Podcasts about docker

Off-the-shelf didn't cut it, so we built what we needed using open hardware and open source.Sponsored By:Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices! 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps. Unraid: A powerful, easy operating system for servers and storage. Maximize your hardware with unmatched flexibility. Support LINUX UnpluggedLinks:

In this engaging conversation, Ryan Henrich shares his journey in the cybersecurity field, discussing his current role at RapDev, the evolution of cybersecurity careers, and his early experiences with hacking. He reflects on his high school years, his passion for music, and the impact of technology on learning. The discussion also dives into the challenges faced in early career roles, the importance of problem-solving, and the lessons learned from mistakes. 00:00 Introduction00:30 What is Ryan Doing Today?09:30 First Memory of a Computer12:00 Highschool Interests / Stories20:00 Searching for Information30:00 Entering University38:00 Skill in Music42:30 First Security Job55:00 Lessons Learned1:02:00 Entering the Cloud1:19:00 Why Buy Security1:30:00 Staying Relevant1:34:40 Contact InfoConnect with Ryan: Linkedin: https://www.linkedin.com/in/ryanhenrichEmail: ryan.henrich@rapdev.ioMentioned in this Episode:RapDev: https://www.rapdev.io/Datadog: https://www.datadoghq.com/ServiceNow: https://www.servicenow.com/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

Wie ihr Online-Dienste selbst betreibt, ob auf dem Raspi, Homeserver oder angemieteten Server im Rechenzentrum, zeigen wir euch im c't uplink. Dafür gibt es gute Gründe: Man will seine Daten aus den US-Clouds ziehen oder ist nicht bereit, schon wieder fünf Euro im Monat für einen weiteren Webdienst zu bezahlen. Self-Hosting hat Hochkonjunktur und verspricht, die Kontrolle über das digitale Leben ein Stück weit zurückzuerobern, denn für viele Clouddienste gibt es Open-Source-Alternativen, die man selbst betreiben kann. Die c't-Redakteure Jan Mahn und Niklas Dierking hosten bereits seit Jahren Apps selbst. In c't 13/25 haben sie mit weiteren Kollegen ihre Self-Hosting-Erfahrungen aufgeschrieben und erklären, wie man ins Self-Hosting einsteigt und Dienste sicher ans Netz bekommt. Im c't uplink diskutieren Jan Mahn und Niklas Dierking mit Moderator Keywan Tonekaboni die richtige Wahl der Hardware und des Betriebssystems und stellen viele nützliche Tools aus ihrem Self-Hosting-Werkzeugkoffer vor. ► Der besprochene Artikel in c't 13/2025 (Paywall): https://www.heise.de/select/ct/2025/13

Luca Palmieri, author of Zero to Production in Rust and Principal Engineering Consultant at MainMatter, speaks with SE Radio host Gavin Henry about Rust in production. They discuss what production Rust means, how to get Rust code into production, specific Rust issues to think about when getting an application into production, what Rust profiles are, expected performance, telemetry options, error handling and what parts of Rust to use and avoid.  Palmieri discusses docker containers, tracing, robust Rust error handling, how performant Rust is in the real world, p50, p99, docker build techniques, project layouts, crates, speeding up Rust build times, unwrap(), panics, budgeting resources, inner development loops, the Facade Pattern, structured logging, and how to always use clippy. Brought to you by IEEE Computer Society and IEEE Software magazine.

Container-based Linux distributions are gaining traction, especially for edge deployments that demand lightweight and secure operating systems. Talos Linux, developed by Sidero Labs, is purpose-built for Kubernetes with security-first features like a fully immutable file system and disabled SSH access. In a demo, Sidero CTO Andrew Rynhard and Head of Product Justin Garrison explained Talos's design philosophy, highlighting its minimalism and focus on automation. Inspired by CoreOS, Talos removes traditional tools like systemd and Bash, replacing them with machineD, a custom process manager written in Go.Talos emphasizes API-driven management rather than SSH, making Kubernetes cluster operations more scalable and consistent. Its design supports cloud, bare metal, Docker, and edge devices like Raspberry Pi. Kernel immutability is reinforced by ephemeral signing keys. Through Sidero's Omni SaaS, Talos nodes connect securely via WireGuard. The operating system handles all certificates and network connectivity internally, streamlining security and deployment. As Garrison notes, Talos delivers a portable API for “big iron, small iron—no matter what.”Learn more from The New Stack about Sidero Labs:  Is Cluster API Really the Future of Kubernetes Deployment? Choosing a Linux Distribution Join our community of newsletter subscribers to stay on top of the news and at the top of your game. https://thenewstack.io/newsletter/ 

#arcane es la herramienta que estabas buscando para gestionar tus contenedores, volúmenes, redes e imágenes #docker así como crear tus plantillasHace poco mas de quince episodios te hablé del que, para mi, era el flash killer de Portainer, refiriéndome a Dockge, y hoy te traigo otra herramienta que es el flash killer de ambos dos, o por lo menos esa es mi opinión. Como de costumbre, todo es cuestión de gustos. Hay quien le gusta una herramienta que le permita hacer cualquier cosa y otros que optan por una herramienta que siga la filosofía KISS (Keep It Simple, Stupid). Sin embargo, yo prefiero una herramienta que se adapte a mi flujo de trabajo, es decir, que tenga todo aquello que necesito, y en este caso Arcane es la herramienta que andaba buscando. Básicamente, ya no puedo gestionar Docker sin Arcane. Bueno, realmente si que lo hago, pero desde terminal…Más información y enlaces en las notas del episodio

#arcane es la herramienta que estabas buscando para gestionar tus contenedores, volúmenes, redes e imágenes #docker así como crear tus plantillasHace poco mas de quince episodios te hablé del que, para mi, era el flash killer de Portainer, refiriéndome a Dockge, y hoy te traigo otra herramienta que es el flash killer de ambos dos, o por lo menos esa es mi opinión. Como de costumbre, todo es cuestión de gustos. Hay quien le gusta una herramienta que le permita hacer cualquier cosa y otros que optan por una herramienta que siga la filosofía KISS (Keep It Simple, Stupid). Sin embargo, yo prefiero una herramienta que se adapte a mi flujo de trabajo, es decir, que tenga todo aquello que necesito, y en este caso Arcane es la herramienta que andaba buscando. Básicamente, ya no puedo gestionar Docker sin Arcane. Bueno, realmente si que lo hago, pero desde terminal…Más información y enlaces en las notas del episodio

De l'Afrique aux Amériques en passant par la Caraïbe, les œuvres de 150 artistes noirs sont montrées en 2025 au Centre Pompidou à Paris. L'exposition s'appelle Paris Noir, circulation artistique et luttes anticoloniales et l'onde de choc qu'elle suscite n'a d'égal que son succès public. Un public renouvelé, curieux de découvrir des artistes des années 50 aux années 2000... dont les œuvres ont rarement été diffusées en France. Une exposition mais aussi un salon de lecture auxquels RFI et la Bibliothèque-archives Bernard Binlin Dadié se sont associés en écho à Paris Noir. En complicité avec Franck Hermann Ekra, critique d'art et curateur, nous recevons la scénariste Marguerite Abouet, le plasticien Hamedine Kane, l'écrivain Mohamed Mbougar Sarr, le comédien Sidiki Bakaba, le metteur en scène Koffi Kwahulé et la réalisatrice Bintou Diarra.Dès l'entrée de l'exposition, la première image inscrit l'exposition dans l'histoire des luttes anticoloniales dont Paris est l'un des carrefours. En référence à la capacité d'agir des Africains dans la capitale de l'A.O.F et A.E.F (Afrique occidentale Française et Afrique équatoriale française), dans l'après Deuxième Guerre mondiale. Sous la forme d'un immense collage, des couvertures emblématiques des livres de la maison d'édition Présence Africaine fondée par Alioune Diop… que ce soit le Docker noir de Sembene Ousmane, Nation nègre et culture de Cheikh Anta Diopou encore Un nègre à Paris de Bernard Dadié. Expression d'une conscience africaine multiforme, l'œuvre de Bernard Dadié est une œuvre émancipatrice, un contre-récit dont les écrits de prison sont un véritable journal de bord de la lutte pour la liberté et la dignité en Côte d'Ivoire, dès la fin des années 40, puisque Dadié a été arrêté en 1949 avec ses camarades militants dont Matthieu Ekra, le grand-père de Franck Hermann Ekra, initiateur de ce salon de lecture.Tous nos remerciements à Alicia Knock, commissaire de l'exposition Paris Noir, circulation artistique et luttes anticoloniales ainsi qu'aux équipes du Centre Pompidou et aux équipes du Centre Wallonie Bruxelles.Découvrir l'expositionÉcoutez le premier épisode proposé par RFI et la Bibliothèque-archives Bernard Binlin Dadié

Julián Duque from Heroku joins me to explain and demo their new AI platform.Check out the video podcast version here https://youtu.be/BGqlLZHdRDsCreators & Guests Cristi Cotovan - Editor Bret Fisher - Host Beth Fisher - Producer Julián Duque - Guest You can also support my content by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com (00:00) - Introduction (05:12) - Deep Dive into Heroku's AI Capabilities (14:23) - Heroku MCP server (28:27) - Describing MCP Tool Interactions (30:48) - DevOps Automation with Heroku MCP server (37:02) - Heroku AI and Future Prospects

Neste episódio do Kubicast, recebemos Giulia Bordignon, mais conhecida como SpaceCoding, para uma conversa inspiradora e cheia de provocações sobre a jornada de mulheres na tecnologia. Giulia é desenvolvedora backend, criadora de conteúdo, mestre em Engenharia de Computação e uma das vozes mais ativas sobre representação feminina em TI. O papo vai muito além do clichê e mergulha em temas estruturais como formação acadêmica, barreiras de entrada e as sutilezas do preconceito.Da graduação no interior ao mestrado em IAGiulia compartilha sua trajetória desde os primeiros contatos com a tecnologia, ainda no interior, até a decisão de seguir uma carreira acadêmica. A escolha pela graduação foi movida por uma busca por estabilidade financeira e por influências culturais sobre profissões "respeitadas". Ao longo da conversa, ela revela como disciplinas como contabilidade e administração pareceram limitadas até ela encontrar na tecnologia uma forma de unir criatividade, desafio intelectual e impacto real.Barreiras, bloqueios e viradas de chaveO episódio também expõe o quão traumático pode ser o primeiro contato com conteúdos técnicos para pessoas sem referências. Giulia relata como seu primeiro curso técnico em informática, focado em redes, a afastou da área por um tempo. Mais tarde, a vivência na graduação e o contato com IA mudaram completamente sua percepção sobre tecnologia.Mestrado: formação ou ego?Um dos momentos mais provocativos é quando Giulia, com bom humor, diz que vai fazer o doutorado apenas para ser chamada de "doutora". A frase ironiza a diferença entre motivações pessoais e valor de mercado, mostrando como muitas vezes os títulos acadêmicos não são reconhecidos na mesma medida fora do ambiente universitário.Tecnologia, corpo e bem-estarOutro ponto alto do episódio é a discussão sobre vida ativa e ergonomia. Giulia comenta como a prática de esportes sempre esteve presente na sua vida, inclusive durante a pandemia, quando encontrou na musculação uma nova forma de manter o corpo ativo. Essa relação com a saúde física se estende também ao cuidado com o ambiente de trabalho remoto, como o uso de mesas ajustáveis, cadeiras adequadas e pausas para alongamento.Conteúdo como ferramenta de representaçãoPor fim, o podcast entra em temas como a exposição nas redes, o impacto de haters e a responsabilidade (e o peso) de ser uma voz ativa por mais diversidade em tech. Giulia fala com franqueza sobre os ataques que já sofreu e sobre como isso só reforça a necessidade de continuar ocupando espaços.Para quem busca reflexões reais sobre tecnologia, formação e diversidade, este episódio é uma aula.O Kubicast é uma produção da Getup, empresa especialista em Kubernetes e projetos open source para Kubernetes. Os episódios do podcast estão nas principais plataformas de áudio digital e no YouTube.com/@getupcloud.

In this episode of Business Brain, Dave Hamilton kicks things off by sharing a standout customer service experience with FMPHost, a FileMaker Pro hosting company. After years of reliable service, Dave moved his FileMaker database to a self-hosted Docker container to save costs and consolidate resources. He praised FMPHost for […] The post Let them Cancel and Don't Make Excuses – Business Brain 654 appeared first on Business Brain - The Entrepreneurs' Podcast.

