des schémas d'architecture afin de garder une conscience globale des changements rapides. Même si les outils automatisés sont utiles, le "Pair Programming" reste irremplaçable pour la richesse des échanges et la pression sociale bénéfique qu'il impose à la réflexion. La revue de code solo n'est pas une fin en soi, mais une adaptation nécessaire lorsque l'on travaille seul avec des outils de génération de code augmentés. Loi, société et organisation Lego lance les Lego Smart Play, avec des Brique, des Smart Tags et des Smart Figurines pour faire de nouvelles constructions interactives avec des Legos https://www.lego.com/fr-fr/smart-play LEGO SMART Play : technologie réactive au jeu des enfants. Trois éléments clés : SMART Brique : Brique LEGO 2x4 "cerveau". Accéléromètre, lumières réactives, détecteur de couleurs, synthétiseur sonore. Réagit aux mouvements (tenir, tourner, taper). SMART Tags : Petites pièces intelligentes. Indiquent à la SMART Brique son rôle (ex: hélicoptère, voiture) et les sons à produire. Activent sons, mini-jeux, missions secrètes. SMART Minifigurines : Activées près d'une SMART Brique. Révèlent des personnalités uniques (sons, humeurs, réactions) via la SMART Brique. Encouragent l'imagination. Fonctionnement : SMART Brique détecte SMART Tags et SMART Minifigurines. Réagit aux mouvements avec lumières et sons dynamiques. Compatibilité : S'assemble avec les briques LEGO classiques. Objectif : Créer des expériences de jeu interactives, uniques et illimitées. Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 14-17 janvier 2026 : SnowCamp 2026 - Grenoble (France) 22 janvier 2026 : DevCon #26 : sécurité / post-quantique / hacking - Paris (France) 28 janvier 2026 : Software Heritage Symposium - Paris (France) 29-31 janvier 2026 : Epitech Summit 2026 - Paris - Paris (France) 2-5 février 2026 : Epitech Summit 2026 - Moulins - Moulins (France) 3 février 2026 : Cloud Native Days France 2026 - Paris (France) 3-4 février 2026 : Epitech Summit 2026 - Lille - Lille (France) 3-4 février 2026 : Epitech Summit 2026 - Mulhouse - Mulhouse (France) 3-4 février 2026 : Epitech Summit 2026 - Nancy - Nancy (France) 3-4 février 2026 : Epitech Summit 2026 - Nantes - Nantes (France) 3-4 février 2026 : Epitech Summit 2026 - Marseille - Marseille (France) 3-4 février 2026 : Epitech Summit 2026 - Rennes - Rennes (France) 3-4 février 2026 : Epitech Summit 2026 - Montpellier - Montpellier (France) 3-4 février 2026 : Epitech Summit 2026 - Strasbourg - Strasbourg (France) 3-4 février 2026 : Epitech Summit 2026 - Toulouse - Toulouse (France) 4-5 février 2026 : Epitech Summit 2026 - Bordeaux - Bordeaux (France) 4-5 février 2026 : Epitech Summit 2026 - Lyon - Lyon (France) 4-6 février 2026 : Epitech Summit 2026 - Nice - Nice (France) 5 février 2026 : Web Days Convention - Aix-en-Provence (France) 12 février 2026 : Strasbourg Craft #1 - Strasbourg (France) 12-13 février 2026 : Touraine Tech #26 - Tours (France) 19 février 2026 : ObservabilityCON on the Road - Paris (France) 6 mars 2026 : WordCamp Nice 2026 - Nice (France) 18-19 mars 2026 : Agile Niort 2026 - Niort (France) 20 mars 2026 : Atlantique Day 2026 - Nantes (France) 26 mars 2026 : Data Days Lille - Lille (France) 26-27 mars 2026 : SymfonyLive Paris 2026 - Paris (France) 26-27 mars 2026 : REACT PARIS - Paris (France) 27-29 mars 2026 : Shift - Nantes (France) 31 mars 2026 : ParisTestConf - Paris (France) 1 avril 2026 : AWS Summit Paris - Paris (France) 2 avril 2026 : Pragma Cannes 2026 - Cannes (France) 9-10 avril 2026 : AndroidMakers by droidcon - Paris (France) 16-17 avril 2026 : MiXiT 2026 - Lyon (France) 22-24 avril 2026 : Devoxx France 2026 - Paris (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 24-25 avril 2026 : Faiseuses du Web 5 - Dinan (France) 6-7 mai 2026 : Devoxx UK 2026 - London (UK) 22 mai 2026 : AFUP Day 2026 Lille - Lille (France) 22 mai 2026 : AFUP Day 2026 Paris - Paris (France) 22 mai 2026 : AFUP Day 2026 Bordeaux - Bordeaux (France) 22 mai 2026 : AFUP Day 2026 Lyon - Lyon (France) 29 mai 2026 : NG Baguette Conf 2026 - Paris (France) 5 juin 2026 : TechReady - Nantes (France) 5 juin 2026 : Fork it! - Rouen - Rouen (France) 6 juin 2026 : Polycloud - Montpellier (France) 11-12 juin 2026 : DevQuest Niort - Niort (France) 11-12 juin 2026 : DevLille 2026 - Lille (France) 12 juin 2026 : Tech F'Est 2026 - Nancy (France) 17-19 juin 2026 : Devoxx Poland - Krakow (Poland) 17-20 juin 2026 : VivaTech - Paris (France) 2 juillet 2026 : Azur Tech Summer 2026 - Valbonne (France) 2-3 juillet 2026 : Sunny Tech - Montpellier (France) 3 juillet 2026 : Agile Lyon 2026 - Lyon (France) 2 août 2026 : 4th Tech Summit on Artificial Intelligence & Robotics - Paris (France) 4 septembre 2026 : JUG Summer Camp 2026 - La Rochelle (France) 17-18 septembre 2026 : API Platform Conference 2026 - Lille (France) 24 septembre 2026 : PlatformCon Live Day Paris 2026 - Paris (France) 1 octobre 2026 : WAX 2026 - Marseille (France) 1-2 octobre 2026 : Volcamp - Clermont-Ferrand (France) 5-9 octobre 2026 : Devoxx Belgium - Antwerp (Belgium) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

