Podcasts about docker

Occupation of loading and unloading ships

  • 1,376PODCASTS
  • 7,236EPISODES
  • 50mAVG DURATION
  • 1DAILY NEW EPISODE
  • May 28, 2025LATEST
docker

POPULARITY

20172018201920202021202220232024

Categories



Best podcasts about docker

Show all podcasts related to docker

Latest podcast episodes about docker

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Wednesday May 28th 2025: Securing authorized_keys; ADAuditPlus SQL Injection; Dero Miner vs Docker API

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later May 28, 2025 6:37


SSH authorized_keys File One of the most common techniques used by many bots is to add rogue keys to the authorized_keys file, implementing an SSH backdoor. Managing these files and detecting unauthorized changes is not hard and should be done if you operate Unix systems. https://isc.sans.edu/diary/Securing%20Your%20SSH%20authorized_keys%20File/31986 REMOTE COMMAND EXECUTION ON SMARTBEDDED METEOBRIDGE (CVE-2025-4008) Weatherstation software Meteobridge suffers from an easily exploitable unauthenticated remote code execution vulnerability https://www.onekey.com/resource/security-advisory-remote-command-execution-on-smartbedded-meteobridge-cve-2025-4008 https://forum.meteohub.de/viewtopic.php?t=18687 Manageengine ADAuditPlus SQL Injection Zoho patched two SQL Injection vulnerabilities in its ManageEngine ADAuditPlus product https://www.manageengine.com/products/active-directory-audit/cve-2025-41407.html https://www.manageengine.com/products/active-directory-audit/cve-2025-36527.html Dero Miner Infects Containers through Docker API Kaspersky found yet another botnet infecting docker containers to spread crypto coin miners. The initial access happens via exposed docker APIs. https://securelist.com/dero-miner-infects-containers-through-docker-api/116546/

DevOps and Docker Talk
What you missed at KubeCon

DevOps and Docker Talk

Play Episode Listen Later May 24, 2025 39:21


At KubeCon EU 2025 in London, Nirmal and I discussed the important (and not-so-important) things you might have missed. There's also a video version of this show on YouTube.Creators & Guests Cristi Cotovan - Editor Beth Fisher - Producer Bret Fisher - Host Nirmal Mehta - Host (00:00) - DDT Audio Podcast Edited (00:04) - Intro (01:24) - KubeCon 2025 EU Overview (03:24) - Platform Engineering and AI Trends (07:03) - AI and Machine Learning in Kubernetes (15:38) - Project Pavilions at KubeCon (17:05) - FinOps and Cost Optimization (20:39) - HAProxy and AI Gateways (24:00) - Proxy Intelligence and Network Layer Optimization (26:52) - Developer Experience and Organizational Challenges (29:23) - Platform Engineering and Cognitive Load (35:54) - End of Life for CNCF Projects You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

Ardan Labs Podcast
CloudLife, Business, and Persistence with Ryan Ryke

Ardan Labs Podcast

Play Episode Listen Later May 21, 2025 84:45


In this episode, Bill Kennedy interviews Ryan Ryke, founder of CloudLife Consulting, focusing on AWS and cloud computing. They discuss the challenges of understanding AWS billing, the importance of managing cloud storage, and the benefits of using services like Cloud Run and Fargate. The conversation also touches on the evolution of engineering perspectives on complexity, the shift towards simpler infrastructure solutions, and personal experiences with technology. 00:00 Introduction00:30 What is Ryan Doing Today?9:00 Cloud Run Experience13:00 Handling Complexity21:00 Running Local LLMs25:30 First Memory of a Computer33:20 Entering University36:30 Relevant Education42:00 Early Industry53:00 Trading Stocks1:05:00  Discovering AWS 1:10:00 Starting a Business1:16:00 Maintaining Steady Clients1:22:00 Contact Info Connect with Ryan: Linkedin: https://www.linkedin.com/in/ryanrykeX: https://x.com/itsacloudlife99Email: ryan@cloudlife.ioMentioned in this Episode:CloudLife Consulting: https://www.cloudlife.io/Fargate: https://aws.amazon.com/fargate/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

Kodsnack
Kodsnack 643 - Plockepinn och cementblandare

Kodsnack

Play Episode Listen Later May 20, 2025 59:09


Varför tror vi inte på att vi kan lösa våra egna problem? Fredrik och Kristoffer börjar med att följa upp diskussionen om att skriva om för att förenkla saker och minska abstraktioner. Flera lyssnare har undrat: har man inte abstraktioner för att förenkla framtida förändringar och anpassningar? Riskerar man inte att fastna i ett lokalt minimum där ens lösning är alldeles för specifik för att kunna anpassas i framtiden? Fredrik undrar om vi låst in oss alldeles för mycket i ett tankesätt som landar i att vi aldrig kan veta något. Alla pratar om lösningar på problem man haft, ingen pratar om problem man haft? Vad är problemet man faktiskt löst? Och varför tror vi inte på att vi kan lösa vårt eget problem? (Och AI är motsatsen till att lära sig lösa problem.) Vi behöver mer Barry O'Reilly i branschen! Men det är en utmaning att förstå hans tankar. Sist men inte minst berättar Kristoffer hur han hittade Coolify och varför det tilltalar honom så mycket. Ett stort tack till Cloudnet som sponsrar vår VPS! Har du kommentarer, frågor eller tips? Vi är @kodsnack, @thieta, @krig, och @bjoreman på Mastodon, har en sida på Facebook och epostas på info@kodsnack.se om du vill skriva längre. Vi läser allt som skickas. Gillar du Kodsnack får du hemskt gärna recensera oss i iTunes! Du kan också stödja podden genom att ge oss en kaffe (eller två!) på Ko-fi, eller handla något i vår butik. Länkar Mastodon-mastodonten Barry O'Reilly Kodsnsck 632 - avsnittet om att skriva om saker - skriv om när man förstår problemet Jeff Atwood Artikeln om Netscapes omskrivning och second system syndrome - av Joel Spolsky, inte Jeff Atwood Second-system syndrome Babel Platos grotta Stöd oss på Ko-fi! Helm CDK - genererar Helm-grafer Patterns Bottom-up och top-down Richard Feynmans problemlösningsalgoritm Strapi Kamal Coolify Caprover Docker swarm Docker stack Hetzner Milisav Radmanić - utvecklingschef på Hetzner Grug brained developer Forgejo Traefik Coolify cloud Reverse proxy Fastmail Cloudnet Titlar Kristoffer är med på länk Förändringsbart och förvaltningsbart Nu ska vi lösa ett generellt problem En generell transpilator Fokuserade för mycket på Platos grotta Man ser bara den perfekta stolen Mindre kapabel att hantera verkligheten Fastna i ett lokalt minimum Helt enkelt inte sant Lösa problemet här och nu Min rulle tejp En boll med tejp och legobitar Jätteabstraherade pusselbitar Rullar med tejp och legobitar Vi utgår från en lösning Kunskapen för att kunna bygga en lösning Rosenkvist till AI Plockepinn och cementblandare Lösningsorienterat Problemorienterat Kan vi glömma teknik Z för stunden? Allt jag kan se är tejp och legobitar? Deras problem är inte mitt problem Hybristoppen Tomt på bagage Se problemet med klarhet