Launching our new Podcast: https://agenticdevops.fmBret and Nirmal are at KubeCon London and record their ideas about how AI Agents will change DevOps, platform engineering, SRE, automation, troubleshooting, and more.Creators & Guests Cristi Cotovan - Editor Bret Fisher - Host Beth Fisher - Producer Nirmal Mehta - Host You can also support my content by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

In this engaging conversation, Bill Kennedy interviews Peter Kelly, VP of Engineering at Tigera, exploring his journey from early experiences with technology to his current role in the tech industry. They discuss the impact of education, sports, and family background on Peter's career path, as well as the challenges faced by young people today in navigating their futures. The conversation also delves into hiring practices and the importance of personal connections in the recruitment process.00:00 Introduction01:00 What is Peter Doing Today?O4:20 First Memory of a Computer9:30 Family Background12:00 Secondary School19:00 Passion for Soccer24:00 Interviewing and Hiring31:00 Entering University 40:30 Work Experience 54:00 AI Tooling 01:07:00 First Go Experience1:14:00 Beginning of Tigera1:37:30 Contact InfoConnect with Peter: Linkedin: https://ie.linkedin.com/in/peterkellyonlineMentioned in this Episode:Tigera: https://www.tigera.io/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

Solomon most famously created Docker and now runs Dagger… which has something special to share with you on Thursday. Catch Dagger at: - Tuesday: Dagger's workshop https://www.ai.engineer/schedule#ship-agents-that-ship-a-hands-on-workshop-for-swe-agent-builders - Wednesday: Dagger's talk: https://www.ai.engineer/schedule#how-to-trust-an-agent-with-software-delivery - Thursday: Solomon's Keynote https://www.ai.engineer/schedule#containing-agent-chaos Chapters 00:00 Introduction & Guest Background 00:29 What is Dagger? Post-Development Automation 01:08 Dagger's Community & Platform Engineers 02:32 AI Agents and Developer Workflows 03:40 Environment Isolation & The Power of Containers 06:28 The Need for Standards in Agent Environments 07:25 Design Constraints & Challenges for Dev Environments 11:26 Limitations of Current Tools & Agent-Native UX 14:11 Modularity, Customization, and the Lego Analogy 16:24 Convergence of CICD and Agentic Systems 17:41 Ephemeral Apps, Resource Constraints, and Local Execution 21:01 Adoption, Ecosystem, and the Role of Open Source 23:30 Dagger's Modular Approach & Integration Philosophy 25:38 Looking Ahead: Workshops, Keynotes, and the Future of Agentic Infrastructure

Hoje a conversa foi com o Guilherme Oki, um verdadeiro veterano do SRE e Cloud, que já navegou por ambientes de infraestrutura em fintechs, jogos e agora está numa startup stealth (sim, aquele mistério que te deixa curioso até o final). Falamos de Kubernetes em large scale, desafios de rede, geodistribuição e aquele eterno dilema do multi-cloud: usar ou fugir?Exploramos desde o que realmente significa trabalhar em "grande escala" (não, seu EKS com 10 nodes não conta), até questões mais cabeludas como Federation, eBPF, Cilium, e como lidar com as dores reais da escalabilidade em ambientes críticos.Tudo isso com uma pegada técnica, sem perder o bom humor. Cola com a gente nesse episódio que está simplesmente imperdível para quem vive ou quer viver no mundo de Kubernetes e infraestrutura moderna.Capítulos principais do episódio:00:00 - Abertura03:00 - O que é grande escala07:30 - Geodistribuição11:00 - Multi-cloud vale a pena?14:40 - Desafios de rede19:30 - Federation de clusters24:10 - Cilium e eBPF30:00 - Infra para jogos34:20 - Padronização em escala38:10 - Limites do Kubernetes42:00 - Controle com Cilium46:30 - Bugs e UDP50:40 - Gerenciado vs autonomiaLinks Importantes:- Guilherme Oki - https://www.linkedin.com/in/guilherme-oki-1a649b115/- João Brito - https://www.linkedin.com/in/juniorjbnParticipe de nosso programa de acesso antecipado e tenha um ambiente mais seguro em instantes!https://getup.io/zerocveO Kubicast é uma produção da Getup, empresa especialista em Kubernetes e projetos open source para Kubernetes. Os episódios do podcast estão nas principais plataformas de áudio digital e no YouTube.com/@getupcloud.

SSH authorized_keys File One of the most common techniques used by many bots is to add rogue keys to the authorized_keys file, implementing an SSH backdoor. Managing these files and detecting unauthorized changes is not hard and should be done if you operate Unix systems. https://isc.sans.edu/diary/Securing%20Your%20SSH%20authorized_keys%20File/31986 REMOTE COMMAND EXECUTION ON SMARTBEDDED METEOBRIDGE (CVE-2025-4008) Weatherstation software Meteobridge suffers from an easily exploitable unauthenticated remote code execution vulnerability https://www.onekey.com/resource/security-advisory-remote-command-execution-on-smartbedded-meteobridge-cve-2025-4008 https://forum.meteohub.de/viewtopic.php?t=18687 Manageengine ADAuditPlus SQL Injection Zoho patched two SQL Injection vulnerabilities in its ManageEngine ADAuditPlus product https://www.manageengine.com/products/active-directory-audit/cve-2025-41407.html https://www.manageengine.com/products/active-directory-audit/cve-2025-36527.html Dero Miner Infects Containers through Docker API Kaspersky found yet another botnet infecting docker containers to spread crypto coin miners. The initial access happens via exposed docker APIs. https://securelist.com/dero-miner-infects-containers-through-docker-api/116546/

In this episode we interview Santosh Kaveti, CEO of ProArch, about his journey from India to Atlanta, his educational background, and his career in technology. Santosh shares insights into his family life, early education, and the challenges he faced along the way. He discusses his passion for mathematics and how it influenced his career choices, ultimately leading him to the field of software engineering and digital infrastructure.00:00 Introduction00:20 What is Santosh Doing Today?06:00 First Memory of a Computer09:00 Early Interests / Education20:00 Moving to Utah24:00 Pursuing a Masters32:00 First Programming Job42:00 Deciding to Start a Company53:00 Formulating Strategy58:00 Acquiring Companies / Expansion1:20:00 Finding Clients While Growing1:25:00 Contact InfoConnect with Santosh: Linkedin: https://www.linkedin.com/in/santoshkavetiX: https://x.com/santoshkavetiMentioned in this Episode:ProArch: https://www.proarch.comWant more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

At KubeCon EU 2025 in London, Nirmal and I discussed the important (and not-so-important) things you might have missed. There's also a video version of this show on YouTube.Creators & Guests Cristi Cotovan - Editor Beth Fisher - Producer Bret Fisher - Host Nirmal Mehta - Host (00:00) - DDT Audio Podcast Edited (00:04) - Intro (01:24) - KubeCon 2025 EU Overview (03:24) - Platform Engineering and AI Trends (07:03) - AI and Machine Learning in Kubernetes (15:38) - Project Pavilions at KubeCon (17:05) - FinOps and Cost Optimization (20:39) - HAProxy and AI Gateways (24:00) - Proxy Intelligence and Network Layer Optimization (26:52) - Developer Experience and Organizational Challenges (29:23) - Platform Engineering and Cognitive Load (35:54) - End of Life for CNCF Projects You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

#ptyxis se ha confirmado como la próxima terminal por defecto en #ubuntu 25.10 enfocada en el uso de contenedores y otras características interesantesVivimos en una época en la que la forma de desarrollar, desplegar y mantener software ha cambiado radicalmente. Cada vez es más común que tanto en el entorno profesional como en el personal trabajemos con contenedores, como Docker, Podman o herramientas como Distrobox o Toolbox, que nos permiten encapsular aplicaciones o entornos completos de desarrollo.En este nuevo paradigma, conceptos como DevOps, CI/CD y la automatización de despliegues ya no son exclusivos de grandes empresas. Cada vez más desarrolladores individuales, administradores de sistemas y entusiastas de Linux los incorporan en su flujo de trabajo diario.Además, con la proliferación de proyectos en múltiples lenguajes, versiones de dependencias y entornos, la necesidad de mantener sistemas aislados y reproducibles se ha convertido en una prioridad. Aquí es donde los contenedores se vuelven esenciales: no solo para ejecutar aplicaciones, sino también para desarrollar, probar y depurar.Y en medio de todo esto, la terminal sigue siendo la herramienta principal. Pero una terminal tradicional, pensada para un sistema único, empieza a quedarse corta frente a las necesidades de entornos híbridos, múltiples contenedores, sesiones aisladas, y monitoreo de procesos.Ahí es donde entra Ptyxis. Una terminal pensada específicamente para este nuevo contexto.Más información y enlaces en las notas del episodio

In this episode, Bill Kennedy interviews Ryan Ryke, founder of CloudLife Consulting, focusing on AWS and cloud computing. They discuss the challenges of understanding AWS billing, the importance of managing cloud storage, and the benefits of using services like Cloud Run and Fargate. The conversation also touches on the evolution of engineering perspectives on complexity, the shift towards simpler infrastructure solutions, and personal experiences with technology. 00:00 Introduction00:30 What is Ryan Doing Today?9:00 Cloud Run Experience13:00 Handling Complexity21:00 Running Local LLMs25:30 First Memory of a Computer33:20 Entering University36:30 Relevant Education42:00 Early Industry53:00 Trading Stocks1:05:00  Discovering AWS 1:10:00 Starting a Business1:16:00 Maintaining Steady Clients1:22:00 Contact Info Connect with Ryan: Linkedin: https://www.linkedin.com/in/ryanrykeX: https://x.com/itsacloudlife99Email: ryan@cloudlife.ioMentioned in this Episode:CloudLife Consulting: https://www.cloudlife.io/Fargate: https://aws.amazon.com/fargate/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

Varför tror vi inte på att vi kan lösa våra egna problem? Fredrik och Kristoffer börjar med att följa upp diskussionen om att skriva om för att förenkla saker och minska abstraktioner. Flera lyssnare har undrat: har man inte abstraktioner för att förenkla framtida förändringar och anpassningar? Riskerar man inte att fastna i ett lokalt minimum där ens lösning är alldeles för specifik för att kunna anpassas i framtiden? Fredrik undrar om vi låst in oss alldeles för mycket i ett tankesätt som landar i att vi aldrig kan veta något. Alla pratar om lösningar på problem man haft, ingen pratar om problem man haft? Vad är problemet man faktiskt löst? Och varför tror vi inte på att vi kan lösa vårt eget problem? (Och AI är motsatsen till att lära sig lösa problem.) Vi behöver mer Barry O'Reilly i branschen! Men det är en utmaning att förstå hans tankar. Sist men inte minst berättar Kristoffer hur han hittade Coolify och varför det tilltalar honom så mycket. Ett stort tack till Cloudnet som sponsrar vår VPS! Har du kommentarer, frågor eller tips? Vi är @kodsnack, @thieta, @krig, och @bjoreman på Mastodon, har en sida på Facebook och epostas på info@kodsnack.se om du vill skriva längre. Vi läser allt som skickas. Gillar du Kodsnack får du hemskt gärna recensera oss i iTunes! Du kan också stödja podden genom att ge oss en kaffe (eller två!) på Ko-fi, eller handla något i vår butik. Länkar Mastodon-mastodonten Barry O'Reilly Kodsnsck 632 - avsnittet om att skriva om saker - skriv om när man förstår problemet Jeff Atwood Artikeln om Netscapes omskrivning och second system syndrome - av Joel Spolsky, inte Jeff Atwood Second-system syndrome Babel Platos grotta Stöd oss på Ko-fi! Helm CDK - genererar Helm-grafer Patterns Bottom-up och top-down Richard Feynmans problemlösningsalgoritm Strapi Kamal Coolify Caprover Docker swarm Docker stack Hetzner Milisav Radmanić - utvecklingschef på Hetzner Grug brained developer Forgejo Traefik Coolify cloud Reverse proxy Fastmail Cloudnet Titlar Kristoffer är med på länk Förändringsbart och förvaltningsbart Nu ska vi lösa ett generellt problem En generell transpilator Fokuserade för mycket på Platos grotta Man ser bara den perfekta stolen Mindre kapabel att hantera verkligheten Fastna i ett lokalt minimum Helt enkelt inte sant Lösa problemet här och nu Min rulle tejp En boll med tejp och legobitar Jätteabstraherade pusselbitar Rullar med tejp och legobitar Vi utgår från en lösning Kunskapen för att kunna bygga en lösning Rosenkvist till AI Plockepinn och cementblandare Lösningsorienterat Problemorienterat Kan vi glömma teknik Z för stunden? Allt jag kan se är tejp och legobitar? Deras problem är inte mitt problem Hybristoppen Tomt på bagage Se problemet med klarhet

rubadb es un contenedor #docker con el que crear #backup y copias de seguridad de bases de datos y volumenes docker de forma sencilla y programadaMe aterra la posibilidad de encontrarme un día con la desagradable sorpresa de haber perdido toda la información que tengo en atareao.es. Esto me ha llevado a buscar distintas soluciones para intetar evitar que esto se vuelva una realidad, y como ya te puedes imaginar, una de las estrategias que he implementado ha sido el uso de backups o copias de seguridad. Inicialmente la solución recaía en el proveedor del hosting, sin embargo, con el paso del tiempo, esto ha ido cambiando, pasando, al principio por soluciones mas manuales, para convertirse en procesos automáticos conforme he ido adquiriendo los suficientes conocimientos para hacerlo.Más información y enlaces en las notas del episodio