netflix google guide secret service tech spring evolution data microsoft mit modern chefs class code skills web ga difficult lego construction base confusion ces oracle cons classic saas ia encourage excuses pattern react gemini assistant openai year in review cv faire maintenance combine distribution extension analyse blue sky correction validation rust api map acc qr conf puppets materials islands io sous elles python ui aws expose nouvelle nouveau toutes trois github java minimal quelques guillaume bonjour fork corrections workflow int distinction prometheus aur probl helm extraction alpine installation mole llm loom anthropic documentation exposition macos html apache aide kafka invent nouvelles gestion prod prise gpu plein wax changement cpu nouveaux propose gc els interface css vendredi dns adieu jars meilleure construire soc ide synth diagnostics objectif dram homebrew elegant docker bedrock node loi kubernetes utiliser sortie m2 tableau sdks offre m3 accepter cdi contrairement mcp servo enregistr approche pratiques mongodb changements m4 ci cd mistral tui json jira potentiel london uk cli permet paris france cve appr github copilot vim fonctionne limiter soa loc possibilit fonction utilisation ssh vs code maintenir m5 rfc visual studio apple silicon prompt engineering comparaison 7d jit lippe ingress kotlin oauth e s panache avantage ansible jvm vache debian unicode lsp affiche hibernate appliquer jwt snyk mixit garanti yaml grafana concevoir objective c cgo cncf pair programming changelog ajout tech summit gitops kent beck devcon technical product manager spring boot gemini pro cleanmymac nice france jdk lyon france intellij surveille raycast spring framework intellij idea base64 tuis provence france haproxy devoxx strasbourg france argocd lille france istat menus cannes france iterm2 daisydisk kafka connect regexp devoxx france appcleaner
airhacks.fm podcast with adam bien
Building a Production-Ready Postgres Kubernetes Operator in Java with Quarkus and GraalVM

airhacks.fm podcast with adam bien

Play Episode Listen Later Jan 14, 2026 65:22


An airhacks.fm conversation with Alvaro Hernandez (@ahachete) about: discussion about LLMs generating Java code with BCE patterns and architectural rules, Java being 20-30% better for LLM code generation than python and typescript, embedding business knowledge in Java source code for LLM context, stackgres as a curated opinionated stack for running Postgres on kubernetes, Postgres requiring external tools for connection pooling and high availability and backup and monitoring, StackGres as a Helm package and Kubernetes operator, comparison with oxide hardware for on-premise cloud environments, experimenting with Incus for system containers and VMS, limitations of Ansible for infrastructure automation and code reuse, Kubernetes as an API-driven architecture abstracting compute and storage, Custom Resource Definitions (CRDs) for declarative Postgres cluster management, StackGres supporting sharding with automated multi-cluster deployment, 13 lines of YAML to create 60-node sharded clusters, three interfaces for StackGres including CRDs and web console and REST API, operator written in Java with quarkus unlike typical Go-based operators, Google study showing Java faster than Go, GraalVM native compilation for 80MB container images versus 400-500MB JVM images, fabric8 Kubernetes client for API communication, reconciliation cycle running every 10 seconds to maintain desired state, pod local controller as Quarkus sidecar for local Postgres operations, dynamic extension installation without rebuilding container images, grpc bi-directional communication between control plane and control nodes, inverse connection pattern where nodes initiate connections to control plane, comparison with Jini and JavaSpaces leasing concepts from Sun Microsystems, quarter million lines of Java code in the operator mostly POJOs predating records, PostgreSQL configuration validation with 300+ parameters, automated tuning applied by default in StackGres, potential for LLM-driven optimization with clone clusters for testing, Framework Computer laptop automation with Ubuntu auto-install and Ansible and Nix, five to ten minute full system reinstall including BIOS updates Alvaro Hernandez on twitter: @ahachete

Mac Geek Gab (Enhanced AAC)
All Rhyme, No Reason, Just Tabs

Mac Geek Gab (Enhanced AAC)