Sospechosos Habituales
ATA 695 Como evito sustos con Docker (y tu deberías hacerlo también)

Sospechosos Habituales

Play Episode Listen Later May 19, 2025 23:51


rubadb es un contenedor #docker con el que crear #backup y copias de seguridad de bases de datos y volumenes docker de forma sencilla y programadaMe aterra la posibilidad de encontrarme un día con la desagradable sorpresa de haber perdido toda la información que tengo en atareao.es. Esto me ha llevado a buscar distintas soluciones para intetar evitar que esto se vuelva una realidad, y como ya te puedes imaginar, una de las estrategias que he implementado ha sido el uso de backups o copias de seguridad. Inicialmente la solución recaía en el proveedor del hosting, sin embargo, con el paso del tiempo, esto ha ido cambiando, pasando, al principio por soluciones mas manuales, para convertirse en procesos automáticos conforme he ido adquiriendo los suficientes conocimientos para hacerlo.Más información y enlaces en las notas del episodio

Sustain
Episode 269: Marianne Bellotti & Greg Wilson on 10 quick tips for making your software outlive your job

Sustain

Play Episode Listen Later May 16, 2025 44:16


Guests Marianne Bellotti | Greg Wilson Panelist Richard Littauer Show Notes In this episode of Sustain, host Richard Littauer talks with Marianne Bellotti, author of *Kill It with Fire, *and Greg Wilson, co-founder of the Carpentries, about what happens to your code when you leave your job and how to make sure it survives. They discuss their new paper, "10 quick tips for making your software outlive your job (https://arxiv.org/abs/2505.06484)," and share practical strategies for protecting, documenting, and sustaining code in open source, research, and civil service environments. Whether you're preparing for a job change or want to future-proof your work, this conversation offers real-world advice for developers and researchers alike. Hit the download button now! [00:03:04] Greg and Marianne talk about challenges in code sustainability. [00:05:46] Greg speaks about how scientists often prototype rather than build production quality code. [00:09:48] We start with Step 1 in the paper: “Consider your threat mode.” Greg explains the different plans needed for individual vs. systematic departures, Marianne speaks about the importance of understanding code lifecycle-some code has a “fruit fly” lifespan others a “tortoise” one, and Richard adds to think about reframe threat modeling around future usefulness. [00:15:53] There's a discussion on Step 2: “Get sign-off on releasing it publicly.” [00:21:30] Greg discusses Step 3: “Choose an open license” and emphasizes to stick to well-known licenses (MIT, BSD), don't write your own, and he shares a funny story. [00:25:29] Richard talks about Step 4: “Put your code somewhere safe” and shares to upload code to GitHub, Codeberg, OSF, Zenodo, etc. Greg suggest peer-to-peer methods like torrents could help long-term preservation and Marianne emphasizes the importance of verified identities when sharing. [00:29:21] Marianne introduces Step 5: “Document your code.” Greg shares that most documentation goes unread and LLMs could help mine useful documentation from conversation records and Marianne emphasizes to focus on “how to run it” first and tests are a part of your documentation. [00:35:17] Step 6: “Make your code reproducible.” Greg and Marianne discuss using tools like Docker, uv for Python lockfiles, etc., for dependency management. [00:36:23] Step 7: “Make your code citable” and Step 8: “Encourage community adoption.” Richard mentions to add a CITATION.cff file so others can cite your code and Greg mentions a great book he read that changed the way he viewed this called, Marketing for Scientists, by Marc Kuchner. [00:38:49] Step 9: “Write a succession or sunsetting plan.” Marianne shares to define success and failure criteria for projects explicitly. [00:40:36] Step 10: “Talk about what you're doing.” Greg emphasizes to celebrate and grieve project endings properly and Richard encourages listeners to check out the paper, read it, and if you see something missing you can contribute back. [00:43:12] Fnal thoughts from Greg and Marianne: Organize collectively to protect science and code sustainability and find your team. Quotes [00:12:10] “Weapons begin as toys.” [00:14:09] “All code is throwaway code.” [00:27:34] “Sooner or later every library burns.” [00:29:44] “Most documentation is never read by anybody because it's not answering the questions that you actually have.” [00:41:05] “Take some time to celebrate and to grieve.” Links SustainOSS (https://sustainoss.org/) podcast@sustainoss.org (mailto:podcast@sustainoss.org) richard@sustainoss.org (mailto:richard@sustainoss.org) SustainOSS Discourse (https://discourse.sustainoss.org/) SustainOSS Mastodon (https://mastodon.social/tags/sustainoss) SustainOSS Bluesky (https://bsky.app/profile/sustainoss.bsky.social) SustainOSS LinkedIn (https://www.linkedin.com/company/sustainoss/) Open Collective-SustainOSS (Contribute) (https://opencollective.com/sustainoss) Richard Littauer Socials (https://www.burntfen.com/2023-05-30/socials) Marianne Bellotti (Medium) (https://bellmar.medium.com/) Marianne Bellotti LinkedIn (https://www.linkedin.com/in/bellmar/) Greg Wilson GitHub (https://www.linkedin.com/in/greg-wilson-a26510b6/?originalSubdomain=ca) Greg Wilson LinkedIn (https://www.linkedin.com/in/greg-wilson-a26510b6/?originalSubdomain=ca) “10 Quick tips for making your code last beyond your current job” (draft) (https://docs.google.com/document/d/1jk0R8VL8lq1-LIbW9D5qwCkvxfXEobP0-RqSYF-4Io4/edit#heading=h.2ijt9lezevm3) Kill It With Fire by Marianne Bellotti (https://nostarch.com/kill-it-fire) Marketing for Scientists: How to Shine in Tough Times by Marc J. Kuchner (https://www.amazon.com/Marketing-Scientists-Shine-Tough-Times/dp/1597269948) Codeberg (https://codeberg.org/) Zenodo (https://zenodo.org/) OSF (https://osf.io/) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/) Special Guests: Greg Wilson and Marianne Bellotti.