Guests Marianne Bellotti | Greg Wilson Panelist Richard Littauer Show Notes In this episode of Sustain, host Richard Littauer talks with Marianne Bellotti, author of *Kill It with Fire, *and Greg Wilson, co-founder of the Carpentries, about what happens to your code when you leave your job and how to make sure it survives. They discuss their new paper, "10 quick tips for making your software outlive your job (https://arxiv.org/abs/2505.06484)," and share practical strategies for protecting, documenting, and sustaining code in open source, research, and civil service environments. Whether you're preparing for a job change or want to future-proof your work, this conversation offers real-world advice for developers and researchers alike. Hit the download button now! [00:03:04] Greg and Marianne talk about challenges in code sustainability. [00:05:46] Greg speaks about how scientists often prototype rather than build production quality code. [00:09:48] We start with Step 1 in the paper: “Consider your threat mode.” Greg explains the different plans needed for individual vs. systematic departures, Marianne speaks about the importance of understanding code lifecycle-some code has a “fruit fly” lifespan others a “tortoise” one, and Richard adds to think about reframe threat modeling around future usefulness. [00:15:53] There's a discussion on Step 2: “Get sign-off on releasing it publicly.” [00:21:30] Greg discusses Step 3: “Choose an open license” and emphasizes to stick to well-known licenses (MIT, BSD), don't write your own, and he shares a funny story. [00:25:29] Richard talks about Step 4: “Put your code somewhere safe” and shares to upload code to GitHub, Codeberg, OSF, Zenodo, etc. Greg suggest peer-to-peer methods like torrents could help long-term preservation and Marianne emphasizes the importance of verified identities when sharing. [00:29:21] Marianne introduces Step 5: “Document your code.” Greg shares that most documentation goes unread and LLMs could help mine useful documentation from conversation records and Marianne emphasizes to focus on “how to run it” first and tests are a part of your documentation. [00:35:17] Step 6: “Make your code reproducible.” Greg and Marianne discuss using tools like Docker, uv for Python lockfiles, etc., for dependency management. [00:36:23] Step 7: “Make your code citable” and Step 8: “Encourage community adoption.” Richard mentions to add a CITATION.cff file so others can cite your code and Greg mentions a great book he read that changed the way he viewed this called, Marketing for Scientists, by Marc Kuchner. [00:38:49] Step 9: “Write a succession or sunsetting plan.” Marianne shares to define success and failure criteria for projects explicitly. [00:40:36] Step 10: “Talk about what you're doing.” Greg emphasizes to celebrate and grieve project endings properly and Richard encourages listeners to check out the paper, read it, and if you see something missing you can contribute back. [00:43:12] Fnal thoughts from Greg and Marianne: Organize collectively to protect science and code sustainability and find your team. Quotes [00:12:10] “Weapons begin as toys.” [00:14:09] “All code is throwaway code.” [00:27:34] “Sooner or later every library burns.” [00:29:44] “Most documentation is never read by anybody because it's not answering the questions that you actually have.” [00:41:05] “Take some time to celebrate and to grieve.” Links SustainOSS (https://sustainoss.org/) podcast@sustainoss.org (mailto:podcast@sustainoss.org) richard@sustainoss.org (mailto:richard@sustainoss.org) SustainOSS Discourse (https://discourse.sustainoss.org/) SustainOSS Mastodon (https://mastodon.social/tags/sustainoss) SustainOSS Bluesky (https://bsky.app/profile/sustainoss.bsky.social) SustainOSS LinkedIn (https://www.linkedin.com/company/sustainoss/) Open Collective-SustainOSS (Contribute) (https://opencollective.com/sustainoss) Richard Littauer Socials (https://www.burntfen.com/2023-05-30/socials) Marianne Bellotti (Medium) (https://bellmar.medium.com/) Marianne Bellotti LinkedIn (https://www.linkedin.com/in/bellmar/) Greg Wilson GitHub (https://www.linkedin.com/in/greg-wilson-a26510b6/?originalSubdomain=ca) Greg Wilson LinkedIn (https://www.linkedin.com/in/greg-wilson-a26510b6/?originalSubdomain=ca) “10 Quick tips for making your code last beyond your current job” (draft) (https://docs.google.com/document/d/1jk0R8VL8lq1-LIbW9D5qwCkvxfXEobP0-RqSYF-4Io4/edit#heading=h.2ijt9lezevm3) Kill It With Fire by Marianne Bellotti (https://nostarch.com/kill-it-fire) Marketing for Scientists: How to Shine in Tough Times by Marc J. Kuchner (https://www.amazon.com/Marketing-Scientists-Shine-Tough-Times/dp/1597269948) Codeberg (https://codeberg.org/) Zenodo (https://zenodo.org/) OSF (https://osf.io/) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/) Special Guests: Greg Wilson and Marianne Bellotti.

HIRING MANAGER SELF SERVE - THE PAST AND FUTURE OF RECRUITMENT?   It was also the Past of Recruitment - where hiring managers were doing most of the work in hiring for their teams, everything from putting up adverts in shop windows, handling the first enquiries, reviewing CV's, screening candidates, scheduling interviews, interviewing candidates and then offering / hiring said candidates. Perhaps Personnel got involved in the contracts of employment, but 'recruitment' was once handled entirely by the line.   Could it be that this model returns, as AI improves to such an extent that a centralised TA function may not be the most optimal model?   Lets explore how some companies have shifted from centralised TA to empowering hiring managers to do more of the hiring work   - What conditions best suit centralised vs decentralised TA teams? - Pro's / Cons of decentralised vs centralised - What degree of hiring maturity is required for hiring manager self serve? - Retail franchises are the obvious business type for this model: which others? - How to avoid hiring managers bad practice in hiring? - Bias mitigation - realistic in HM? - How to ensure QoH in decentralised model? - What tools are best suited for this model - How does AI support hiring manager self serve? - What role does a recruiter continue to play in such a set up? - How can a business improve its hiring capability if we go hiring manager self serve? - What are the top things to remember if you are planning to making this shift?   We're with Martin Warren, TA Leader (ex-Grab), Lyndsey Taylor, Head of HR Transformation (Brooks Automation) & friends   We are on Friday 16th May, 2pm BST   Register by clicking the green button and follow the channel here (recommended)         Ep300 is sponsored by our friends at Ashby   Ashby is what an ATS should be: an integration of sourcing automation, AI-supported outreach sequencing, native interview scheduling, a searchable CRM, and advanced analytics – all in one ATS++ system. That means better data, less context switching, and more streamlined workflows. Chosen by over a thousand companies, including Quora, Docker, Ironclad, and Multiverse, Ashby stands out as the top-rated ATS on G2. It is renowned for its real-time and reliable reporting, the ability to centralize the entire hiring process, and unparalleled customer support.   Talent Trends Reports are freely available: Download the latest here

In this conversation, Infant Mystica shares her journey of building a professional network through social media, the innovative language translation technology she works on, and the dynamics of remote work across different time zones. She discusses her aspirations for career growth, the importance of attending tech conferences, and her experiences as a software developer in the evolving tech landscape.00:00 Introduction00:30 What is Mystica Doing Today?03:10 First Experiences with a Computer05:30 Highschool Interests / Classes13:00 Entering University15:00 Interest in Computer Science22:00 College Living27:00 COVID-19 and Remote Learning34:00 Entering Industry / Networking41:30 First Job at Translate Live50:00 Working Hours and Time Zones55:00 Traveling and ExplorationConnect with Mystica: Linkedin: https://www.linkedin.com/in/infant-mystica-810776195/X: https://x.com/mysticainfMystica's Site: https://mystica.meMentioned in this Episode:TranslateLive: https://www.translatelive.com/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

Un oyente me pidió que hablase sobre el tema de las redes en Docker, así que aquí está mi explicación. Puede ser algo muy complejo, pero espero que te quedes, al menos, con los conceptos básicos.

Join us for Monero Monthly, your go-to show for a roundup of the latest happenings in the Monero ecosystem. Hosts Max and Seth bring you up to speed on everything from software developments and updates to cutting-edge hardware and emerging businesses.GeneralMonero's 11th birthdayMonero launched on April 18th, 2014 by thankful_for_todayhttps://bitcointalk.org/index.php?topic=563821.0Code fork of Bytecoin, was basically a scam created from an amazing whitepaper (Cryptonote) and extensively pre-mined/lied aboutMonero has continued to consistently and effectively iterate and improve over those 11yMonero pumping?!?Most likely caused by a major theft of 3520 BTC, which was then supposedly swapped entirely to Monero via instant exchangershttps://x.com/zachxbt/status/1916756932763046273Zachxbt uses Monero for payments "frequently"https://x.com/zachxbt/status/1916803068261458010?t=CKSXcDMsYdTmGjTcSHQP3Q&s=19Exodus wallet dropping Monero supportAugust 10th deadlineMigration to Cake is their recommended pathNo conspiracy theories that I know of, have worked closely with them on the migration pathhttps://monero.observer/exodus-to-end-support-monero-10-august-2025/Exch instant exchange shutting downVery antagonistic in the pastRefused to block or freeze funds from the ByBit hack, broadly used to move funds to other cryptocurrencies, including MoneroMany centralized services and exchanges marked their funds as tainted immediately after their handling of the ByBit hack, neutering the usefulness of swapping through eXch overallSupposedly being targeted by a "transatlantic operation", no real evidence provided but after ByBit hack funds moved through them it's not impossiblehttps://monero.observer/exch-instant-exchange-to-shut-down-may-1-2025/Software updatesMonero v0.18.4.0DoS vulnerability fixWas widely deployed via my Docker image and by most popular node operators, including Cake, before this public releaseBackground sync w/ view key onlyThis is how Cake Wallet is doing background syncDrastically improved disk writes necessary when synchronizing a Monero nodeLess wear on disks, slightly fasterhttps://monero.observer/monero-v0.18.4.0-fluorine-fermi-released/Cake Wallet v4.25, 4.26, and 4.27 and new brandv4.25New logoTalk about new brandDrastically improved Monero wallet performance, especially for wallets with extensive historyBroad UI/UX enhancementsv4.26BIP 39 seeds and wallet groups for MoneroDFX's OpenCryptoPayOpen standard for simple integration of Bitcoin/Monero payments into traditional PoS systemsRolling out to all Spar stores in Switzerland, getting a ton of publicityOnly Cake Wallet supports it natively, but Lightning wallets with LN-URL support don't require direct integrationDrastically improved address display, using the Bitcoin Design guidelines as seen in Trezor and Foundation hardware walletsDrastically simplified buying/selling of cryptoV4.27Drastically improved background syncLimit to wifi-only, charging-only, inactive-only, etc.Supports all cryptos now, except DecredFixes a bunch of edge cases and rare bugs with background syncLots of minor improvements and bug fixesHaveno v1.1.0/1Minor improvements and bug fixes, nothing majorImportant steps towards a safer and more usable projectLoving using Haveno Reto (retoswap.com)https://monero.observer/woodser-releases-haveno-v1.1.1-bugfixes/https://monero.observer/woodser-releases-haveno-v1.1.0-bugfixes/https://monero.observer/woodser-releases-haveno-v1.0.19-fixes-improvements/Feather Wallet v2.8.0/1Minor updates overallUpdated to Monero v0.18.4.0Updated integrated Tor + OpenSSLhttps://monero.observer/tobtoht-releases-feather-wallet-v2.8.1/https://monero.observer/feather-wallet-v2.8.0-released-fixes-improvements/Gupaxxx v1.9.0Minor improvements and bug fixesAwesome way to get started mining Monero on any computerhttps://monero.observer/cyrix126-releases-gupaxx-v1.9.0/Stack Wallet v2.1.11Namceoin name purchased and management in-appMinor improvements and updateshttps://monero.observer/rehrar-releases-stack-wallet-v2.1.11/Cuprate v0.0.2thttps://monero.observer/hinto-janai-releases-cuprated-v0.0.2-molybdenite/Monfluo v0.7.0Dead-simple stripped down walletFocus is on no integrations or features, just send/receive simplicityNot my cup of tea, but to each their ownhttps://monero.observer/acx-releases-monfluo-beta-v0.7.0/IMPORTANT LINKS https://freesamourai.comhttps://p2prights.org/donate.htmlhttps://ungovernablemisfits.comVALUE FOR VALUEThanks for listening you Ungovernable Misfits, we appreciate your continued support and hope you enjoy the shows.You can support this episode using your time, talent or treasure.TIME:- create fountain clips for the show- create a meetup- help boost the signal on social mediaTALENT:- create ungovernable misfit inspired art, animation or music- design or implement some software that can make the podcast better- use whatever talents you have to make a contribution to the show!TREASURE:- BOOST IT OR STREAM SATS on the Podcasting 2.0 apps @ https://podcastapps.com- DONATE via Paynym @ https://paynym.rs/+misfit- DONATE via Monero @ https://xmrchat.com/ugmf- BUY SOME STICKERS @ https://www.ungovernablemisfits.com/shop/FOUNDATIONhttps://foundation.xyz/ungovernableFoundation builds Bitcoin-centric tools that empower you to reclaim your digital sovereignty.As a sovereign computing company, Foundation is the antithesis of today's tech conglomerates. Returning to cypherpunk principles, they build open source technology that “can't be evil”.Thank you Foundation Devices for sponsoring the show!Use code: Ungovernable for $10 off of your purchaseCAKE WALLEThttps://cakewallet.comCake Wallet is an open-source, non-custodial wallet available on Android, iOS, macOS, and Linux.Features:- Built-in Exchange: Swap easily between Bitcoin and Monero.- User-Friendly: Simple interface for all users.Monero Users:- Batch Transactions: Send multiple payments at once.- Faster Syncing: Optimized syncing via specified restore heights- Proxy Support: Enhance privacy with proxy node options.Bitcoin Users:- Coin Control: Manage your transactions effectively.- Silent Payments: Static bitcoin addresses- Batch Transactions: Streamline your payment process.Thank you Cake Wallet for sponsoring the show!