Play Episode Listen Later Jan 5, 2026 79:47 Transcription Available


You kick off the year by tightening your Apple habits, starting with smart Quick Tips that actually stick. You build year-based music playlists for offline listening, flip on Airplane Mode when you're out of service to save serious battery, and let the Health app handle reminders for meds and eye drops so nothing slips. You're reminded of power-user staples like Cmd-Shift-5 for screenshots, learn how Google Sites can double as a surprisingly effective bookmark manager, and get clarity on when and how to disable VPNs properly, including on Apple TV for region-locked content. Along the way, you discover tools that reliably track Apple refurb inventory and dig into the oddly fascinating logic behind Safari's tab close order. Then it's time to not get caught. You hear why Time Machine now warns you when your backup drive is too small, why storing Notes “On My Device” can bite you later, and how increasing cloud storage often means increasing local storage, too. Listener questions keep things practical, from tracking a missing Apple TV remote to deciding when an iPad beats a laptop. A deep dive into strange Safari tab behavior brings it all home, followed by Cool Stuff Found that helps you update Macs more intelligently, evaluate startup risks, replicate Mac setups with Ansible, and even capture insights from podcasts using AI. It's a fast, practical reset that helps you start the year sharper, safer, and a little more in control. 00:00:00 Mac Geek Gab 1123 for Monday, January 5th, 2026 January 5th: National Whipped Cream Day MGG Monthly Giveaway – Enter to win a copy of Ecamm Live or Carbon Copy Cloner 7! The MGG Merch Store is Live! MGG's CES 2026 Sponsors: BusyCal (with code MACGEEK10)! Eero Ecamm for Zoom integration MacPaw CCC Backup Quick Tips 00:00:01 Joe-QT-Make Year-based Music playlists for offline listening 00:04:44 John-QT-Use Airplane Mode to save your battery when you’re out of service 00:06:53 Steve-QT-Use the iPhone Health app to remind you about medications, eye drops, and more! CES 2026 Sponsor: BusyCal (with code MACGEEK10)! 00:12:26 Avraham-QT-Remember to use Cmd-Shift-5 for Screenshots 00:17:36 Andrew-QT-1115-Use Google Sites as your Bookmarks manager 00:21:32 Jason-QT-1122-Shut off your VPN from within the app, not Settings 00:23:03 Joe-QT-Use AppleTV VPN for region-locked content 00:28:51 Ben-1121-Refurb Tracker reliably tracks Apple refurb inventory 00:30:22 Ben-QT-There’s Logic to Safari Tabs Close Order…right? Don't Get Caught 00:32:11 Doug-DGC-Time Machine now warns you if your drive is too small CES 2026 Sponsor: CCC Backup CES 2026 Sponsor: MacPaw 00:41:29 Jose-DGC-1104-Be aware if you’re storing Notes On My [Device] 00:43:50 Doug-DGC-Increasing cloud storage means increasing local storage Reviews 00:46:37 Apv9-MGG Review-Absolutely Essential LIstening for Apple Users! Your Questions Answered and Tips Shared! 00:47:41 Skylar-Can I track my Apple TV remote? 00:50:17 Which remote control do you use? 00:53:27 Glenn-When do you reach for your iPad vs. your laptop? OmniOutliner 01:02:54 Juergen-Why the crazy tab behavior? 01:09:20 CES 2026 Coverage Sponsors Eero Ecamm for Zoom integration Cool Stuff Found 01:11:39 Steve-CSF-Latest for updating your Mac’s software SwitchGlass 01:13:01 Arvydas-CSF-MacPersistenceChecker to risk-score all your startup items 01:14:17 Alan-CSF-1121-Use Ansible to replicate user preferences between Macs 01:15:16 Dan-CSF-SnipD AI-powered Podcast app for capturing and learning from episodes 01:17:09 MGG 1123 Outtro MGG Monthly Giveaway Bandwidth Provided by CacheFly MGG's CES 2026 Sponsors Pilot Pete's Aviation Podcast: So There I Was (for Aviation Enthusiasts) The Debut Film Podcast – Adam's new podcast! Dave's Business Brain (for Entrepreneurs) and Gig Gab (for Working Musicians) Podcasts MGG Merch is Available! Mac Geek Gab YouTube Page Mac Geek Gab Live Calendar This Week's MGG Premium Contributors MGG Apple Podcasts Reviews feedback@macgeekgab.com 224-888-GEEK Active MGG Sponsors and Coupon Codes List BackBeat Media Podcast Network

Hacker Public Radio
HPR4524: Living the Tux Life Episode 3 - Automating the Install