The Recruiting Brainfood Podcast
Brainfood Live On Air - Ep300 - Hiring Manager Self Serve - the Past & Future of Recruitment?

The Recruiting Brainfood Podcast

Play Episode Listen Later May 16, 2025 60:50


HIRING MANAGER SELF SERVE - THE PAST AND FUTURE OF RECRUITMENT?   It was also the Past of Recruitment - where hiring managers were doing most of the work in hiring for their teams, everything from putting up adverts in shop windows, handling the first enquiries, reviewing CV's, screening candidates, scheduling interviews, interviewing candidates and then offering / hiring said candidates. Perhaps Personnel got involved in the contracts of employment, but 'recruitment' was once handled entirely by the line.   Could it be that this model returns, as AI improves to such an extent that a centralised TA function may not be the most optimal model?   Lets explore how some companies have shifted from centralised TA to empowering hiring managers to do more of the hiring work   - What conditions best suit centralised vs decentralised TA teams? - Pro's / Cons of decentralised vs centralised - What degree of hiring maturity is required for hiring manager self serve? - Retail franchises are the obvious business type for this model: which others? - How to avoid hiring managers bad practice in hiring? - Bias mitigation - realistic in HM? - How to ensure QoH in decentralised model? - What tools are best suited for this model - How does AI support hiring manager self serve? - What role does a recruiter continue to play in such a set up? - How can a business improve its hiring capability if we go hiring manager self serve? - What are the top things to remember if you are planning to making this shift?   We're with Martin Warren, TA Leader (ex-Grab), Lyndsey Taylor, Head of HR Transformation (Brooks Automation) & friends   We are on Friday 16th May, 2pm BST   Register by clicking the green button and follow the channel here (recommended)         Ep300 is sponsored by our friends at Ashby   Ashby is what an ATS should be: an integration of sourcing automation, AI-supported outreach sequencing, native interview scheduling, a searchable CRM, and advanced analytics – all in one ATS++ system. That means better data, less context switching, and more streamlined workflows. Chosen by over a thousand companies, including Quora, Docker, Ironclad, and Multiverse, Ashby stands out as the top-rated ATS on G2. It is renowned for its real-time and reliable reporting, the ability to centralize the entire hiring process, and unparalleled customer support.   Talent Trends Reports are freely available: Download the latest here

Ardan Labs Podcast
Remote Work, Relationships, and Software with Infant Mystica

Ardan Labs Podcast

Play Episode Listen Later May 14, 2025 60:45


In this conversation, Infant Mystica shares her journey of building a professional network through social media, the innovative language translation technology she works on, and the dynamics of remote work across different time zones. She discusses her aspirations for career growth, the importance of attending tech conferences, and her experiences as a software developer in the evolving tech landscape.00:00 Introduction00:30 What is Mystica Doing Today?03:10 First Experiences with a Computer05:30 Highschool Interests / Classes13:00 Entering University15:00 Interest in Computer Science22:00 College Living27:00 COVID-19 and Remote Learning34:00 Entering Industry / Networking41:30 First Job at Translate Live50:00 Working Hours and Time Zones55:00 Traveling and ExplorationConnect with Mystica: Linkedin: https://www.linkedin.com/in/infant-mystica-810776195/X: https://x.com/mysticainfMystica's Site: https://mystica.meMentioned in this Episode:TranslateLive: https://www.translatelive.com/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

Desde el reloj
¿Cómo funcionan las redes en Docker?

Desde el reloj

Play Episode Listen Later May 13, 2025 16:15


Un oyente me pidió que hablase sobre el tema de las redes en Docker, así que aquí está mi explicación. Puede ser algo muy complejo, pero espero que te quedes, al menos, con los conceptos básicos.