Gros épisode qui couvre un large spectre de sujets : Java, Scala, Micronaut, NodeJS, l'IA et la compétence des développeurs, le sampling dans les LLMs, les DTO, le vibe coding, les changements chez Broadcom et Red Hat ainsi que plusieurs nouvelles sur les licences open source. Enregistré le 7 mai 2025 Téléchargement de l'épisode LesCastCodeurs-Episode-325.mp3 ou en vidéo sur YouTube. News Langages A l'occasion de JavaOne et du lancement de Java 24, Oracle lance un nouveau site avec des ressources vidéo pour apprendre le langage https://learn.java/ site plutôt à destination des débutants et des enseignants couvre la syntaxe aussi, y compris les ajouts plus récents comme les records ou le pattern matching c'est pas le site le plus trendy du monde. Martin Odersky partage un long article sur l'état de l'écosystème Scala et les évolutions du language https://www.scala-lang.org/blog/2025/03/24/evolving-scala.html Stabilité et besoin d'évolution : Scala maintient sa position (~14ème mondial) avec des bases techniques solides, mais doit évoluer face à la concurrence pour rester pertinent. Axes prioritaires : L'évolution se concentre sur l'amélioration du duo sécurité/convivialité, le polissage du langage (suppression des “rugosités”) et la simplification pour les débutants. Innovation continue : Geler les fonctionnalités est exclu ; l'innovation est clé pour la valeur de Scala. Le langage doit rester généraliste et ne pas se lier à un framework spécifique. Défis et progrès : L'outillage (IDE, outils de build comme sbt, scala-cli, Mill) et la facilité d'apprentissage de l'écosystème sont des points d'attention, avec des améliorations en cours (partenariat pédagogique, plateformes simples). Des strings encore plus rapides ! https://inside.java/2025/05/01/strings-just-got-faster/ Dans JDK 25, la performance de la fonction String::hashCode a été améliorée pour être principalement constant foldable. Cela signifie que si les chaînes de caractères sont utilisées comme clés dans une Map statique et immuable, des gains de performance significatifs sont probables. L'amélioration repose sur l'annotation interne @Stable appliquée au champ privé String.hash. Cette annotation permet à la machine virtuelle de lire la valeur du hash une seule fois et de la considérer comme constante si elle n'est pas la valeur par défaut (zéro). Par conséquent, l'opération String::hashCode peut être remplacée par la valeur de hash connue, optimisant ainsi les lookups dans les Map immuables. Un cas limite est celui où le code de hachage de la chaîne est zéro, auquel cas l'optimisation ne fonctionne pas (par exemple, pour la chaîne vide “”). Bien que l'annotation @Stable soit interne au JDK, un nouveau JEP (JEP 502: Stable Values (Preview)) est en cours de développement pour permettre aux utilisateurs de bénéficier indirectement de fonctionnalités similaires. AtomicHash, une implémentation Java d'une HashMap qui est thread-safe, atomique et non-bloquante https://github.com/arxila/atomichash implémenté sous forme de version immutable de Concurrent Hash Trie Librairies Sortie de Micronaut 4.8.0 https://micronaut.io/2025/04/01/micronaut-framework-4-8-0-released/ Mise à jour de la BOM (Bill of Materials) : La version 4.8.0 met à jour la BOM de la plateforme Micronaut. Améliorations de Micronaut Core : Intégration de Micronaut SourceGen pour la génération interne de métadonnées et d'expressions bytecode. Nombreuses améliorations dans Micronaut SourceGen. Ajout du traçage de l'injection de dépendances pour faciliter le débogage au démarrage et à la création des beans. Nouveau membre definitionType dans l'annotation @Client pour faciliter le partage d'interfaces entre client et serveur. Support de la fusion dans les Bean Mappers via l'annotation @Mapping. Nouvelle liveness probe détectant les threads bloqués (deadlocked) via ThreadMXBean. Intégration Kubernetes améliorée : Mise à jour du client Java Kubernetes vers la version 22.0.1. Ajout du module Micronaut Kubernetes Client OpenAPI, offrant une alternative au client officiel avec moins de dépendances, une configuration unifiée, le support des filtres et la compatibilité Native Image. Introduction d'un nouveau runtime serveur basé sur le serveur HTTP intégré de Java, permettant de créer des applications sans dépendances serveur externes. Ajout dans Micronaut Micrometer d'un module pour instrumenter les sources de données (traces et métriques). Ajout de la condition condition dans l'annotation @MetricOptions pour contrôler l'activation des métriques via une expression. Support des Consul watches dans Micronaut Discovery Client pour détecter les changements de configuration distribuée. Possibilité de générer du code source à partir d'un schéma JSON via les plugins de build (Gradle et Maven). Web Node v24.0.0 passe en version Current: https://nodejs.org/en/blog/release/v24.0.0 Mise à jour du moteur V8 vers la version 13.6 : intégration de nouvelles fonctionnalités JavaScript telles que Float16Array, la gestion explicite des ressources (using), RegExp.escape, WebAssembly Memory64 et Error.isError. npm 11 inclus : améliorations en termes de performance, de sécurité et de compatibilité avec les packages JavaScript modernes. Changement de compilateur pour Windows : abandon de MSVC au profit de ClangCL pour la compilation de Node.js sur Windows. AsyncLocalStorage utilise désormais AsyncContextFrame par défaut : offrant une gestion plus efficace du contexte asynchrone. URLPattern disponible globalement : plus besoin d'importer explicitement cette API pour effectuer des correspondances d'URL. Améliorations du modèle de permissions : le flag expérimental --experimental-permission devient --permission, signalant une stabilité accrue de cette fonctionnalité. Améliorations du test runner : les sous-tests sont désormais attendus automatiquement, simplifiant l'écriture des tests et réduisant les erreurs liées aux promesses non gérées. Intégration d'Undici 7 : amélioration des capacités du client HTTP avec de meilleures performances et un support étendu des fonctionnalités HTTP modernes. Dépréciations et suppressions : Dépréciation de url.parse() au profit de l'API WHATWG URL. Suppression de tls.createSecurePair. Dépréciation de SlowBuffer. Dépréciation de l'instanciation de REPL sans new. Dépréciation de l'utilisation des classes Zlib sans new. Dépréciation du passage de args à spawn et execFile dans child_process. Node.js 24 est actuellement la version “Current” et deviendra une version LTS en octobre 2025. Il est recommandé de tester cette version pour évaluer son impact sur vos applications. Data et Intelligence Artificielle Apprendre à coder reste crucial et l'IA est là pour venir en aide : https://kyrylo.org/software/2025/03/27/learn-to-code-ignore-ai-then-use-ai-to-code-even-better.html Apprendre à coder reste essentiel malgré l'IA. L'IA peut assister la programmation. Une solide base est cruciale pour comprendre et contrôler le code. Cela permet d'éviter la dépendance à l'IA. Cela réduit le risque de remplacement par des outils d'IA accessibles à tous. L'IA est un outil, pas un substitut à la maîtrise des fondamentaux. Super article de Anthropic qui essaie de comprendre comment fonctionne la “pensée” des LLMs https://www.anthropic.com/research/tracing-thoughts-language-model Effet boîte noire : Stratégies internes des IA (Claude) opaques aux développeurs et utilisateurs. Objectif : Comprendre le “raisonnement” interne pour vérifier capacités et intentions. Méthode : Inspiration neurosciences, développement d'un “microscope IA” (regarder quels circuits neuronaux s'activent). Technique : Identification de concepts (“features”) et de “circuits” internes. Multilinguisme : Indice d'un “langage de pensée” conceptuel commun à toutes les langues avant de traduire dans une langue particulière. Planification : Capacité à anticiper (ex: rimes en poésie), pas seulement de la génération mot par mot (token par token). Raisonnement non fidèle : Peut fabriquer des arguments plausibles (“bullshitting”) pour une conclusion donnée. Logique multi-étapes : Combine des faits distincts, ne se contente pas de mémoriser. Hallucinations : Refus par défaut ; réponse si “connaissance” active, sinon risque d'hallucination si erreur. “Jailbreaks” : Tension entre cohérence grammaticale (pousse à continuer) et sécurité (devrait refuser). Bilan : Méthodes limitées mais prometteuses pour la transparence et la fiabilité de l'IA. Le “S” dans MCP veut dire Securité (ou pas !) https://elenacross7.medium.com/%EF%B8%8F-the-s-in-mcp-stands-for-security-91407b33ed6b La spécification MCP pour permettre aux LLMs d'avoir accès à divers outils et fonctions a peut-être été adoptée un peu rapidement, alors qu'elle n'était pas encore prête niveau sécurité L'article liste 4 types d'attaques possibles : vulnérabilité d'injection de commandes attaque d'empoisonnement d'outils redéfinition silencieuse de l'outil le shadowing d'outils inter-serveurs Pour l'instant, MCP n'est pas sécurisé : Pas de standard d'authentification Pas de chiffrement de contexte Pas de vérification d'intégrité des outils Basé sur l'article de InvariantLabs https://invariantlabs.ai/blog/mcp-security-notification-tool-poisoning-attacks Sortie Infinispan 15.2 - pre rolling upgrades 16.0 https://infinispan.org/blog/2025/03/27/infinispan-15-2 Support de Redis JSON + scripts Lua Métriques JVM désactivables Nouvelle console (PatternFly 6) Docs améliorées (métriques + logs) JDK 17 min, support JDK 24 Fin du serveur natif (performances) Guillaume montre comment développer un serveur MCP HTTP Server Sent Events avec l'implémentation de référence Java et LangChain4j https://glaforge.dev/posts/2025/04/04/mcp-client-and-server-with-java-mcp-sdk-and-langchain4j/ Développé en Java, avec l'implémentation de référence qui est aussi à la base de l'implémentation dans Spring Boot (mais indépendant de Spring) Le serveur MCP est exposé sous forme de servlet dans Jetty Le client MCP lui, est développé avec le module MCP de LangChain4j c'est semi independant de Spring dans le sens où c'est dépendant de Reactor et de ses interface. il y a une conversation sur le github d'anthropic pour trouver une solution, mais cela ne parait pas simple. Les fallacies derrière la citation “AI won't replace you, but humans using AI will” https://platforms.substack.com/cp/161356485 La fallacie de l'automatisation vs. l'augmentation : Elle se concentre sur l'amélioration des tâches existantes avec l'IA au lieu de considérer le changement de la valeur de ces tâches dans un nouveau système. La fallacie des gains de productivité : L'augmentation de la productivité ne se traduit pas toujours par plus de valeur pour les travailleurs, car la valeur créée peut être capturée ailleurs dans le système. La fallacie des emplois statiques : Les emplois sont des constructions organisationnelles qui peuvent être redéfinies par l'IA, rendant les rôles traditionnels obsolètes. La fallacie de la compétition “moi vs. quelqu'un utilisant l'IA” : La concurrence évolue lorsque l'IA modifie les contraintes fondamentales d'un secteur, rendant les compétences existantes moins pertinentes. La fallacie de la continuité du flux de travail : L'IA peut entraîner une réimagination complète des flux de travail, éliminant le besoin de certaines compétences. La fallacie des outils neutres : Les outils d'IA ne sont pas neutres et peuvent redistribuer le pouvoir organisationnel en changeant la façon dont les décisions sont prises et exécutées. La fallacie du salaire stable : Le maintien d'un emploi ne garantit pas un salaire stable, car la valeur du travail peut diminuer avec l'augmentation des capacités de l'IA. La fallacie de l'entreprise stable : L'intégration de l'IA nécessite une restructuration de l'entreprise et ne se fait pas dans un vide organisationnel. Comprendre le “sampling” dans les LLMs https://rentry.co/samplers Explique pourquoi les LLMs utilisent des tokens Les différentes méthodes de “sampling” : càd de choix de tokens Les hyperparamètres comme la température, top-p, et leur influence réciproque Les algorithmes de tokenisation comme Byte Pair Encoding et SentencePiece. Un de moins … OpenAI va racheter Windsurf pour 3 milliards de dollars. https://www.bloomberg.com/news/articles/2025-05-06/openai-reaches-agreement-to-buy-startup-windsurf-for-3-billion l'accord n'est pas encore finalisé Windsurf était valorisé à 1,25 milliards l'an dernier et OpenAI a levé 40 milliards dernièrement portant sa valeur à 300 milliards Le but pour OpenAI est de rentrer dans le monde des assistants de code pour lesquels ils sont aujourd'hui absent Docker desktop se met à l'IA… ? Une nouvelle fonctionnalité dans docker desktop 4.4 sur macos: Docker Model Runner https://dev.to/docker/run-genai-models-locally-with-docker-model-runner-5elb Permet de faire tourner des modèles nativement en local ( https://docs.docker.com/model-runner/ ) mais aussi des serveurs MCP ( https://docs.docker.com/ai/mcp-catalog-and-toolkit/ ) Outillage Jetbrains défend la suppression des commentaires négatifs sur son assistant IA https://devclass.com/2025/04/30/jetbrains-defends-removal-of-negative-reviews-for-unpopular-ai-assistant/?td=rt-3a L'IA Assistant de JetBrains, lancée en juillet 2023, a été téléchargée plus de 22 millions de fois mais n'est notée que 2,3 sur 5. Des utilisateurs ont remarqué que certaines critiques négatives étaient supprimées, ce qui a provoqué une réaction négative sur les réseaux sociaux. Un employé de JetBrains a expliqué que les critiques ont été supprimées soit parce qu'elles mentionnaient des problèmes déjà résolus, soit parce qu'elles violaient leur politique concernant les “grossièretés, etc.” L'entreprise a reconnu qu'elle aurait pu mieux gérer la situation, un représentant déclarant : “Supprimer plusieurs critiques d'un coup sans préavis semblait suspect. Nous aurions dû au moins publier un avis et fournir plus de détails aux auteurs.” Parmi les problèmes de l'IA Assistant signalés par les utilisateurs figurent : un support limité pour les fournisseurs de modèles tiers, une latence notable, des ralentissements fréquents, des fonctionnalités principales verrouillées aux services cloud de JetBrains, une expérience utilisateur incohérente et une documentation insuffisante. Une plainte courante est que l'IA Assistant s'installe sans permission. Un utilisateur sur Reddit l'a qualifié de “plugin agaçant qui s'auto-répare/se réinstalle comme un phénix”. JetBrains a récemment introduit un niveau gratuit et un nouvel agent IA appelé Junie, destiné à fonctionner parallèlement à l'IA Assistant, probablement en réponse à la concurrence entre fournisseurs. Mais il est plus char a faire tourner. La société s'est engagée à explorer de nouvelles approches pour traiter les mises à jour majeures différemment et envisage d'implémenter des critiques par version ou de marquer les critiques comme “Résolues” avec des liens vers les problèmes correspondants au lieu de les supprimer. Contrairement à des concurrents comme Microsoft, AWS ou Google, JetBrains commercialise uniquement des outils et services de développement et ne dispose pas d'une activité cloud distincte sur laquelle s'appuyer. Vos images de README et fichiers Markdown compatibles pour le dark mode de GitHub: https://github.blog/developer-skills/github/how-to-make-your-images-in-markdown-on-github-adjust-for-dark-mode-and-light-mode/ Seulement quelques lignes de pure HTML pour le faire Architecture Alors, les DTOs, c'est bien ou c'est pas bien ? https://codeopinion.com/dtos-mapping-the-good-the-bad-and-the-excessive/ Utilité des DTOs : Les DTOs servent à transférer des données entre les différentes couches d'une application, en mappant souvent les données entre différentes représentations (par exemple, entre la base de données et l'interface utilisateur). Surutilisation fréquente : L'article souligne que les DTOs sont souvent utilisés de manière