Hacker Public Radio

Play Episode Listen Later Dec 4, 2025


This show has been flagged as Clean by the host. Setting up Linux Mint with Custom LVM and Luks Linux Mint with Custom LVM on LUKS Overview The current Linux Mint installer doesn't support custom partitions when setting up a new machine with LUKS encryption using LVM. I prefer having a separate partition for my home directory and a backup partition for Timeshift, so that reinstalling or fixing issues won't overwrite my home directory. I found several approaches to achieve this. One method involves setting up partitions first and then using the installer to select them, but this requires extensive post-installation configuration to get boot working with the encrypted drive. I discovered this blog which explains how to repartition your drive after installation. Combined with my guide on setting up hibernation, I created this documentation to help remember how to install a fresh copy of Linux Mint with LVM and LUKS. Tested on: Linux Mint 22 Cinnamon Partition Layout For this guide, I'm working with a 1TB drive that will be split into the following logical volumes: Root - 100GB (system files and applications) Swap - 32GB (for hibernation support) Home - 700GB (user files and documents) Backup - 100GB (Timeshift snapshots) Unallocated - ~68GB (reserved for future expansion) This setup ensures that system snapshots and user data remain separate, making system recovery much easier. Installation Guide Step 1: Initial Linux Mint Installation Start the Linux Mint installation process as normal: Boot from your Linux Mint installation media Follow the installation wizard (language, keyboard layout, etc.) When you reach the Installation type screen: Select "Erase disk and install Linux Mint" Click "Advanced features" Enable both options: ✓ Use LVM with the new Linux Mint installation ✓ Encrypt the new Linux Mint installation for security Click Continue Enter a strong encryption password when prompted Complete the rest of the installation (timezone, user account, etc.) When installation finishes, do NOT click "Restart Now" - we'll repartition first Important: Do NOT reboot after installation completes. We need to repartition before the first boot. Step 2: Access Root Terminal After installation finishes, open a terminal and switch to root: sudo -i This gives you administrative privileges needed for disk operations. Step 3: Check Current Disk Layout View your current partition structure: lsblk -f This displays your filesystem layout. You should see your encrypted volume group (typically vgmint) with a large root partition consuming most of the space. Step 4: Resize Root Partition Shrink the root partition from its default size (nearly full disk) to 100GB: lvresize -L 100G --resizefs vgmint/root What this does: -L 100G sets the logical volume size to exactly 100GB --resizefs automatically resizes the filesystem to match This frees up ~900GB for our other partitions Step 5: Resize Swap Partition The default swap is usually small (a few GB). We need to increase it to 32GB for hibernation: lvresize --verbose -L +32G /dev/mapper/vgmint-swap_1 What this does: -L +32G adds 32GB to the current swap size --verbose shows detailed progress information This ensures enough swap space for RAM contents during hibernation Note: For hibernation to work, swap should be at least equal to your RAM size. Adjust accordingly. Step 6: Create Home Partition Create a new logical volume for your home directory: lvcreate -L 700G vgmint -n home What this does: -L 700G creates a 700GB logical volume vgmint is the volume group name -n home names the new volume "home" Step 7: Create Backup Partition Create a logical volume for Timeshift backups: lvcreate -L 100G vgmint -n backup What this does: Creates a dedicated 100GB space for system snapshots Keeps backups separate from user data Prevents backups from filling up your home partition Step 8: Format New Partitions Format both new partitions with the ext4 filesystem: mkfs.ext4 /dev/vgmint/backup mkfs.ext4 /dev/vgmint/home What this does: Creates ext4 filesystems on both logical volumes ext4 is the standard Linux filesystem with good performance and reliability Step 9: Mount Partitions Create mount points and mount your partitions: mkdir /mnt/{root,home} mount /dev/vgmint/root /mnt/root/ mount /dev/vgmint/home /mnt/home/ What this does: Creates temporary directories to access the filesystems Mounts root and home so we can configure them Step 10: Move Home Directory Contents Move the existing home directory contents from the root partition to the new home partition: mv /mnt/root/home/* /mnt/home/ What this does: Transfers all user files and directories from the old location to the new home partition Preserves your user account settings and any files created during installation Without this step, your home directory would be empty on first boot Step 11: Update fstab Add the home partition to the system's fstab file so it mounts automatically at boot: echo "/dev/mapper/vgmint-home /home ext4 defaults 0 2" >> /mnt/root/etc/fstab What this does: Appends a mount entry to /etc/fstab Ensures /home partition mounts automatically at startup The 0 2 values enable filesystem checks during boot Step 12: Clean Up and Prepare for Reboot Unmount the partitions and deactivate the volume group: umount /mnt/root umount /mnt/home swapoff -a lvchange -an vgmint What this does: Safely unmounts all mounted filesystems Turns off swap Deactivates the volume group to prevent conflicts Ensures everything is properly closed before reboot Step 13: Reboot Now you can safely reboot into your new system: reboot Enter your LUKS encryption password at boot, then log in normally. Verification After rebooting, verify your partition setup: lsblk -f df -h You should see: Root (/) mounted with ~100GB Home (/home) mounted with ~700GB Swap available with 32GB Backup partition ready for Timeshift configuration Setting Up Timeshift To complete your backup solution: Install Timeshift (if not already installed): sudo apt install timeshift Launch Timeshift and select RSYNC mode Choose the backup partition as your snapshot location Configure your backup schedule (daily, weekly, monthly) Create your first snapshot Additional Resources Original blog post on LVM rearrangement Setting up hibernation on Linux Mint Conclusion This setup gives you the best of both worlds: the security of full-disk encryption with LUKS, and the flexibility of custom LVM partitions. Your home directory and system backups are now isolated, making system recovery and upgrades much safer and more manageable. Automating Your Linux Mint Setup After a Fresh Install Automating Your Linux Mint Setup After a Fresh Install Setting up a fresh Linux Mint installation can be time-consuming, especially when you want to replicate your perfect development environment. This guide will show you how to automate the entire process using Ansible and configuration backups, so you can go from a fresh install to a fully configured system in minutes. Why Automate Your Setup? Whether you're setting up a new machine, recovering from a system failure, or just want to maintain consistency across multiple computers, automation offers several key benefits: Time Savings: What normally takes hours can be done in minutes Consistency: Identical setup across all your machines Documentation: Your setup becomes self-documenting Recovery: Quick recovery from system failures Reproducibility: Never forget to install that one crucial tool again Discovering Your Installed Applications Before creating your automation setup, you need to identify which applications you've manually installed since the initial OS installation. This helps you build a complete picture of your custom environment. Finding APT and .deb Packages To see all manually installed packages (excluding those that came with the OS): comm -23