BIT-BUY-BIT's podcast
Stolen Funds & Shutdowns | MONERO MONTHLY 05

BIT-BUY-BIT's podcast

Play Episode Listen Later May 9, 2025 78:51 Transcription Available


Join us for Monero Monthly, your go-to show for a roundup of the latest happenings in the Monero ecosystem. Hosts Max and Seth bring you up to speed on everything from software developments and updates to cutting-edge hardware and emerging businesses.GeneralMonero's 11th birthdayMonero launched on April 18th, 2014 by thankful_for_todayhttps://bitcointalk.org/index.php?topic=563821.0Code fork of Bytecoin, was basically a scam created from an amazing whitepaper (Cryptonote) and extensively pre-mined/lied aboutMonero has continued to consistently and effectively iterate and improve over those 11yMonero pumping?!?Most likely caused by a major theft of 3520 BTC, which was then supposedly swapped entirely to Monero via instant exchangershttps://x.com/zachxbt/status/1916756932763046273Zachxbt uses Monero for payments "frequently"https://x.com/zachxbt/status/1916803068261458010?t=CKSXcDMsYdTmGjTcSHQP3Q&s=19Exodus wallet dropping Monero supportAugust 10th deadlineMigration to Cake is their recommended pathNo conspiracy theories that I know of, have worked closely with them on the migration pathhttps://monero.observer/exodus-to-end-support-monero-10-august-2025/Exch instant exchange shutting downVery antagonistic in the pastRefused to block or freeze funds from the ByBit hack, broadly used to move funds to other cryptocurrencies, including MoneroMany centralized services and exchanges marked their funds as tainted immediately after their handling of the ByBit hack, neutering the usefulness of swapping through eXch overallSupposedly being targeted by a "transatlantic operation", no real evidence provided but after ByBit hack funds moved through them it's not impossiblehttps://monero.observer/exch-instant-exchange-to-shut-down-may-1-2025/Software updatesMonero v0.18.4.0DoS vulnerability fixWas widely deployed via my Docker image and by most popular node operators, including Cake, before this public releaseBackground sync w/ view key onlyThis is how Cake Wallet is doing background syncDrastically improved disk writes necessary when synchronizing a Monero nodeLess wear on disks, slightly fasterhttps://monero.observer/monero-v0.18.4.0-fluorine-fermi-released/Cake Wallet v4.25, 4.26, and 4.27 and new brandv4.25New logoTalk about new brandDrastically improved Monero wallet performance, especially for wallets with extensive historyBroad UI/UX enhancementsv4.26BIP 39 seeds and wallet groups for MoneroDFX's OpenCryptoPayOpen standard for simple integration of Bitcoin/Monero payments into traditional PoS systemsRolling out to all Spar stores in Switzerland, getting a ton of publicityOnly Cake Wallet supports it natively, but Lightning wallets with LN-URL support don't require direct integrationDrastically improved address display, using the Bitcoin Design guidelines as seen in Trezor and Foundation hardware walletsDrastically simplified buying/selling of cryptoV4.27Drastically improved background syncLimit to wifi-only, charging-only, inactive-only, etc.Supports all cryptos now, except DecredFixes a bunch of edge cases and rare bugs with background syncLots of minor improvements and bug fixesHaveno v1.1.0/1Minor improvements and bug fixes, nothing majorImportant steps towards a safer and more usable projectLoving using Haveno Reto (retoswap.com)https://monero.observer/woodser-releases-haveno-v1.1.1-bugfixes/https://monero.observer/woodser-releases-haveno-v1.1.0-bugfixes/https://monero.observer/woodser-releases-haveno-v1.0.19-fixes-improvements/Feather Wallet v2.8.0/1Minor updates overallUpdated to Monero v0.18.4.0Updated integrated Tor + OpenSSLhttps://monero.observer/tobtoht-releases-feather-wallet-v2.8.1/https://monero.observer/feather-wallet-v2.8.0-released-fixes-improvements/Gupaxxx v1.9.0Minor improvements and bug fixesAwesome way to get started mining Monero on any computerhttps://monero.observer/cyrix126-releases-gupaxx-v1.9.0/Stack Wallet v2.1.11Namceoin name purchased and management in-appMinor improvements and updateshttps://monero.observer/rehrar-releases-stack-wallet-v2.1.11/Cuprate v0.0.2thttps://monero.observer/hinto-janai-releases-cuprated-v0.0.2-molybdenite/Monfluo v0.7.0Dead-simple stripped down walletFocus is on no integrations or features, just send/receive simplicityNot my cup of tea, but to each their ownhttps://monero.observer/acx-releases-monfluo-beta-v0.7.0/IMPORTANT LINKS https://freesamourai.comhttps://p2prights.org/donate.htmlhttps://ungovernablemisfits.comVALUE FOR VALUEThanks for listening you Ungovernable Misfits, we appreciate your continued support and hope you enjoy the shows.You can support this episode using your time, talent or treasure.TIME:- create fountain clips for the show- create a meetup- help boost the signal on social mediaTALENT:- create ungovernable misfit inspired art, animation or music- design or implement some software that can make the podcast better- use whatever talents you have to make a contribution to the show!TREASURE:- BOOST IT OR STREAM SATS on the Podcasting 2.0 apps @ https://podcastapps.com- DONATE via Paynym @ https://paynym.rs/+misfit- DONATE via Monero @ https://xmrchat.com/ugmf- BUY SOME STICKERS @ https://www.ungovernablemisfits.com/shop/FOUNDATIONhttps://foundation.xyz/ungovernableFoundation builds Bitcoin-centric tools that empower you to reclaim your digital sovereignty.As a sovereign computing company, Foundation is the antithesis of today's tech conglomerates. Returning to cypherpunk principles, they build open source technology that “can't be evil”.Thank you Foundation Devices for sponsoring the show!Use code: Ungovernable for $10 off of your purchaseCAKE WALLEThttps://cakewallet.comCake Wallet is an open-source, non-custodial wallet available on Android, iOS, macOS, and Linux.Features:- Built-in Exchange: Swap easily between Bitcoin and Monero.- User-Friendly: Simple interface for all users.Monero Users:- Batch Transactions: Send multiple payments at once.- Faster Syncing: Optimized syncing via specified restore heights- Proxy Support: Enhance privacy with proxy node options.Bitcoin Users:- Coin Control: Manage your transactions effectively.- Silent Payments: Static bitcoin addresses- Batch Transactions: Streamline your payment process.Thank you Cake Wallet for sponsoring the show!