excessive, notamment pour créer des API HTTP qui ne font que refléter les entités de la base de données, manquant ainsi l'opportunité de composer des données plus riches. Vraie valeur : La valeur réelle des DTOs réside dans la gestion du couplage entre les couches et la composition de données provenant de sources multiples en formes optimisées pour des cas d'utilisation spécifiques. Découplage : Il est suggéré d'utiliser les DTOs pour découpler les modèles de données internes des contrats externes (comme les API), ce qui permet une évolution et une gestion des versions indépendantes. Exemple avec CQRS : Dans le cadre de CQRS (Command Query Responsibility Segregation), les réponses aux requêtes (queries) agissent comme des DTOs spécifiquement adaptés aux besoins de l'interface utilisateur, pouvant inclure des données de diverses sources. Protection des données internes : Les DTOs aident à distinguer et protéger les modèles de données internes (privés) des changements externes (publics). Éviter l'excès : L'auteur met en garde contre les couches de mapping excessives (mapper un DTO vers un autre DTO) qui n'apportent pas de valeur ajoutée. Création ciblée : Il est conseillé de ne créer des DTOs que lorsqu'ils résolvent des problèmes concrets, tels que la gestion du couplage ou la facilitation de la composition de données. Méthodologies Même Guillaume se met au “vibe coding” https://glaforge.dev/posts/2025/05/02/vibe-coding-an-mcp-server-with-micronaut-and-gemini/ Selon Andrey Karpathy, c'est le fait de POC-er un proto, une appli jetable du weekend https://x.com/karpathy/status/1886192184808149383 Mais Simon Willison s'insurge que certains confondent coder avec l'assistance de l'IA avec le vibe coding https://simonwillison.net/2025/May/1/not-vibe-coding/ Guillaume c'est ici amusé à développer un serveur MCP avec Micronaut, en utilisant Gemini, l'IA de Google. Contrairement à Quarkus ou Spring Boot, Micronaut n'a pas encore de module ou de support spécifique pour faciliter la création de serveur MCP Sécurité Une faille de sécurité 10/10 sur Tomcat https://www.it-connect.fr/apache-tomcat-cette-faille-activement-exploitee-seulement-30-heures-apres-sa-divulgation-patchez/ Une faille de sécurité critique (CVE-2025-24813) affecte Apache Tomcat, permettant l'exécution de code à distance Cette vulnérabilité est activement exploitée seulement 30 heures après sa divulgation du 10 mars 2025 L'attaque ne nécessite aucune authentification et est particulièrement simple à exécuter Elle utilise une requête PUT avec une charge utile Java sérialisée encodée en base64, suivie d'une requête GET L'encodage en base64 permet de contourner la plupart des filtres de sécurité Les serveurs vulnérables utilisent un stockage de session basé sur des fichiers (configuration répandue) Les versions affectées sont : 11.0.0-M1 à 11.0.2, 10.1.0-M1 à 10.1.34, et 9.0.0.M1 à 9.0.98 Les mises à jour recommandées sont : 11.0.3+, 10.1.35+ et 9.0.99+ Les experts prévoient des attaques plus sophistiquées dans les prochaines phases d'exploitation (upload de config ou jsp) Sécurisation d'un serveur ssh https://ittavern.com/ssh-server-hardening/ un article qui liste les configurations clés pour sécuriser un serveur SSH par exemple, enlever password authentigfication, changer de port, desactiver le login root, forcer le protocol ssh 2, certains que je ne connaissais pas comme MaxStartups qui limite le nombre de connections non authentifiées concurrentes Port knocking est une technique utile mais demande une approche cliente consciente du protocol Oracle admet que les identités IAM de ses clients ont leaké https://www.theregister.com/2025/04/08/oracle_cloud_compromised/ Oracle a confirmé à certains clients que son cloud public a été compromis, alors que l'entreprise avait précédemment nié toute intrusion. Un pirate informatique a revendiqué avoir piraté deux serveurs d'authentification d'Oracle et volé environ six millions d'enregistrements, incluant des clés de sécurité privées, des identifiants chiffrés et des entrées LDAP. La faille exploitée serait la vulnérabilité CVE-2021-35587 dans Oracle Access Manager, qu'Oracle n'avait pas corrigée sur ses propres systèmes. Le pirate a créé un fichier texte début mars sur login.us2.oraclecloud.com contenant son adresse email pour prouver son accès. Selon Oracle, un ancien serveur contenant des données vieilles de huit ans aurait été compromis, mais un client affirme que des données de connexion aussi récentes que 2024 ont été dérobées. Oracle fait face à un procès au Texas concernant cette violation de données. Cette intrusion est distincte d'une autre attaque contre Oracle Health, sur laquelle l'entreprise refuse de commenter. Oracle pourrait faire face à des sanctions sous le RGPD européen qui exige la notification des parties affectées dans les 72 heures suivant la découverte d'une fuite de données. Le comportement d'Oracle consistant à nier puis à admettre discrètement l'intrusion est inhabituel en 2025 et pourrait mener à d'autres actions en justice collectives. Une GitHub action très populaire compromise https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised Compromission de l'action tj-actions/changed-files : En mars 2025, une action GitHub très utilisée (tj-actions/changed-files) a été compromise. Des versions modifiées de l'action ont exposé des secrets CI/CD dans les logs de build. Méthode d'attaque : Un PAT compromis a permis de rediriger plusieurs tags de version vers un commit contenant du code malveillant. Détails du code malveillant : Le code injecté exécutait une fonction Node.js encodée en base64, qui téléchargeait un script Python. Ce script parcourait la mémoire du runner GitHub à la recherche de secrets (tokens, clés…) et les exposait dans les logs. Dans certains cas, les données étaient aussi envoyées via une requête réseau. Période d'exposition : Les versions compromises étaient actives entre le 12 et le 15 mars 2025. Tout dépôt, particulièrement ceux publiques, ayant utilisé l'action pendant cette période doit être considéré comme potentiellement exposé. Détection : L'activité malveillante a été repérée par l'analyse des comportements inhabituels pendant l'exécution des workflows, comme des connexions réseau inattendues. Réaction : GitHub a supprimé l'action compromise, qui a ensuite été nettoyée. Impact potentiel : Tous les secrets apparaissant dans les logs doivent être considérés comme compromis, même dans les dépôts privés, et régénérés sans délai. Loi, société et organisation Les startup the YCombinateur ont les plus fortes croissances de leur histoire https://www.cnbc.com/2025/03/15/y-combinator-startups-are-fastest-growing-in-fund-history-because-of-ai.html Les entreprises en phase de démarrage à Silicon Valley connaissent une croissance significative grâce à l'intelligence artificielle. Le PDG de Y Combinator, Garry Tan, affirme que l'ensemble des startups de la dernière cohorte a connu une croissance hebdomadaire de 10% pendant neuf mois. L'IA permet aux développeurs d'automatiser des tâches répétitives et de générer du code grâce aux grands modèles de langage. Pour environ 25% des startups actuelles de YC, 95% de leur code a été écrit par l'IA. Cette révolution permet aux entreprises de se développer avec moins de personnel - certaines atteignant 10 millions de dollars de revenus avec moins de 10 employés. La mentalité de “croissance à tout prix” a été remplacée par un renouveau d'intérêt pour la rentabilité. Environ 80% des entreprises présentées lors du “demo day” étaient centrées sur l'IA, avec quelques startups en robotique et semi-conducteurs. Y Combinator investit 500 000 dollars dans les startups en échange d'une participation au capital, suivi d'un programme de trois mois. Red Hat middleware (ex-jboss) rejoint IBM https://markclittle.blogspot.com/2025/03/red-hat-middleware-moving-to-ibm.html Les activités Middleware de Red Hat (incluant JBoss, Quarkus, etc.) vont être transférées vers IBM, dans l'unité dédiée à la sécurité des données, à l'IAM et aux runtimes. Ce changement découle d'une décision stratégique de Red Hat de se concentrer davantage sur le cloud hybride et l'intelligence artificielle. Mark Little explique que ce transfert était devenu inévitable, Red Hat ayant réduit ses investissements dans le Middleware ces dernières années. L'intégration vise à renforcer l'innovation autour de Java en réunissant les efforts de Red Hat et IBM sur ce sujet. Les produits Middleware resteront open source et les clients continueront à bénéficier du support habituel sans changement. Mark Little affirme que des projets comme Quarkus continueront à être soutenus et que cette évolution est bénéfique pour la communauté Java. Un an de commonhaus https://www.commonhaus.org/activity/253.html un an, démarré sur les communautés qu'ils connaissaient bien maintenant 14 projets et put en accepter plus confiance, gouvernance legère et proteger le futur des projets automatisation de l'administratif, stabiilité sans complexité, les developpeurs au centre du processus de décision ils ont besoins de members et supporters (financiers) ils veulent accueillir des projets au delà de ceux du cercles des Java Champions Spring Cloud Data Flow devient un produit commercial et ne sera plus maintenu en open source https://spring.io/blog/2025/04/21/spring-cloud-data-flow-commercial Peut-être sous l'influence de Broadcom, Spring se met à mettre en mode propriétaire des composants du portefeuille Spring ils disent que peu de gens l'utilisaent en mode OSS et la majorité venait d'un usage dans la plateforme Tanzu Maintenir en open source le coutent du temps qu'ils son't pas sur ces projets. La CNCF protège le projet NATS, dans la fondation depuis 2018, vu que la société Synadia qui y contribue souhaitait reprendre le contrôle du projet https://www.cncf.io/blog/2025/04/24/protecting-nats-and-the-integrity-of-open-source-cncfs-commitment-to-the-community/ CNCF : Protège projets OS, gouvernance neutre. Synadia vs CNCF : Veut retirer NATS, licence non-OS (BUSL). CNCF : Accuse Synadia de “claw back” (reprise illégitime). Revendications Synadia : Domaine nats.io, orga GitHub. Marque NATS : Synadia n'a pas transféré (promesse rompue malgré aide CNCF). Contestation Synadia : Juge règles CNCF “trop vagues”. Vote interne : Mainteneurs Synadia votent sortie CNCF (sans communauté). Support CNCF : Investissement majeur ($ audits, légal), succès communautaire (>700 orgs). Avenir NATS (CNCF) : Maintien sous Apache 2.0, gouvernance ouverte. Actions CNCF : Health check, appel mainteneurs, annulation marque Synadia, rejet demandes. Mais finalement il semble y avoir un bon dénouement : https://www.cncf.io/announcements/2025/05/01/cncf-and-synadia-align-on-securing-the-future-of-the-nats-io-project/ Accord pour l'avenir de NATS.io : La Cloud Native Computing Foundation (CNCF) et Synadia ont conclu un accord pour sécuriser le futur du projet NATS.io. Transfert des marques NATS : Synadia va céder ses deux enregistrements de marque NATS à la Linux Foundation afin de renforcer la gouvernance ouverte du projet. Maintien au sein de la CNCF : L'infrastructure et les actifs du projet NATS resteront sous l'égide de la CNCF, garantissant ainsi sa stabilité à long terme et son développement en open source sous licence Apache-2.0. Reconnaissance et engagement : La Linux Foundation, par la voix de Todd Moore, reconnaît les contributions de Synadia et son soutien continu. Derek Collison, PDG de Synadia, réaffirme l'engagement de son entreprise envers NATS et la collaboration avec la Linux Foundation et la CNCF. Adoption et soutien communautaire : NATS est largement adopté et considéré comme une infrastructure critique. Il bénéficie d'un fort soutien de la communauté pour sa nature open source et l'implication continue de Synadia. Finalement, Redis revient vers une licence open source OSI, avec la AGPL https://foojay.io/today/redis-is-now-available-under-the-agplv3-open-source-license/ Redis passe à la licence open source AGPLv3 pour contrer l'exploitation par les fournisseurs cloud sans contribution. Le passage précédent à la licence SSPL avait nui à la relation avec la communauté open source. Salvatore Sanfilippo (antirez) est revenu chez Redis. Redis 8 adopte la licence AGPL, intègre les fonctionnalités de Redis Stack (JSON, Time Series, etc.) et introduit les “vector sets” (le support de calcul vectoriel développé par Salvatore). Ces changements visent à renforcer Redis en tant que plateforme appréciée des développeurs, conformément à la vision initiale de Salvatore. Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 6-7 mai 2025 : GOSIM AI Paris - Paris (France) 7-9 mai 2025 : Devoxx UK - London (UK) 15 mai 2025 : Cloud Toulouse - Toulouse (France) 16 mai 2025 : AFUP Day 2025 Lille - Lille (France) 16 mai 2025 : AFUP Day 2025 Lyon - Lyon (France) 16 mai 2025 : AFUP Day 2025 Poitiers - Poitiers (France) 22-23 mai 2025 : Flupa UX Days 2025 - Paris (France) 24 mai 2025 : Polycloud - Montpellier (France) 24 mai 2025 : NG Baguette Conf 2025 - Nantes (France) 3 juin 2025 : TechReady - Nantes (France) 5-6 juin 2025 : AlpesCraft - Grenoble (France) 5-6 juin 2025 : Devquest 2025 - Niort (France) 10-11 juin 2025 : Modern Workplace Conference Paris 2025 - Paris (France) 11-13 juin 2025 : Devoxx Poland - Krakow (Poland) 12 juin 2025 : Positive Design Days - Strasbourg (France) 12-13 juin 2025 : Agile Tour Toulouse - Toulouse (France) 12-13 juin 2025 : DevLille - Lille (France) 13 juin 2025 : Tech F'Est 2025 - Nancy (France) 17 juin 2025 : Mobilis In Mobile - Nantes (France) 19-21 juin 2025 : Drupal Barcamp Perpignan 2025 - Perpignan (France) 24 juin 2025 : WAX 2025 - Aix-en-Provence (France) 25-26 juin 2025 : Agi'Lille 2025 - Lille (France) 25-27 juin 2025 : BreizhCamp 2025 - Rennes (France) 26-27 juin 2025 : Sunny Tech - Montpellier (France) 1-4 juillet 2025 : Open edX Conference - 2025 - Palaiseau (France) 7-9 juillet 2025 : Riviera DEV 2025 - Sophia Antipolis (France) 5 septembre 2025 : JUG Summer Camp 2025 - La Rochelle (France) 12 septembre 2025 : Agile Pays Basque 2025 - Bidart (France) 18-19 septembre 2025 : API Platform Conference - Lille (France) & Online 23 septembre 2025 : OWASP AppSec France 2025 - Paris (France) 25-26 septembre 2025 : Paris Web 2025 - Paris (France) 2-3 octobre 2025 : Volcamp - Clermont-Ferrand (France) 3 octobre 2025 : DevFest Perros-Guirec 2025 - Perros-Guirec (France) 6-10 octobre 2025 : Devoxx Belgium - Antwerp (Belgium) 7 octobre 2025 : BSides Mulhouse - Mulhouse (France) 9-10 octobre 2025 : Forum PHP 2025 - Marne-la-Vallée (France) 9-10 octobre 2025 : EuroRust 2025 - Paris (France) 16 octobre 2025 : PlatformCon25 Live Day Paris - Paris (France) 16-17 octobre 2025 : DevFest Nantes - Nantes (France) 30-31 octobre 2025 : Agile Tour Bordeaux 2025 - Bordeaux (France) 30-31 octobre 2025 : Agile Tour Nantais 2025 - Nantes (France) 30 octobre 2025-2 novembre 2025 : PyConFR 2025 - Lyon (France) 4-7 novembre 2025 : NewCrafts 2025 - Paris (France) 6 novembre 2025 : dotAI 2025 - Paris (France) 7 novembre 2025 : BDX I/O - Bordeaux (France) 12-14 novembre 2025 : Devoxx Morocco - Marrakech (Morocco) 13 novembre 2025 : DevFest Toulouse - Toulouse (France) 15-16 novembre 2025 : Capitole du Libre - Toulouse (France) 20 novembre 2025 : OVHcloud Summit - Paris (France) 21 novembre 2025 : DevFest Paris 2025 - Paris (France) 27 novembre 2025 : Devfest Strasbourg 2025 - Strasbourg (France) 28 novembre 2025 : DevFest Lyon - Lyon (France) 5 décembre 2025 : DevFest Dijon 2025 - Dijon (France) 10-11 décembre 2025 : Devops REX - Paris (France) 10-11 décembre 2025 : Open Source Experience - Paris (France) 28-31 janvier 2026 : SnowCamp 2026 - Grenoble (France) 2-6 février 2026 : Web Days Convention - Aix-en-Provence (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 17 juin 2026 : Devoxx Poland - Krakow (Poland) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