CISSP Cyber Training Podcast - CISSP Training Program
CCT 294: Config Management Essentials - CISSP Domain 7

CISSP Cyber Training Podcast - CISSP Training Program

Play Episode Listen Later Nov 3, 2025 32:10 Transcription Available


Send us a textA single Windows shortcut can open the door to espionage—and that's exactly where we begin. We break down a fresh LNK exploit campaign to show how hidden command execution and DLL sideloading slip past busy teams, then pivot into the core defense most organizations underuse: disciplined configuration management. From baselines and version control to change boards and rapid rollback, we map the habits and tools that turn chaos into control.We walk through building secure, realistic baselines with CIS Benchmarks and NIST 800‑128, and why “simple and enforceable” beats “perfect and ignored.” You'll hear how least privilege for change stops shadow tweaks, how EDR and application firewalls catch command and control, and how automation with Ansible, SCCM, and Terraform keeps fleets consistent. We spotlight the CMDB as a living source of truth—only valuable if you maintain ownership, automate updates, and report on drift so leadership and risk teams can act.Change governance becomes your stabilizer. A change control board aligns IT, security, operations, risk, and compliance before big moves, while an emergency change advisory board authorizes fast action for zero‑days and incidents with a strict post‑implementation review. We break down the full change lifecycle—request, impact analysis, staging, implementation, verification, CMDB updates—and the common pitfalls to avoid, including undocumented changes, brittle rollbacks, and ignoring post‑change scan results. Expect practical guidance on when to auto‑patch Windows, how to iterate quarterly without overengineering, and what metrics prove progress.If you're aiming to master CISSP Domain 7 or just want fewer outages and faster recovery, this conversation gives you a clear blueprint to reduce attack surface and increase stability. If it helps, share it with a teammate, subscribe for more deep dives, and leave a quick review so we can keep improving for you.Gain exclusive access to 360 FREE CISSP Practice Questions at FreeCISSPQuestions.com and have them delivered directly to your inbox! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!

The Pure Report
Pure Fusion: Unified and Automated Data Management enabling the Enterprise Data Cloud

The Pure Report

Play Episode Listen Later Oct 28, 2025 62:08


Join Pure Storage Technical Evangelists Don Poorman and Mike Nelson as we dive into Pure Fusion and how Pure Storage is enabling users to focus less on managing storage and more on managing their data. We start by examining the complexities of managing storage and application workloads in today's rapidly evolving IT landscape. We expose the challenges posed by legacy vendor "portfolios" which often consist of disparate products lacking unified GUIs and APIs. Learn why a fundamental shift is necessary to eliminate silos in enterprise storage, moving beyond mere federation to true integration – a unified management plane with common APIs that seamlessly operate across the entire storage ecosystem. Poorman and Nelson underscore how this integration and automation are not just valuable for traditional workloads but will be absolutely critical for the future of AI implementation, especially for inference. Our discussion pivots to Pure Storage's groundbreaking solution: Fusion. Learn what Fusion is – a powerful capability included in the latest versions of the Purity operating environment that provides an intelligent control plane for a centralized, unified management experience across an entire fleet of arrays. Our experts explain how Fusion inherently adopts Pure's API-First strategy, offering robust automation capabilities through PowerShell SDK, Ansible, and Python. They highlight how Fusion drives management, compliance, and workload configuration consistency from a single pane of glass, and how it's a vital foundation of Pure's Enterprise Data Cloud (EDC) vision. Listeners and viewers will gain invaluable insights into the tangible benefits of Fusion, including the ability to provision storage on any array from any array within the same UI, search and manage storage resources globally, and reconfigure resources without needing to access a specific array. Poorman and Nelson also explore how Fusion simplifies and standardizes workload deployments with pre-configured definitions, enabling end-to-end workload orchestration. They touch upon future enhancements like seamless interoperability across file, object, and block storage in on-site, hybrid, and cloud environments, and the exciting prospect of workload mobility. 
 Check out the new Pure Storage digital customer community to join the conversation with peers and Pure experts: 
https://purecommunity.purestorage.com/

The DevSecOps Talks Podcast
#85 - Is It Time for OpenTofu? Our HashiConf Takeaways

The DevSecOps Talks Podcast

Play Episode Listen Later Oct 23, 2025 30:46


We break down 10 years of HashiConf and this year's Terraform-heavy news. What do Terraform Actions with Ansible, Stacks GA, and HCP-only features mean for day two work? Is open source getting left behind, and is OpenTofu worth a look?  We are always happy to answer any questions, hear suggestions for new episodes, or hear from you, our listeners. DevSecOps Talks podcast LinkedIn page DevSecOps Talks podcast website DevSecOps Talks podcast YouTube channel