Les Cast Codeurs Podcast
LCC 325 - Trier le hachis des concurrents

Les Cast Codeurs Podcast

Play Episode Listen Later May 9, 2025 109:42


Gros épisode qui couvre un large spectre de sujets : Java, Scala, Micronaut, NodeJS, l'IA et la compétence des développeurs, le sampling dans les LLMs, les DTO, le vibe coding, les changements chez Broadcom et Red Hat ainsi que plusieurs nouvelles sur les licences open source. Enregistré le 7 mai 2025 Téléchargement de l'épisode LesCastCodeurs-Episode-325.mp3 ou en vidéo sur YouTube. News Langages A l'occasion de JavaOne et du lancement de Java 24, Oracle lance un nouveau site avec des ressources vidéo pour apprendre le langage https://learn.java/ site plutôt à destination des débutants et des enseignants couvre la syntaxe aussi, y compris les ajouts plus récents comme les records ou le pattern matching c'est pas le site le plus trendy du monde. Martin Odersky partage un long article sur l'état de l'écosystème Scala et les évolutions du language https://www.scala-lang.org/blog/2025/03/24/evolving-scala.html Stabilité et besoin d'évolution : Scala maintient sa position (~14ème mondial) avec des bases techniques solides, mais doit évoluer face à la concurrence pour rester pertinent. Axes prioritaires : L'évolution se concentre sur l'amélioration du duo sécurité/convivialité, le polissage du langage (suppression des “rugosités”) et la simplification pour les débutants. Innovation continue : Geler les fonctionnalités est exclu ; l'innovation est clé pour la valeur de Scala. Le langage doit rester généraliste et ne pas se lier à un framework spécifique. Défis et progrès : L'outillage (IDE, outils de build comme sbt, scala-cli, Mill) et la facilité d'apprentissage de l'écosystème sont des points d'attention, avec des améliorations en cours (partenariat pédagogique, plateformes simples). Des strings encore plus rapides ! https://inside.java/2025/05/01/strings-just-got-faster/ Dans JDK 25, la performance de la fonction String::hashCode a été améliorée pour être principalement constant foldable. Cela signifie que si les chaînes de caractères sont utilisées comme clés dans une Map statique et immuable, des gains de performance significatifs sont probables. L'amélioration repose sur l'annotation interne @Stable appliquée au champ privé String.hash. Cette annotation permet à la machine virtuelle de lire la valeur du hash une seule fois et de la considérer comme constante si elle n'est pas la valeur par défaut (zéro). Par conséquent, l'opération String::hashCode peut être remplacée par la valeur de hash connue, optimisant ainsi les lookups dans les Map immuables. Un cas limite est celui où le code de hachage de la chaîne est zéro, auquel cas l'optimisation ne fonctionne pas (par exemple, pour la chaîne vide “”). Bien que l'annotation @Stable soit interne au JDK, un nouveau JEP (JEP 502: Stable Values (Preview)) est en cours de développement pour permettre aux utilisateurs de bénéficier indirectement de fonctionnalités similaires. AtomicHash, une implémentation Java d'une HashMap qui est thread-safe, atomique et non-bloquante https://github.com/arxila/atomichash implémenté sous forme de version immutable de Concurrent Hash Trie Librairies Sortie de Micronaut 4.8.0 https://micronaut.io/2025/04/01/micronaut-framework-4-8-0-released/ Mise à jour de la BOM (Bill of Materials) : La version 4.8.0 met à jour la BOM de la plateforme Micronaut. Améliorations de Micronaut Core : Intégration de Micronaut SourceGen pour la génération interne de métadonnées et d'expressions bytecode. Nombreuses améliorations dans Micronaut SourceGen. Ajout du traçage de l'injection de dépendances pour faciliter le débogage au démarrage et à la création des beans. Nouveau membre definitionType dans l'annotation @Client pour faciliter le partage d'interfaces entre client et serveur. Support de la fusion dans les Bean Mappers via l'annotation @Mapping. Nouvelle liveness probe détectant les threads bloqués (deadlocked) via ThreadMXBean. Intégration Kubernetes améliorée : Mise à jour du client Java Kubernetes vers la version 22.0.1. Ajout du module Micronaut Kubernetes Client OpenAPI, offrant une alternative au client officiel avec moins de dépendances, une configuration unifiée, le support des filtres et la compatibilité Native Image. Introduction d'un nouveau runtime serveur basé sur le serveur HTTP intégré de Java, permettant de créer des applications sans dépendances serveur externes. Ajout dans Micronaut Micrometer d'un module pour instrumenter les sources de données (traces et métriques). Ajout de la condition condition dans l'annotation @MetricOptions pour contrôler l'activation des métriques via une expression. Support des Consul watches dans Micronaut Discovery Client pour détecter les changements de configuration distribuée. Possibilité de générer du code source à partir d'un schéma JSON via les plugins de build (Gradle et Maven). Web Node v24.0.0 passe en version Current: https://nodejs.org/en/blog/release/v24.0.0 Mise à jour du moteur V8 vers la version 13.6 : intégration de nouvelles fonctionnalités JavaScript telles que Float16Array, la gestion explicite des ressources (using), RegExp.escape, WebAssembly Memory64 et Error.isError. npm 11 inclus : améliorations en termes de performance, de sécurité et de compatibilité avec les packages JavaScript modernes. Changement de compilateur pour Windows : abandon de MSVC au profit de ClangCL pour la compilation de Node.js sur Windows. AsyncLocalStorage utilise désormais AsyncContextFrame par défaut : offrant une gestion plus efficace du contexte asynchrone. URLPattern disponible globalement : plus besoin d'importer explicitement cette API pour effectuer des correspondances d'URL. Améliorations du modèle de permissions : le flag expérimental --experimental-permission devient --permission, signalant une stabilité accrue de cette fonctionnalité. Améliorations du test runner : les sous-tests sont désormais attendus automatiquement, simplifiant l'écriture des tests et réduisant les erreurs liées aux promesses non gérées. Intégration d'Undici 7 : amélioration des capacités du client HTTP avec de meilleures performances et un support étendu des fonctionnalités HTTP modernes. Dépréciations et suppressions : Dépréciation de url.parse() au profit de l'API WHATWG URL. Suppression de tls.createSecurePair. Dépréciation de SlowBuffer. Dépréciation de l'instanciation de REPL sans new. Dépréciation de l'utilisation des classes Zlib sans new. Dépréciation du passage de args à spawn et execFile dans child_process. Node.js 24 est actuellement la version “Current” et deviendra une version LTS en octobre 2025. Il est recommandé de tester cette version pour évaluer son impact sur vos applications. Data et Intelligence Artificielle Apprendre à coder reste crucial et l'IA est là pour venir en aide : https://kyrylo.org/software/2025/03/27/learn-to-code-ignore-ai-then-use-ai-to-code-even-better.html Apprendre à coder reste essentiel malgré l'IA. L'IA peut assister la programmation. Une solide base est cruciale pour comprendre et contrôler le code. Cela permet d'éviter la dépendance à l'IA. Cela réduit le risque de remplacement par des outils d'IA accessibles à tous. L'IA est un outil, pas un substitut à la maîtrise des fondamentaux. Super article de Anthropic qui essaie de comprendre comment