Kyle is the cofounder of Depot.  Depot accelerates your Docker image builds and GitHub Actions workflows. Kyle shares how Depot were able to grow to $1M ARR and beyond with a very lean team.This episode is brought to you by WorkOS. If you're thinking about selling to enterprise customers, WorkOS can help you add enterprise features like Single Sign On and audit logs. Links:Depot Kyle Galbraith 

If you only listen to one episode of W4W this year, THIS is the one you need to make time for. Pam talks AI, its implications and the future of writing with two women on the frontlines of championing artistic rights, journalist @traceyspicer and writer @sandiedocker. We promise, you’ll leave this episode informed, aware, determined and hopeful about the future of your work. These are scary times, but this community is full of courageous women. SHOW NOTES: Writes4Women www.writes4women.com Facebook @writes4women Twitter / Instagram @w4wpodcast W4W Substack https://writes4women.substack.com/ Tracey Spicer Website: click here Facebook: click here Instagram: click here Sandie Docker Website: click here Facebook: click here Instagram: click here Check our Sandie's info on AI here: https://www.sandiedocker.com/ai-action Pamela Cook www.pamelacook.com.au Facebook: click here Twitter: click here Instagram: click here This episode produced by Pamela Cook for Writes4Women on unceded Dharawal country. Support the show: https://www.patreon.com/writes4women?fan_landing=trueSee omnystudio.com/listener for privacy information.

Kenneth Stott, Field CTO at Hasura, joins the Ardan Labs podcast to recount his journey from a BYU student to innovating computer audits at Deloitte and navigating the high-pressure world of Wall Street. He explains how early hands-on experiences with computers and his organizational behavior classes ignited an entrepreneurial mindset. Throughout the conversation, Stott underscores the critical role of relationships, cultural awareness, and the art of storytelling in advancing one's career. He wraps up by highlighting his current work at Hasura, where he's driving breakthroughs in data management and leveraging AI to empower smarter business decisions.00:00 Introduction00:40 What is Kenneth Doing Today?06:05 First Memory of a Computer11:00 Early Entrepreneurship / Interests19:00 Entering University33:00 First Job After Graduation41:00 Moving to New York47:00 Working on Wall Street52:00 Entering C-Suite Jobs1:06:00 Desired Characteristics1:09:20 Roles before Retirement1:12:00 Working at Hasura1:15:00 PromptQL1:17:00 Contact InfoConnect with  Kenneth: Linkedin: https://www.linkedin.com/in/kenstott/Mentioned in this Episode:Hasura: https://hasura.io/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

We may be in transplant territory because there are too many pieces of our shattered purple hearts for another band-aid to hold it all together. Time to somehow Restump Podcast that depressing and demoralising Docker performance.In the context of when being in possession of supposed competent and talented lists, it was as incomprehensible a performance as we have ever delivered in our 30+ year history. There is no sugar coating it, spinning it or dismissing it, you simply can't imagine how it could get worse. In fact, you can't even take that ironic positive because, in the most unfathomable manner, we continue to find ways of lowering the bar.We take two steps forward; we take two steps back! What are we a team of Paula Abduls? Framing every second week as redemption round isn't sustainable or conducive to progress. There is something fundamentally wrong at the club that no one seems to be able to definitively put their finger on. But on the back of expectation and a specific strategic plan conveyed by the club, fans and members understandably are outraged and, reactionary or otherwise, have coach Justin Longmuir in the gun. Neesham, Drum, Connolly, Harvey and now Longmuir. We've been in the competition for 30 years and the cause of every crisis has apparently been the coach. How's that worked out for us?There is no doubt Justin Longmuir now finds himself under a level of pressure few could ever conceive but, after such a performance there shouldn't be anyone at the club not looking inward. However, while emotions run high, it would be remiss of everyone to not remember Damian Hardwick being under comparable pressure in 2016. After being in the top job at Tigerland for 7 years, the Tiges finished 13th with 8 wins and that came off the back of an elimination final loss the previous year. It had Richmond fans, members and the media calling for his head. The board responded by backing in their process and they double downed on Hardwick. We all know what happened over the next 4 years. Are the two situations comparable? Those who have made up their mind on JL will say no, and that is their prerogative. Whether we like to acknowledge it or not, us fans are victims of the overrating of our list at the time by the Fremantle administration. They were far too optimistic with their projections with such a young side, which remains the case. In 2022 we had an average age list of 24.1 years. Four years later we have an average age list of 24.5 years. However, despite the reality, it's an emotional game and many fans, irrational or otherwise, now don't contemplate reasoning other than the coach is entirely to blame. And that is understandable given the Fremantle football club put it all out there in 2022. We preach accountability, don't we? It will be interesting and very telling, how Simon Garlic handles this situation.Everything about footy is subjective. The validity of our opinions today is determined only by time.Does any of this ease the onset depression we're all suffering from Friday night? Probably not. No stranger to adversary, but the club is in a deeper hole than it usually finds itself in. The problem is the only way out is to climb a ladder! We don't know where we go from here, but if our venting and ranting provides some type of vicarious frustration outlet on the pod… you're welcome. Send us a textSupport the show

Tänases episoodis räägime turvalisusest konteinerite maailmas. Külas on Sten Leinasaar, Eesti Rahvusringhäälingu DevOps insener, kes jagab praktilisi soovitusi Docker konteinerite turvamiseks. Sten viib läbi ka 9. mai Digit konverentsil töötoa konteinerite turbest.Teeme ka ametlikult teatavaks Algorütmi uue saatejuhi.-----Jaga meile enda jaoks olulisimat mõtet episoodist meie Discord kanalis: https://discord.gg/8X5JTkDxccEpisoodi veavad Priit Liivak ja Martin KappAlgorütmi toetavad Patchstack https://patchstack.comNortal https://nortal.com/Veriff https://www.veriff.com/