LINUX Unplugged
635: The Texas Linux Fest Special

LINUX Unplugged

Play Episode Listen Later Oct 6, 2025 90:03 Transcription Available


Our cross-continent race to Texas Linux Fest culminates into fantastic meat, meetups, and more.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

airhacks.fm podcast with adam bien
Dynamic Container Images with Quarkus

airhacks.fm podcast with adam bien

Play Episode Listen Later Oct 5, 2025 61:52


An airhacks.fm conversation with Alvaro Hernandez (@ahachete) about: Framework laptop experience and build process with DIY edition, modular connectors and upgradability, running Ubuntu 25.10 beta with nix package manager, automating installation with YAML and Ansible, comparison with IBM AS/400 feature activation model, docker adoption history for server maintenance and documentation, PostgreSQL extensions, upgradability and security concerns, challenges with packing 1000+ extensions into container images, security concerns with large monolithic images containing unused extensions, dynamic extension injection using sidecar pod local controller in kubernetes, problems with mutating running containers and security tool compliance, traditional Docker build approach requiring users to become image maintainers, challenging assumptions about container image immutability and Merkle tree, container images as JSON manifests pointing to tar file layers, Dynamic OCI Registry concept for composing images on-the-fly, generating manifests dynamically in milliseconds without Docker build, interface-based approach for mapping user preferences to layer digests, PostgreSQL-specific implementation with extension URL patterns, metadata storage in PostgreSQL database for layer digest resolution, potential applications for quarkus and Java microservices, serverless deployment possibilities with AWS Lambda, comparison with Cloudflare's serverless OCI registry, enterprise use cases for automated patching and security updates, integration possibilities with AWS EventBridge for CI/CD pipelines, transparency to Docker clients with only registry change required, stackgres platform using 4 million lines of Java code, ongres company services including PostgreSQL training and Oracle migrations, Alvaro's website: aht.es Alvaro Hernandez on twitter: @ahachete

All TWiT.tv Shows (MP3)
Untitled Linux Show 220: It Hardly Ever Bricks Your Computer

All TWiT.tv Shows (MP3)

Play Episode Listen Later Sep 14, 2025 79:11 Transcription Available


This week Microsoft Open Sources one of its oldest codebases, Firefox is blitzing its codebase, and Apache (the name) is no more. Pipewire, CUPS, and Fwupd all ships updates. Bcachefs's future is a bit uncertain, and VDPAU is certainly out of Mesa. For tips we have default handling with wpctl, server management with ansible, and Wine performance with ntsync. You can find the show notes at https://bit.ly/3K26caz and See you next week! Host: Jonathan Bennett Co-Hosts: Rob Campbell and Ken McDonald Download or subscribe to Untitled Linux Show at https://twit.tv/shows/untitled-linux-show Want access to the ad-free video and exclusive features? Become a member of Club TWiT today! https://twit.tv/clubtwit Club TWiT members can discuss this episode and leave feedback in the Club TWiT Discord.

Packet Pushers - Full Podcast Feed
TNO041: From Ansible to AI: Jeremy Schulman on the Evolution of Network Automation

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Sep 12, 2025 72:38


Jeremy Schulman has been working at network automation for much of his professional life. On today’s Total Network Operations, host Scott Robohn talks with Jeremy about his ongoing quest to get the network engineering bottleneck out of production. They discuss the early days of network automation when engineers tried to adopt tools from compute side... Read more »

Packet Pushers - Fat Pipe
TNO041: From Ansible to AI: Jeremy Schulman on the Evolution of Network Automation

Packet Pushers - Fat Pipe

Play Episode Listen Later Sep 12, 2025 72:38


Jeremy Schulman has been working at network automation for much of his professional life. On today’s Total Network Operations, host Scott Robohn talks with Jeremy about his ongoing quest to get the network engineering bottleneck out of production. They discuss the early days of network automation when engineers tried to adopt tools from compute side... Read more »

Two's Complement
Running Programs

Two's Complement

Play Episode Listen Later Sep 12, 2025 41:18 Transcription Available


Matt and Ben discuss running in production; from running processes in screen to battling systemd configuration files. Ben sketches out daemonization rituals while Matt channels Tolkien to explain process hierarchies. Our hosts discover that Ansible playbooks are just bash scripts with better PR, and everyone still Googles journalctl syntax.

Telecom Reseller
LogicVein Brings Humor and Automation to Network Management at VMware Explore, Podcast

Telecom Reseller

Play Episode Listen Later Aug 28, 2025 2:58


At VMware Explore, Technology Reseller News publisher Doug Green stops by the LogicVein booth—drawn in by a bold and humorous sign that reads: “Does your network suck?” In this episode, Doug interviews Bobby Olander of LogicVein, who explains how the company's playful approach at the show is matched by serious innovation in network management solutions. With over 20 years of experience, LogicVein delivers advanced tools to tackle persistent network issues. Bobby introduces listeners to ThirdEye, the company's comprehensive network monitoring solution, and NetLineDancer, which focuses on configuration change management across all network devices. NetLineDancer enables auto-remediation through drag-and-drop playbooks—similar to Ansible, but tailored for network engineers and requiring no Python knowledge. The system actively monitors devices, identifies compliance issues, and automatically resolves them—sending real-time notifications via Teams, Slack, Mattermost, or email. It's a streamlined, proactive approach to keeping networks healthy, secure, and compliant. Bobby also shares how their eye-catching booth signage sparked smiles and conversations, proving that a little creativity can go a long way at a trade show. Learn more at logicvein.com.