fonctionne la “pensée” des LLMs https://www.anthropic.com/research/tracing-thoughts-language-model Effet boîte noire : Stratégies internes des IA (Claude) opaques aux développeurs et utilisateurs. Objectif : Comprendre le “raisonnement” interne pour vérifier capacités et intentions. Méthode : Inspiration neurosciences, développement d'un “microscope IA” (regarder quels circuits neuronaux s'activent). Technique : Identification de concepts (“features”) et de “circuits” internes. Multilinguisme : Indice d'un “langage de pensée” conceptuel commun à toutes les langues avant de traduire dans une langue particulière. Planification : Capacité à anticiper (ex: rimes en poésie), pas seulement de la génération mot par mot (token par token). Raisonnement non fidèle : Peut fabriquer des arguments plausibles (“bullshitting”) pour une conclusion donnée. Logique multi-étapes : Combine des faits distincts, ne se contente pas de mémoriser. Hallucinations : Refus par défaut ; réponse si “connaissance” active, sinon risque d'hallucination si erreur. “Jailbreaks” : Tension entre cohérence grammaticale (pousse à continuer) et sécurité (devrait refuser). Bilan : Méthodes limitées mais prometteuses pour la transparence et la fiabilité de l'IA. Le “S” dans MCP veut dire Securité (ou pas !) https://elenacross7.medium.com/%EF%B8%8F-the-s-in-mcp-stands-for-security-91407b33ed6b La spécification MCP pour permettre aux LLMs d'avoir accès à divers outils et fonctions a peut-être été adoptée un peu rapidement, alors qu'elle n'était pas encore prête niveau sécurité L'article liste 4 types d'attaques possibles : vulnérabilité d'injection de commandes attaque d'empoisonnement d'outils redéfinition silencieuse de l'outil le shadowing d'outils inter-serveurs Pour l'instant, MCP n'est pas sécurisé : Pas de standard d'authentification Pas de chiffrement de contexte Pas de vérification d'intégrité des outils Basé sur l'article de InvariantLabs https://invariantlabs.ai/blog/mcp-security-notification-tool-poisoning-attacks Sortie Infinispan 15.2 - pre rolling upgrades 16.0 https://infinispan.org/blog/2025/03/27/infinispan-15-2 Support de Redis JSON + scripts Lua Métriques JVM désactivables Nouvelle console (PatternFly 6) Docs améliorées (métriques + logs) JDK 17 min, support JDK 24 Fin du serveur natif (performances) Guillaume montre comment développer un serveur MCP HTTP Server Sent Events avec l'implémentation de référence Java et LangChain4j https://glaforge.dev/posts/2025/04/04/mcp-client-and-server-with-java-mcp-sdk-and-langchain4j/ Développé en Java, avec l'implémentation de référence qui est aussi à la base de l'implémentation dans Spring Boot (mais indépendant de Spring) Le serveur MCP est exposé sous forme de servlet dans Jetty Le client MCP lui, est développé avec le module MCP de LangChain4j c'est semi independant de Spring dans le sens où c'est dépendant de Reactor et de ses interface. il y a une conversation sur le github d'anthropic pour trouver une solution, mais cela ne parait pas simple. Les fallacies derrière la citation “AI won't replace you, but humans using AI will” https://platforms.substack.com/cp/161356485 La fallacie de l'automatisation vs. l'augmentation : Elle se concentre sur l'amélioration des tâches existantes avec l'IA au lieu de considérer le changement de la valeur de ces tâches dans un nouveau système. La fallacie des gains de productivité : L'augmentation de la productivité ne se traduit pas toujours par plus de valeur pour les travailleurs, car la valeur créée peut être capturée ailleurs dans le système. La fallacie des emplois statiques : Les emplois sont des constructions organisationnelles qui peuvent être redéfinies par l'IA, rendant les rôles traditionnels obsolètes. La fallacie de la compétition “moi vs. quelqu'un utilisant l'IA” : La concurrence évolue lorsque l'IA modifie les contraintes fondamentales d'un secteur, rendant les compétences existantes moins pertinentes. La fallacie de la continuité du flux de travail : L'IA peut entraîner une réimagination complète des flux de travail, éliminant le besoin de certaines compétences. La fallacie des outils neutres : Les outils d'IA ne sont pas neutres et peuvent redistribuer le pouvoir organisationnel en changeant la façon dont les décisions sont prises et exécutées. La fallacie du salaire stable : Le maintien d'un emploi ne garantit pas un salaire stable, car la valeur du travail peut diminuer avec l'augmentation des capacités de l'IA. La fallacie de l'entreprise stable : L'intégration de l'IA nécessite une restructuration de l'entreprise et ne se fait pas dans un vide organisationnel. Comprendre le “sampling” dans les LLMs https://rentry.co/samplers Explique pourquoi les LLMs utilisent des tokens Les différentes méthodes de “sampling” : càd de choix de tokens Les hyperparamètres comme la température, top-p, et leur influence réciproque Les algorithmes de tokenisation comme Byte Pair Encoding et SentencePiece. Un de moins … OpenAI va racheter Windsurf pour 3 milliards de dollars. https://www.bloomberg.com/news/articles/2025-05-06/openai-reaches-agreement-to-buy-startup-windsurf-for-3-billion l'accord n'est pas encore finalisé Windsurf était valorisé à 1,25 milliards l'an dernier et OpenAI a levé 40 milliards dernièrement portant sa valeur à 300 milliards Le but pour OpenAI est de rentrer dans le monde des assistants de code pour lesquels ils sont aujourd'hui absent Docker desktop se met à l'IA… ? Une nouvelle fonctionnalité dans docker desktop 4.4 sur macos: Docker Model Runner https://dev.to/docker/run-genai-models-locally-with-docker-model-runner-5elb Permet de faire tourner des modèles nativement en local ( https://docs.docker.com/model-runner/ ) mais aussi des serveurs MCP ( https://docs.docker.com/ai/mcp-catalog-and-toolkit/ ) Outillage Jetbrains défend la suppression des commentaires négatifs sur son assistant IA https://devclass.com/2025/04/30/jetbrains-defends-removal-of-negative-reviews-for-unpopular-ai-assistant/?td=rt-3a L'IA Assistant de JetBrains, lancée en juillet 2023, a été téléchargée plus de 22 millions de fois mais n'est notée que 2,3 sur 5. Des utilisateurs ont remarqué que certaines critiques négatives étaient supprimées, ce qui a provoqué une réaction négative sur les réseaux sociaux. Un employé de JetBrains a expliqué que les critiques ont été supprimées soit parce qu'elles mentionnaient des problèmes déjà résolus, soit parce qu'elles violaient leur politique concernant les “grossièretés, etc.” L'entreprise a reconnu qu'elle aurait pu mieux gérer la situation, un représentant déclarant : “Supprimer plusieurs critiques d'un coup sans préavis semblait suspect. Nous aurions dû au moins publier un avis et fournir plus de détails aux auteurs.” Parmi les problèmes de l'IA Assistant signalés par les utilisateurs figurent : un support limité pour les fournisseurs de modèles tiers, une latence notable, des ralentissements fréquents, des fonctionnalités principales verrouillées aux services cloud de JetBrains, une expérience utilisateur incohérente et une documentation insuffisante. Une plainte courante est que l'IA Assistant s'installe sans permission. Un utilisateur sur Reddit l'a qualifié de “plugin agaçant qui s'auto-répare/se réinstalle comme un phénix”. JetBrains a récemment introduit un niveau gratuit et un nouvel agent IA appelé Junie, destiné