In this conversation, Bill Kennedy and Austin Vance discuss the critical role of relationships in business, the balance between AI and human interaction, and the importance of cultivating client trust. They explore how AI can enhance efficiency without replacing the human touch in consulting. The discussion also delves into pricing strategies in a changing economic landscape, the significance of legacy code, and the need for developers to maintain empathy towards existing systems. Ultimately, they emphasize the importance of creating awareness and demonstrating expertise in the market.00:00 Introduction00:30 What is Austin Doing Today?02:10 First Experiences with a Computer06:00 Highschool Interests9:30 Early Laptops16:20 Entering College23:30 The Journey to Computer Science 26:30 First Jobs in Tech32:00 Starting Focused 35:00 Agency vs Products and Reputation44:30 Moving on From Pivotal52:48 Balancing AI and Human Interaction01:08:30 Future Market Concerns01:20:30 Controlling Chaos1:28:00 Contact InfoConnect with Austin: Linkedin: https://www.linkedin.com/in/austinbv/Mentioned in this Episode:Focused: https://focused.io/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

Join Dan Vega and DaShaun Carter for the latest updates from the Spring Ecosystem. In this episode, they welcome Eddú Meléndez, who works on Testcontainers at Docker following the company's acquisition of the project.The trio explores the recently released Docker Model Runner in Docker Desktop 4.40.0, which provides a local Inference API compatible with the OpenAI API and integrates seamlessly with Spring AI 1.0.0-M7.Eddú shares his journey of contributing to Spring projects, discusses his experience with Testcontainers, and provides insights on running AI models locally with zero API keys or data sharing. Don't miss this in-depth look at the intersection of Spring AI and Docker technologies, showcasing how developers can leverage these powerful tools in their projects.You can participate in our live stream to ask questions or catch the replay on your preferred podcast platform.Show NotesSpring AI with Docker Model RunnerEddú Meléndez on TwitterEddú Meléndez on BlueSky

selfh.st es un excelente sitio web que será el compañero ideal para tu viaje por el mundo del auto alojamiento donde encontrarás cientos de serviciosQue esté completamente fascinado por el mundo del auto alojamiento o self-hosted es algo completamente comprensible. Hay cientos, y cuando te digo cientos, te aseguro que no exagero de servicios disponibles para auto alojar. Cuando empecé con todo el mundo del alojamiento, fue mas bien por la curiosidad que me generaba Docker. Hoy, se ha quedado casi al margen, que sea con Docker o Podman, o cualquier otra solución. Lo que realmente me fascina, es que tengo la posibilidad de hacer casi cualquier cosa que se me pueda pasar por la cabeza. Siempre hay alguien que ha desarrollado un servicio que se adapta mas o menos a mi flujo de trabajo. Desde crear un servidor multimedia, hasta alojar tu propio código o incluso controlar el tiempo que le dedicas a cada proyecto. Actualmente las novedades relativas al mundo del auto alojamiento las obtengo de distinta forma. Desde grupos de Telegram, pasando por Reddit, y también de un servicio que se ha convertido en fundamental para mi, y es de este servicio del que te quiero hablar en este episodio. Se trata de un sitio web, que te ayudará a crear tu propia nube, en tres clics, facilitándote la tarea de seleccionar aquellos servicios que mas se adecuen a tu flujo de trabajo o a tus necesidades.Más información y enlaces en las notas del episodio

Live from LinuxFest Norhtwest 2025 Day 1. Exclusive coverage, chats, interviews, and more. Catch day two in episode 612 of LINUX Unplugged.

Heroku has been undergoing a major transformation, re-platforming its entire Platform as a Service (PaaS) offering over the past year and a half. This ambitious effort, dubbed “Fir,” will soon reach general availability. According to Betty Junod, CMO and SVP at Heroku (owned by Salesforce), the overhaul includes a shift to Kubernetes and OCI standards, reinforcing Heroku's commitment to open source. The platform now features Heroku Cloud Native Buildpacks, which let developers create container images without Dockerfiles. Originally built on Ruby on Rails and predating Docker and AWS, Heroku now supports eight programming languages. The company has also deepened its open source engagement by becoming a platinum member of the Cloud Native Computing Foundation (CNCF), contributing to projects like OpenTelemetry. Additionally, Heroku has open sourced its Twelve-Factor Apps methodology, inviting the community to help modernize it to address evolving needs such as secrets management and workload identity. This signals a broader effort to align Heroku's future with the cloud native ecosystem. Learn more from The New Stack about Heroku's approach to Platform-as-a-Service:Return to PaaS: Building the Platform of Our DreamsHeroku Moved Twelve-Factor Apps to Open Source. What's Next?How Heroku Is Positioned To Help Ops Engineers in the GenAI EraJoin our community of newsletter subscribers to stay on top of the news and at the top of your game.

The White House's shift of cybersecurity responsibilities to the states is met with skepticism. Baltimore City Public Schools suffer a ransomware attack. Russian state-backed hackers target Dutch critical infrastructure. Microsoft resolves multiple Remote Desktop issues. A new malware campaign is targeting Docker environments for cryptojacking. A new phishing campaign uses weaponized Word documents to steal Windows login credentials. Zyxel Networks issues critical patches for two high-severity vulnerabilities. CISA issues five advisories highlighting critical vulnerabilities in ICS systems. Our guest is Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division, sharing the findings of their latest IC3 report. So long, Privacy Sandbox.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division, as she is sharing the findings of their latest IC3 report. Selected Reading Trump is shifting cybersecurity to the states, but many aren't prepared (Stateline) Baltimore City Public Schools report data breach (beyondmachines) Russia attempting cyber sabotage attacks against Dutch critical infrastructure (record) Microsoft fixes Remote Desktop freezes caused by Windows updates (bleepingcomputer) New Malware Hijacking Docker Images with Unique Obfuscation Technique (cybersecuritynews) Hackers Exploit Weaponized Word Docs to Steal Windows Login Credentials (gbhackers) Kelly Benefits Data Breach Impacts 260,000 People (SecurityWeek) Data Breach at Onsite Mammography Impacts 350,000 (SecurityWeek) Zyxel Patches Privilege Management Vulnerabilities in USG FLEX H Series Firewalls (cybersecuritynews) CISA Releases Five Advisories Covering ICS Vulnerabilities & Exploits (cybersecuritynews) RIP to the Google Privacy Sandbox (The Register) 2024 IC3 ANNUAL REPORT  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this conversation, Bilal Khan shares his journey from a small town in Pakistan to becoming a software developer and content creator. He discusses his early education, the challenges he faced while transitioning to high school in a big city, and his experiences in university. Bilal reflects on his exploration of boot camps and internships, as well as the ups and downs of navigating his early career in the tech industry. Bilal expresses a desire to deepen his programming skills and contribute to the tech community while navigating the complexities of the job market.00:00 Introduction00:30 What is Bilal Doing Today?05:00 Early Education / Life11:30 First Experience with a Computer15:45 University Experience17:30 Entering Boot Camps23:40 Looking for Tech Work 31:30 Experience During COVID-1935:00 Family Dynamics 42:00 Generating Income1:03:00 Future Aspirations1:07:20 Contact InfoConnect with Bilal: Linkedin: https://www.linkedin.com/in/ibilalkayy/Mentioned in this Episode:Go: https://go.dev/Rust: https://www.rust-lang.org/Bill.com: https://www.bill.com/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

News includes EEF board elections with voting beginning May 9th, Gleam v1.10.0 enhancing security with SBoMs and SLSA build provenance, an AshAuthentication vulnerability with mitigation steps, the Elixir Secure Coding Training project finding a permanent home at the EEF, announcements for both ElixirConf US 2025 in Orlando and ElixirConfEU in Krakow with speaker lineup, and more! Show Notes online - http://podcast.thinkingelixir.com/250 (http://podcast.thinkingelixir.com/250) Elixir Community News https://paraxial.io/ (https://paraxial.io/?utm_source=thinkingelixir&utm_medium=shownotes) – Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a limited time offer. https://erlef.org/blog/eef/election-2025 (https://erlef.org/blog/eef/election-2025?utm_source=thinkingelixir&utm_medium=shownotes) – EEF board elections announced with important dates - candidacy submissions by May 8th, voting open May 9-16th. https://x.com/TheErlef/status/1911847956308959650 (https://x.com/TheErlef/status/1911847956308959650?utm_source=thinkingelixir&utm_medium=shownotes) – Gleam v1.10.0 will ship with Build SBoMs and SLSA build provenance for all release artifacts and Docker images, improving visibility into dependencies and software supply chain security. https://x.com/theerlef/status/1910348770514006242 (https://x.com/theerlef/status/1910348770514006242?utm_source=thinkingelixir&utm_medium=shownotes) – The "Elixir Secure Coding Training (ESCT)" project has been transferred to the Erlang Ecosystem Foundation for a more permanent home and maintainership. https://bsky.app/profile/davelucia.com/post/3lmcqhzoc7c26 (https://bsky.app/profile/davelucia.com/post/3lmcqhzoc7c26?utm_source=thinkingelixir&utm_medium=shownotes) – Dave Lucia shares information about the ESCT project transfer from Podium to TvLabs and ultimately to the EEF. https://github.com/erlef/elixir-secure-coding (https://github.com/erlef/elixir-secure-coding?utm_source=thinkingelixir&utm_medium=shownotes) – An interactive cybersecurity curriculum designed for enterprise use at software companies using Elixir. https://github.com/phoenixframework/phoenix/pull/6184 (https://github.com/phoenixframework/phoenix/pull/6184?utm_source=thinkingelixir&utm_medium=shownotes) – Fix for Plug.Debugger screen which was showing ANSI codes in HTML. https://github.com/phoenixframework/phoenix/pull/6194 (https://github.com/phoenixframework/phoenix/pull/6194?utm_source=thinkingelixir&utm_medium=shownotes) – Fix for the Phoenix installer's incorrect application of custom variants in tailwind v4. https://github.com/team-alembic/ash_authentication/security/advisories/GHSA-3988-q8q7-p787 (https://github.com/team-alembic/ash_authentication/security/advisories/GHSA-3988-q8q7-p787?utm_source=thinkingelixir&utm_medium=shownotes) – AshAuthentication vulnerability published with mitigation steps - update packages, set requireinteraction to true, and add confirmroute above auth_routes. https://elixirconf.com/ (https://elixirconf.com/?utm_source=thinkingelixir&utm_medium=shownotes) – ElixirConf US 2025 is open for submitting talks and workshops in Orlando. Talk submissions due April 29, workshop submissions due April 15. https://x.com/elixirconf/status/1907843035544826137 (https://x.com/elixirconf/status/1907843035544826137?utm_source=thinkingelixir&utm_medium=shownotes) – Announcement for ElixirConf US 2025 in Orlando with deadlines for talk and workshop submissions. https://x.com/ElixirConfEU/status/1911747531953832323 (https://x.com/ElixirConfEU/status/1911747531953832323?utm_source=thinkingelixir&utm_medium=shownotes) – ElixirConfEU Speakers were announced for the upcoming conference in Krakow, Poland. https://www.elixirconf.eu/#tickets (https://www.elixirconf.eu/#tickets?utm_source=thinkingelixir&utm_medium=shownotes) – Ticket information for ElixirConfEU - 250 Euros for virtual ticket, 600 Euros for in-person ticket. https://www.elixirconf.eu/#keynotes (https://www.elixirconf.eu/#keynotes?utm_source=thinkingelixir&utm_medium=shownotes) – Keynote information for ElixirConfEU in Krakow, Poland, May 14-16 (training on May 14, regular sessions on May 15-16). Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at show@thinkingelixir.com (mailto:show@thinkingelixir.com) Find us online - Message the show - Bluesky (https://bsky.app/profile/thinkingelixir.com) - Message the show - X (https://x.com/ThinkingElixir) - Message the show on Fediverse - @ThinkingElixir@genserver.social (https://genserver.social/ThinkingElixir) - Email the show - show@thinkingelixir.com (mailto:show@thinkingelixir.com) - Mark Ericksen on X - @brainlid (https://x.com/brainlid) - Mark Ericksen on Bluesky - @brainlid.bsky.social (https://bsky.app/profile/brainlid.bsky.social) - Mark Ericksen on Fediverse - @brainlid@genserver.social (https://genserver.social/brainlid) - David Bernheisel on Bluesky - @david.bernheisel.com (https://bsky.app/profile/david.bernheisel.com) - David Bernheisel on Fediverse - @dbern@genserver.social (https://genserver.social/dbern)

Este fin de semana he estado montando y probando Music Assistant, un sistema que permite unir todos nuestros servicios de música con todos nuestros altavoces y reproductores. Además, se integra perfectamente con Home Assistant.