Packet Pushers - Full Podcast Feed
TCG056: Network Automation Reality Check with Ivan Pepelnjak

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Aug 20, 2025 70:51


In this unplanned and unfiltered conversation, we dive deep into network automation realities with Ivan Pepelnjak, networking’s long standing and independent voice from ipSpace.net. We explore why automation projects fail, dissect the tooling landscape (Ansible vs. Terraform vs. Python), and discuss the cultural barriers preventing enterprises from modernizing their networks. Ivan delivers hard truths about... Read more »

Hipsters Ponto Tech
Estudo de caso: Carreira em DevOps no Santander – Hipsters Ponto Tech #477

Hipsters Ponto Tech

Play Episode Listen Later Aug 19, 2025 41:25


Hoje o papo é sobre DevOps! Neste episódio, mergulhamos em como o Santander F1rst lida com algo tão complexo e tão essencial, desde o fluxo do dia a dia, até os desafios de entender as melhores aplicações de cada nova ferramenta de IA. Vem ver quem participou desse papo: André David, o host que não está querendo puxar a sardinha para o back-end Yago Oliveira, Coordenador de Conteúdo Técnico na Alura Fabiano Carneiro, IT Manager no Santander F1rst Leandro Matinez, Arquiteto de TI no Santander F1rst

LINUX Unplugged
628: Don't Call it a Christro

LINUX Unplugged

Play Episode Listen Later Aug 17, 2025 91:28 Transcription Available


When personalities clash, the users come last. Meanwhile, Chris' hyper-tuned setup stops being a toy and starts looking like a daily driver.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

LINUX Unplugged
624: Tiny PC, Huge Problems

LINUX Unplugged

Play Episode Listen Later Jul 20, 2025 82:32 Transcription Available


Everything wrong with our homelabs, and how we're finally fixing them. Plus: two self-hosted apps you didn't know you needed.Sponsored By:Managed Nebula: Meet Managed Nebula from Defined Networking. A decentralized VPN built on the open-source Nebula platform that we love. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

Packet Pushers - Heavy Networking
HN784: Accelerate Your Network Automation With Gluware Labs and New Ansible Collection (Sponsored)

Packet Pushers - Heavy Networking

Play Episode Listen Later Jun 6, 2025 59:07


Network automation is today’s topic with sponsor Gluware. Gluware provides a network automation platform that targets both network engineers and automation builders. On today’s Heavy Networking, we discuss how Gluware supports these two constituencies. We also talk about a recent product announcement, Gluware Labs. Gluware Labs includes a free Community Edition of Gluware software you... Read more »

Packet Pushers - Full Podcast Feed
HN784: Accelerate Your Network Automation With Gluware Labs and New Ansible Collection (Sponsored)

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Jun 6, 2025 59:07


Network automation is today’s topic with sponsor Gluware. Gluware provides a network automation platform that targets both network engineers and automation builders. On today’s Heavy Networking, we discuss how Gluware supports these two constituencies. We also talk about a recent product announcement, Gluware Labs. Gluware Labs includes a free Community Edition of Gluware software you... Read more »

Packet Pushers - Fat Pipe
HN784: Accelerate Your Network Automation With Gluware Labs and New Ansible Collection (Sponsored)

Packet Pushers - Fat Pipe

Play Episode Listen Later Jun 6, 2025 59:07


Network automation is today’s topic with sponsor Gluware. Gluware provides a network automation platform that targets both network engineers and automation builders. On today’s Heavy Networking, we discuss how Gluware supports these two constituencies. We also talk about a recent product announcement, Gluware Labs. Gluware Labs includes a free Community Edition of Gluware software you... Read more »