à fonctionner parallèlement à l'IA Assistant, probablement en réponse à la concurrence entre fournisseurs. Mais il est plus char a faire tourner. La société s'est engagée à explorer de nouvelles approches pour traiter les mises à jour majeures différemment et envisage d'implémenter des critiques par version ou de marquer les critiques comme “Résolues” avec des liens vers les problèmes correspondants au lieu de les supprimer. Contrairement à des concurrents comme Microsoft, AWS ou Google, JetBrains commercialise uniquement des outils et services de développement et ne dispose pas d'une activité cloud distincte sur laquelle s'appuyer. Vos images de README et fichiers Markdown compatibles pour le dark mode de GitHub: https://github.blog/developer-skills/github/how-to-make-your-images-in-markdown-on-github-adjust-for-dark-mode-and-light-mode/ Seulement quelques lignes de pure HTML pour le faire Architecture Alors, les DTOs, c'est bien ou c'est pas bien ? https://codeopinion.com/dtos-mapping-the-good-the-bad-and-the-excessive/ Utilité des DTOs : Les DTOs servent à transférer des données entre les différentes couches d'une application, en mappant souvent les données entre différentes représentations (par exemple, entre la base de données et l'interface utilisateur). Surutilisation fréquente : L'article souligne que les DTOs sont souvent utilisés de manière excessive, notamment pour créer des API HTTP qui ne font que refléter les entités de la base de données, manquant ainsi l'opportunité de composer des données plus riches. Vraie valeur : La valeur réelle des DTOs réside dans la gestion du couplage entre les couches et la composition de données provenant de sources multiples en formes optimisées pour des cas d'utilisation spécifiques. Découplage : Il est suggéré d'utiliser les DTOs pour découpler les modèles de données internes des contrats externes (comme les API), ce qui permet une évolution et une gestion des versions indépendantes. Exemple avec CQRS : Dans le cadre de CQRS (Command Query Responsibility Segregation), les réponses aux requêtes (queries) agissent comme des DTOs spécifiquement adaptés aux besoins de l'interface utilisateur, pouvant inclure des données de diverses sources. Protection des données internes : Les DTOs aident à distinguer et protéger les modèles de données internes (privés) des changements externes (publics). Éviter l'excès : L'auteur met en garde contre les couches de mapping excessives (mapper un DTO vers un autre DTO) qui n'apportent pas de valeur ajoutée. Création ciblée : Il est conseillé de ne créer des DTOs que lorsqu'ils résolvent des problèmes concrets, tels que la gestion du couplage ou la facilitation de la composition de données. Méthodologies Même Guillaume se met au “vibe coding” https://glaforge.dev/posts/2025/05/02/vibe-coding-an-mcp-server-with-micronaut-and-gemini/ Selon Andrey Karpathy, c'est le fait de POC-er un proto, une appli jetable du weekend https://x.com/karpathy/status/1886192184808149383 Mais Simon Willison s'insurge que certains confondent coder avec l'assistance de l'IA avec le vibe coding https://simonwillison.net/2025/May/1/not-vibe-coding/ Guillaume c'est ici amusé à développer un serveur MCP avec Micronaut, en utilisant Gemini, l'IA de Google. Contrairement à Quarkus ou Spring Boot, Micronaut n'a pas encore de module ou de support spécifique pour faciliter la création de serveur MCP Sécurité Une faille de sécurité 10/10 sur Tomcat https://www.it-connect.fr/apache-tomcat-cette-faille-activement-exploitee-seulement-30-heures-apres-sa-divulgation-patchez/ Une faille de sécurité critique (CVE-2025-24813) affecte Apache Tomcat, permettant l'exécution de code à distance Cette vulnérabilité est activement exploitée seulement 30 heures après sa divulgation du 10 mars 2025 L'attaque ne nécessite aucune authentification et est particulièrement simple à exécuter Elle utilise une requête PUT avec une charge utile Java sérialisée encodée en base64, suivie d'une requête GET L'encodage en base64 permet de contourner la plupart des filtres de sécurité Les serveurs vulnérables utilisent un stockage de session basé sur des fichiers (configuration répandue) Les versions affectées sont : 11.0.0-M1 à 11.0.2, 10.1.0-M1 à 10.1.34, et 9.0.0.M1 à 9.0.98 Les mises à jour recommandées sont : 11.0.3+, 10.1.35+ et 9.0.99+ Les experts prévoient des attaques plus sophistiquées dans les prochaines phases d'exploitation (upload de config ou jsp) Sécurisation d'un serveur ssh https://ittavern.com/ssh-server-hardening/ un article qui liste les configurations clés pour sécuriser un serveur SSH par exemple, enlever password authentigfication, changer de port, desactiver le login root, forcer le protocol ssh 2, certains que je ne connaissais pas comme MaxStartups qui limite le nombre de connections non authentifiées concurrentes Port knocking est une technique utile mais demande une approche cliente consciente du protocol Oracle admet que les identités IAM de ses clients ont leaké https://www.theregister.com/2025/04/08/oracle_cloud_compromised/ Oracle a confirmé à certains clients que son cloud public a été compromis, alors que l'entreprise avait précédemment nié toute intrusion. Un pirate informatique a revendiqué avoir piraté deux serveurs d'authentification d'Oracle et volé environ six millions d'enregistrements, incluant des clés de sécurité privées, des identifiants chiffrés et des entrées LDAP. La faille exploitée serait la vulnérabilité CVE-2021-35587 dans Oracle Access Manager, qu'Oracle n'avait pas corrigée sur ses propres systèmes. Le pirate a créé un fichier texte début mars sur login.us2.oraclecloud.com contenant son adresse email pour prouver son accès. Selon Oracle, un ancien serveur contenant des données vieilles de huit ans aurait été compromis, mais un client affirme que des données de connexion aussi récentes que 2024 ont été dérobées. Oracle fait face à un procès au Texas concernant cette violation de données. Cette intrusion est distincte d'une autre attaque contre Oracle Health, sur laquelle l'entreprise refuse de commenter. Oracle pourrait faire face à des sanctions sous le RGPD européen qui exige la notification des parties affectées dans les 72 heures suivant la découverte d'une fuite de données. Le comportement d'Oracle consistant à nier puis à admettre discrètement l'intrusion est inhabituel en 2025 et pourrait mener à d'autres actions en justice collectives. Une GitHub action très populaire compromise https://www.stepsecurity.io/blog/harden-runner-detection-tj-actions-changed-files-action-is-compromised Compromission de l'action tj-actions/changed-files : En mars 2025, une action GitHub très utilisée (tj-actions/changed-files) a été compromise. Des versions modifiées de l'action ont exposé des secrets CI/CD dans les logs de build. Méthode d'attaque : Un PAT compromis a permis de rediriger plusieurs tags de version vers un commit contenant du code malveillant. Détails du code malveillant : Le code injecté exécutait une fonction Node.js encodée en base64, qui téléchargeait un script Python. Ce script parcourait la mémoire du runner GitHub à la recherche de secrets (tokens, clés…) et les exposait dans les logs. Dans certains cas, les données étaient aussi envoyées via une requête réseau. Période d'exposition : Les versions compromises étaient actives entre le 12 et