Docker launched "Docker Model Runner" to run LLMs through llama.cpp with a single "docker model" command. In this episode Bret details examples and some useful use cases for using this way to run LLMs. He breaks down the internals. How it works, when you should use it or not use it; and, how to get started using Open WebUI for a private ChatGPT-like experience.★Topics★Model Runner DocsHub ModelsOCI ArtifactsOpen WebUIMy Open WebUI Compose fileCreators & Guests Cristi Cotovan - Editor Beth Fisher - Producer Bret Fisher - Host (00:00) - Intro (00:46) - Model Runner Elevator Pitch (01:28) - Enabling Docker Model Runner (04:28) - Self Promotion! Is that an ad? For me? (05:03) - Downloading Models (07:11) - Architectrure of Model Runner (10:49) - ORAS (11:09) - What's next for Model Runner? (12:13) - Troubleshooting You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

RedTail: Remnux and Malware Management A description showing how to set up a malware analysis in the cloud with Remnux and Kasm. RedTail is a sample to illustrate how the environment can be used. https://isc.sans.edu/diary/RedTail%2C%20Remnux%20and%20Malware%20Management%20%5BGuest%20Diary%5D/31868 Critical Erlang/OTP SSH Vulnerability Researchers identified a critical vulnerability in the Erlang/OTP SSH library. Due to this vulnerability, SSH servers written in Erlang/OTP allow arbitrary remote code execution without prior authentication https://www.openwall.com/lists/oss-security/2025/04/16/2 Brickstorm Analysis An analysis of a recent instance of the Brickstorm backdoor. This backdoor used to be more known for infecting Linux systems, but now it also infects Windows. https://www.nviso.eu/blog/nviso-analyzes-brickstorm-espionage-backdoor https://blog.nviso.eu/wp-content/uploads/2025/04/NVISO-BRICKSTORM-Report.pdf OpenAI GPT 4.1 Controversy OpenAI released its latest model, GPT 4.1, without a safety report and guardrails to prevent malware creation. https://opentools.ai/news/openai-stirs-controversy-with-gpt-41-release-lacking-safety-report

In this episode Michael and Sarah talk with guest Amanda Minnich about securing agentic AI systems, the security challenges they face, and how to secure them.We also discuss Azure Security news about Azure File Sync, Docker support in Azure and a new series of Secure Future Initiative videos with appearances from Michael, Sarah, and various guests.

In this episode, Bill Kennedy interviews Jordan Long, co-founder and CTO of Nectir. They discuss Jordan's journey from high school in Hawaii to college at UCSB, his early interests in music and technology, and the challenges he faced in finding his path. Jordan shares his experiences with entrepreneurship, including his initial idea for a rideshare platform and the eventual creation of Nectir, a platform designed to connect students in the same classes. The conversation highlights the importance of community and collaboration in education and the entrepreneurial spirit. 00:00 Introduction00:30 What is Jordan  Doing Today?05:00 Early Interests09:00 Discovering Entrepreneurship14:00 College Decisions20:00 Beginning of Nectir34:30 Becoming an Entrepreneur Full-Time41:00 Early Funding / Hiring59:50 Developing Nectir AI Assistant1:05:20 Learning Prompting and Chunking1:18:00 Building with AI in the Future1:24:20 Contact Info Connect with Jordan: Linkedin: https://www.linkedin.com/in/jordan-t-long/Mentioned in this Episode:Nectir: https://www.nectir.io/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

Accenture, American Express, ASOS, EY, Four Seasons Hotels, Google, NBC Universal  are his clientsFrm Royal Air Force Senior Officer, Frm. International Negotiator for the UK Government,  executive coach. Google, Accenture, American Express His first book, 'Find Your Why: A Practical Guide for Discovering Purpose for You and Your Team', co-authored with Simon Sinek and David Mead. Peter gets up every day inspired to enable people to be extraordinary so that they can do extraordinary things. Collaborating with Simon Sinek for over 7 years, he was a founding Igniter and Implementation Specialist on the Start With Why team, teaching leaders and companies how to use the concept of Why."The first step is to distinguish leadership from management. “Management is about handling complexity,” explains Docker, while “leadership is about creating simplicity. It's about cutting through the noise, identifying what's really important, making it personal for people, bringing them together and connecting them.”  ~  Peter Docker in Venteur Magazine January 2023One of Peter's latest books, 'Leading from The Jumpseat: How to Create Extraordinary Opportunities by Handing Over Control'Peter's commercial and industry experience has been at the most senior levels in sectors including oil & gas, construction, mining, pharmaceuticals, banking, television, film, media, manufacturing and services - across more than 90 countries. His career has spanned professional pilot; leading an aviation training and standards organisation; teaching post-graduates at an international college; and running multi-billion dollar procurement projects. A former Royal Air Force senior officer, he has been a Force Commander during combat flying operations and has seen service across the world. He is a seasoned crisis manager, a former international negotiator for the UK Government and executive coach.© 2025 Building Abundant Success!!2025 All Rights ReservedJoin Me on ~ iHeart Media @ https://tinyurl.com/iHeartBASSpot Me on Spotify: https://tinyurl.com/yxuy23bAmazon Music ~ https://tinyurl.com/AmzBASAudacy:  https://tinyurl.com/BASAud

This week, we discuss the shifting world of observability, the nightmare of “Configuration Hell,” and OpenAI's latest valuation. Plus, a surprise Broadway musical review! Runner-up Titles We say we're friends, but I don't really know them Observability 2025 I don't have any sympathy for anyone If you want to win observability, put on a musical Just is THE trigger word It's a well-known Hell The blog posts are making me angry Rundown CISO MUSICAL | Official Broadway Trailer (https://www.youtube.com/watch?v=4W17F9Ho_38) Monitoring is back Observability 3.0 - bitdrift Blog (https://blog.bitdrift.io/post/observability-3-0) Another observability 3.0 appears on the horizon (https://charity.wtf/2025/03/24/another-observability-3-0-appears-on-the-horizon/) ControlTheory Secures $5M Seed Funding to Bring Controllability to Observability (https://www.controltheory.com/blog/controltheory-secures-5m-seed-funding-to-bring-controllability-to-observability/) What is (https://www.controltheory.com/blog/what-is-controllability/) Cloud veterans launch ConfigHub to fix 'configuration hell' (https://techcrunch.com/2025/03/26/cloud-veterans-launch-confighub-to-fix-configuration-hell/) DOGE Plans to Rebuild SSA Codebase In Months, Risking Benefits and System Collapse (https://www.wired.com/story/doge-rebuild-social-security-administration-cobol-benefits/) OpenAI Exclusive | The Secrets and Misdirection Behind Sam Altman's Firing From OpenAI (https://www.wsj.com/tech/ai/the-real-story-behind-sam-altman-firing-from-openai-efd51a5d?st=GmdXEX&reflink=desktopwebshare_permalink) OpenAI closes $40 billion funding round, largest private tech deal on record (https://www.cnbc.com/2025/03/31/openai-closes-40-billion-in-funding-the-largest-private-fundraise-in-history-softbank-chatgpt.html) Relevant to your Interests How vibe coding will affect Engineering Managers (https://newsletter.manager.dev/p/effect-of-ai-on-engineering-managers) Mastering GitHub Copilot: When to use AI agent mode (https://github.blog/ai-and-ml/github-copilot/mastering-github-copilot-when-to-use-ai-agent-mode/) Using Spring AI 1.0.0-SNAPSHOT: Important Changes and Updates (https://spring.io/blog/2025/03/27/spring-ai-update-to-snapshots) Former Intel CEO Pat Gelsinger Makes a Few More Long-Shot Bets (https://www.wsj.com/articles/former-intel-ceo-pat-gelsinger-makes-a-few-more-long-shot-bets-01e7337f) Pat Gelsinger has joined VC firm Playground Global (https://www.axios.com/newsletters/axios-pro-rata-ad45da7c-2daa-4290-b379-bba556718155.html?chunk=2&utm_term=emshare#story2) Amazon Is Canceling a Major Alexa Privacy Feature on March 28: Should You Worry? (https://www.cnet.com/home/security/amazon-is-canceling-this-alexa-privacy-feature-on-march-28-should-you-worry/) oneAPI: A New Era of Heterogeneous Computing (https://www.intel.com/content/www/us/en/developer/tools/oneapi/overview.html#gs.kqodnv) Amazon unveils Nova Act, an AI agent that can control a web browser (https://techcrunch.com/2025/03/31/amazon-unveils-nova-act-an-ai-agent-that-uses-a-web-browser/) Ransomware Found in VSCode Extensions Raises Concerns Over Microsoft's Security Review (https://www.cysecurity.news/2025/03/ransomware-found-in-vscode-extensions.html?m=1) Lip-Bu Tan says Intel will spin off non-core units (https://techcrunch.com/2025/04/01/lip-bu-tan-says-intel-will-spin-off-non-core-units/) Announcing Chainguard VMs: Minimal, Zero-CVE Container Host Images (https://www.chainguard.dev/unchained/announcing-chainguard-vms-minimal-zero-cve-container-host-images) Andreessen Horowitz in talks to help buy out TikTok's Chinese owners (https://on.ft.com/4iXhAkG) Nonsense This couple is obsessed with Costco. Why do they love it so much? (https://www.deseret.com/2024/1/10/24031947/joy-of-costco-susan-and-david-schwartz-king-husein-utah/) CISO MUSICAL | Official Broadway Trailer (https://www.youtube.com/watch?v=4W17F9Ho_38) Conferences DevOps Days Atlanta (https://devopsdays.org/events/2025-atlanta/welcome/), April 29-30 Cloud Foundry Day US (https://events.linuxfoundation.org/cloud-foundry-day-north-america/), May 14th, Palo Alto, CA NDC Oslo (https://ndcoslo.com/), May 21-23, Coté speaking. SDT News & Community Join our Slack community (https://softwaredefinedtalk.slack.com/join/shared_invite/zt-1hn55iv5d-UTfN7mVX1D9D5ExRt3ZJYQ#/shared-invite/email) Email the show: questions@softwaredefinedtalk.com (mailto:questions@softwaredefinedtalk.com) Free stickers: Email your address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) Follow us on social media: Twitter (https://twitter.com/softwaredeftalk), Threads (https://www.threads.net/@softwaredefinedtalk), Mastodon (https://hachyderm.io/@softwaredefinedtalk), LinkedIn (https://www.linkedin.com/company/software-defined-talk/), BlueSky (https://bsky.app/profile/softwaredefinedtalk.com) Watch us on: Twitch (https://www.twitch.tv/sdtpodcast), YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured), Instagram (https://www.instagram.com/softwaredefinedtalk/), TikTok (https://www.tiktok.com/@softwaredefinedtalk) Book offer: Use code SDT for $20 off "Digital WTF" by Coté (https://leanpub.com/digitalwtf/c/sdt) Sponsor the show (https://www.softwaredefinedtalk.com/ads): ads@softwaredefinedtalk.com (mailto:ads@softwaredefinedtalk.com) Recommendations Brandon: OrbStack · Fast, light, simple Docker & Linux (https://orbstack.dev/) Photo Credits Header (https://unsplash.com/photos/red-theater-curtain-WW1jsInXgwM)

DYLAN COZENS RETURN BACK TO BUFFALO. A NICE RESPONSE TO FROM CROWN DURING HIS TRIBUTE VIDEO. BERNARD-DOCKER SCORES VS OLD TEAM. HE'S PLAYING HARDTO TRY AND STAY IN THE LEAGUE. PLAYER TRIBUTE VIDEOS, WHY DO WE DO THIS? JR JOINS THE SHOW TO TALK SABRES, TRIBUTE VIDEOS, CBA NEGOTIATIONS AND EXPANSION Learn more about your ad choices. Visit megaphone.fm/adchoices

Today we explore the wild world of Python deployment with my friend, Calvin Hendricks-Parker from Six Feet Up. We'll tackle some of the biggest challenges in taking a Python app from “it works on my machine” to production, covering inconsistent environments, conflicting dependencies, and sneaky security pitfalls. Along the way, Calvin shares how containerization with Docker and Kubernetes can both simplify and complicate deployments, especially for smaller teams. Finally, we'll introduce Scaf, a powerful project blueprint designed to give developers a rock-solid start on Python web projects of all sizes. Get notified when the Talk Python in Production book goes live and read the first third online right now. Episode sponsors Posit Python in Production Talk Python Courses Links from the show Calvin Hendryx-Parker: github.com Scaf on GitHub: github.com Scaf on GitHub (duplicate): github.com "Deploy the Dream" song: deploy-the-dream-talk-python.mp3 CloudDevEngineering YouTube Channel: youtube.com TechWorld with Nana YouTube Channel: youtube.com Tilt (Kubernetes Dev Tool): tilt.dev Talos (Minimal OS for Kubernetes): talos.dev Traefik Reverse Proxy: traefik.io Sealed Secrets on GitHub: github.com Argo CD Documentation: readthedocs.io MailHog on GitHub: github.com Next.js: nextjs.org Cloud Custodian: cloudcustodian.io Valky (Redis Replacement): valkey.io “The ‘Works on My Machine' Certification Program” (Coding Horror): blog.codinghorror.com NVIDIA's First Desktop AI PC (Ars Technica): arstechnica.com Kind (Kubernetes in Docker): kind.sigs.k8s.io Updated Effective PyCharm Course: training.talkpython.fm Talk Python in Production book: talkpython.fm/books/python-in-production Watch this episode on YouTube: youtube.com Episode transcripts: talkpython.fm --- Stay in touch with us --- Subscribe to Talk Python on YouTube: youtube.com Talk Python on Bluesky: @talkpython.fm at bsky.app Talk Python on Mastodon: talkpython Michael on Bluesky: @mkennedy.codes at bsky.app Michael on Mastodon: mkennedy