The Toby Gribben Show
Sudheer Amgothu

The Toby Gribben Show

Play Episode Listen Later May 30, 2025 15:53


Sudheer Amgothu is a seasoned DevOps engineer with over a decade of experience, renowned for his expertise in cloud technologies, infrastructure automation, and DevOps practices. His career spans various industries, where he has implemented DevOps strategies to accelerate software development cycles, improve system reliability, and enhance operational efficiency."I started my career as a traditional systems engineer," Sudheer says, reflecting on his journey. "I was always drawn to automation, seeing the inefficiencies in manual processes, especially around deployments and monitoring. That's what pulled me into the world of DevOps." His early work in infrastructure automation on AWS laid the foundation for his expertise in the field. "At Elevation, I led efforts to automate the entire infrastructure stack using Terraform and Ansible, which empowered development teams to work faster with less friction."In addition to his technical prowess, Sudheer is an advocate for the cultural transformation DevOps fosters within organizations. "DevOps is more than just automation or tools. It's a culture that brings development and operations teams together with a shared goal of delivering software faster, more reliably, and with higher quality," he explains. "It emphasizes collaboration, continuous feedback, and a mindset of continuous improvement."Sudheer's new book, Mastering DevOps with Kubernetes and Cloud: A Practical Guide, draws from his vast experience and is designed as a hands-on resource for mastering DevOps. "I wanted to create a practical guide, not a theory-heavy textbook," he says. "It's loaded with real-world war stories, step-by-step walkthroughs, and diagrams that show how tools like Terraform, Jenkins, and Kubernetes work together in modern DevOps pipelines."His book, which covers everything from the basics to advanced techniques, was inspired by his conversations with junior engineers and site reliability engineers (SREs). "They understood what DevOps is but struggled with the 'why' and 'how,'" he recalls. "I realized the need for a guide that answers those questions and provides actionable insights."Sudheer's expertise extends beyond DevOps to cloud platforms and Kubernetes, where he has successfully scaled microservices platforms and implemented observability practices. "At Pega, we centralized Prometheus and Grafana dashboards to ensure real-time visibility into production issues," he says. "This proactive approach helped us detect anomalies before they became incidents, improving both system reliability and customer satisfaction."For aspiring DevOps professionals, Sudheer advises, "Don't rush. Start with the basics. Pick a tool like Jenkins, learn how a CI/CD pipeline works, and build from there. The most important thing is hands-on practice and experimentation." His dedication to mentoring the next generation of engineers is evident in his personal approach to career growth, encouraging others to document their learning and contribute to open-source projects.Sudheer's passion for DevOps, cloud technologies, and continuous improvement makes him a respected figure in the field, and his book stands as an essential resource for anyone looking to excel in modern IT environments.You read read the full interview transcript here: https://shoutradio.org.uk/RNH/SudheerAmgothuInterview.pdfAnd find his book here: https://a.co/d/ecU0gzEHighlights from Toby Gribben's Friday afternoon show on Shout Radio. Featuring chat with top showbiz guests. Hosted on Acast. See acast.com/privacy for more information.

LINUX Unplugged
616: From Boston to bootc

LINUX Unplugged

Play Episode Listen Later May 25, 2025 90:37 Transcription Available


Fresh off Red Hat Summit, Chris is eyeing an exit from NixOS. What's luring him back to the mainstream? Our highlights, and the signal from the noise from open source's biggest event of the year.Sponsored By:Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices! 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Support LINUX UnpluggedLinks:

Packet Pushers - Full Podcast Feed
D2DO270: Spacelift Is Your Infrastructure Glue (Sponsored)

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Apr 22, 2025 39:51


Working with multiple Infrastructure as Code (IAC) tools can be painful. Spacelift provides a platform that operates on top of disparate IaC tools, including Ansible, Kubernetes, Pulumi, Terraform, and OpenTofu. Spacelift helps build the automation with and between these tools, creating graphs of graphs that make your dependencies just work. On today's show, we talk... Read more »

Packet Pushers - Fat Pipe
D2DO270: Spacelift Is Your Infrastructure Glue (Sponsored)

Packet Pushers - Fat Pipe

Play Episode Listen Later Apr 22, 2025 39:51


Working with multiple Infrastructure as Code (IAC) tools can be painful. Spacelift provides a platform that operates on top of disparate IaC tools, including Ansible, Kubernetes, Pulumi, Terraform, and OpenTofu. Spacelift helps build the automation with and between these tools, creating graphs of graphs that make your dependencies just work. On today's show, we talk... Read more »

Packet Pushers - Full Podcast Feed
TNO022: Secure Automation at Enterprise Scale for the Public Sector with Red Hat Ansible (Sponsored)

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Mar 28, 2025 68:21


There are both benefits and challenges when adopting automation in the public sector, but Red Hat Ansible enhances efficiency, security and service delivery. With the right tooling, network operators can integrate automation into existing environments and improve network security.  Providing insights into adopting automation in the public sector are Tony Dubiel, Principal Specialist Solution Architect... Read more »

Packet Pushers - Fat Pipe
TNO022: Secure Automation at Enterprise Scale for the Public Sector with Red Hat Ansible (Sponsored)

Packet Pushers - Fat Pipe

Play Episode Listen Later Mar 28, 2025 68:21


There are both benefits and challenges when adopting automation in the public sector, but Red Hat Ansible enhances efficiency, security and service delivery. With the right tooling, network operators can integrate automation into existing environments and improve network security.  Providing insights into adopting automation in the public sector are Tony Dubiel, Principal Specialist Solution Architect... Read more »

Packet Pushers - Full Podcast Feed
TNO021: An Operator's Perspective on NetOps and Programming

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Mar 21, 2025 47:04


What’s it like to move from a NOC role to an operations and automation role? On today’s show we get the perspective of guest Joseph Nicholson, a Network Operations Engineer at NTT Data.  He explains how he got started with automation, using tools like Python and Ansible, and the critical role of documentation in network... Read more »

Packet Pushers - Fat Pipe
TNO021: An Operator's Perspective on NetOps and Programming

Packet Pushers - Fat Pipe

Play Episode Listen Later Mar 21, 2025 47:04


What’s it like to move from a NOC role to an operations and automation role? On today’s show we get the perspective of guest Joseph Nicholson, a Network Operations Engineer at NTT Data.  He explains how he got started with automation, using tools like Python and Ansible, and the critical role of documentation in network... Read more »