le 15 mars 2025. Tout dépôt, particulièrement ceux publiques, ayant utilisé l'action pendant cette période doit être considéré comme potentiellement exposé. Détection : L'activité malveillante a été repérée par l'analyse des comportements inhabituels pendant l'exécution des workflows, comme des connexions réseau inattendues. Réaction : GitHub a supprimé l'action compromise, qui a ensuite été nettoyée. Impact potentiel : Tous les secrets apparaissant dans les logs doivent être considérés comme compromis, même dans les dépôts privés, et régénérés sans délai. Loi, société et organisation Les startup the YCombinateur ont les plus fortes croissances de leur histoire https://www.cnbc.com/2025/03/15/y-combinator-startups-are-fastest-growing-in-fund-history-because-of-ai.html Les entreprises en phase de démarrage à Silicon Valley connaissent une croissance significative grâce à l'intelligence artificielle. Le PDG de Y Combinator, Garry Tan, affirme que l'ensemble des startups de la dernière cohorte a connu une croissance hebdomadaire de 10% pendant neuf mois. L'IA permet aux développeurs d'automatiser des tâches répétitives et de générer du code grâce aux grands modèles de langage. Pour environ 25% des startups actuelles de YC, 95% de leur code a été écrit par l'IA. Cette révolution permet aux entreprises de se développer avec moins de personnel - certaines atteignant 10 millions de dollars de revenus avec moins de 10 employés. La mentalité de “croissance à tout prix” a été remplacée par un renouveau d'intérêt pour la rentabilité. Environ 80% des entreprises présentées lors du “demo day” étaient centrées sur l'IA, avec quelques startups en robotique et semi-conducteurs. Y Combinator investit 500 000 dollars dans les startups en échange d'une participation au capital, suivi d'un programme de trois mois. Red Hat middleware (ex-jboss) rejoint IBM https://markclittle.blogspot.com/2025/03/red-hat-middleware-moving-to-ibm.html Les activités Middleware de Red Hat (incluant JBoss, Quarkus, etc.) vont être transférées vers IBM, dans l'unité dédiée à la sécurité des données, à l'IAM et aux runtimes. Ce changement découle d'une décision stratégique de Red Hat de se concentrer davantage sur le cloud hybride et l'intelligence artificielle. Mark Little explique que ce transfert était devenu inévitable, Red Hat ayant réduit ses investissements dans le Middleware ces dernières années. L'intégration vise à renforcer l'innovation autour de Java en réunissant les efforts de Red Hat et IBM sur ce sujet. Les produits Middleware resteront open source et les clients continueront à bénéficier du support habituel sans changement. Mark Little affirme que des projets comme Quarkus continueront à être soutenus et que cette évolution est bénéfique pour la communauté Java. Un an de commonhaus https://www.commonhaus.org/activity/253.html un an, démarré sur les communautés qu'ils connaissaient bien maintenant 14 projets et put en accepter plus confiance, gouvernance legère et proteger le futur des projets automatisation de l'administratif, stabiilité sans complexité, les developpeurs au centre du processus de décision ils ont besoins de members et supporters (financiers) ils veulent accueillir des projets au delà de ceux du cercles des Java Champions Spring Cloud Data Flow devient un produit commercial et ne sera plus maintenu en open source https://spring.io/blog/2025/04/21/spring-cloud-data-flow-commercial Peut-être sous l'influence de Broadcom, Spring se met à mettre en mode propriétaire des composants du portefeuille Spring ils disent que peu de gens l'utilisaent en mode OSS et la majorité venait d'un usage dans la plateforme Tanzu Maintenir en open source le coutent du temps qu'ils son't pas sur ces projets. La CNCF protège le projet NATS, dans la fondation depuis 2018, vu que la société Synadia qui y contribue souhaitait reprendre le contrôle du projet https://www.cncf.io/blog/2025/04/24/protecting-nats-and-the-integrity-of-open-source-cncfs-commitment-to-the-community/ CNCF : Protège projets OS, gouvernance neutre. Synadia vs CNCF : Veut retirer NATS, licence non-OS (BUSL). CNCF : Accuse Synadia de “claw back” (reprise illégitime). Revendications Synadia : Domaine nats.io, orga GitHub. Marque NATS : Synadia n'a pas transféré (promesse rompue malgré aide CNCF). Contestation Synadia : Juge règles CNCF “trop vagues”. Vote interne : Mainteneurs Synadia votent sortie CNCF (sans communauté). Support CNCF : Investissement majeur ($ audits, légal), succès communautaire (>700 orgs). Avenir NATS (CNCF) : Maintien sous Apache 2.0, gouvernance ouverte. Actions CNCF : Health check, appel mainteneurs, annulation marque Synadia, rejet demandes. Mais finalement il semble y avoir un bon dénouement : https://www.cncf.io/announcements/2025/05/01/cncf-and-synadia-align-on-securing-the-future-of-the-nats-io-project/ Accord pour l'avenir de NATS.io : La Cloud Native Computing Foundation (CNCF) et Synadia ont conclu un accord pour sécuriser le futur du projet NATS.io. Transfert des marques NATS : Synadia va céder ses deux enregistrements de marque NATS à la Linux Foundation afin de renforcer la gouvernance ouverte du projet. Maintien au sein de la CNCF : L'infrastructure et les actifs du projet NATS resteront sous l'égide de la CNCF, garantissant ainsi sa stabilité à long terme et son développement en open source sous licence Apache-2.0. Reconnaissance et engagement : La Linux Foundation, par la voix de Todd Moore, reconnaît les contributions de Synadia et son soutien continu. Derek Collison, PDG de Synadia, réaffirme l'engagement de son entreprise envers NATS et la collaboration avec la Linux Foundation et la CNCF. Adoption et soutien communautaire : NATS est largement adopté et considéré comme une infrastructure critique. Il bénéficie d'un fort soutien de la communauté pour sa nature open source et l'implication continue de Synadia. Finalement, Redis revient vers une licence open source OSI, avec la AGPL https://foojay.io/today/redis-is-now-available-under-the-agplv3-open-source-license/ Redis passe à la licence open source AGPLv3 pour contrer l'exploitation par les fournisseurs cloud sans contribution. Le passage précédent à la licence SSPL avait nui à la relation avec la communauté open source. Salvatore Sanfilippo (antirez) est revenu chez Redis. Redis 8 adopte la licence AGPL, intègre les fonctionnalités de Redis Stack (JSON, Time Series, etc.) et introduit les “vector sets” (le support de calcul vectoriel développé par Salvatore). Ces changements visent à renforcer Redis en tant que plateforme appréciée des développeurs, conformément à la vision initiale de Salvatore. Conférences La liste des conférences provenant de Developers Conferences Agenda/List par Aurélie Vache et contributeurs : 6-7 mai 2025 : GOSIM AI Paris - Paris (France) 7-9 mai 2025 : Devoxx UK - London (UK) 15 mai 2025 : Cloud Toulouse - Toulouse (France) 16 mai 2025 : AFUP Day 2025 Lille - Lille (France) 16 mai 2025 : AFUP Day 2025 Lyon - Lyon (France) 16 mai 2025 : AFUP Day 2025 Poitiers - Poitiers (France) 22-23 mai 2025 : Flupa UX Days 2025 - Paris (France) 24 mai 2025 : Polycloud - Montpellier (France) 24 mai 2025 : NG Baguette Conf 2025 - Nantes (France) 3 juin 2025 : TechReady - Nantes (France) 5-6 juin 2025 : AlpesCraft - Grenoble (France) 5-6 juin 2025 : Devquest 2025 - Niort (France) 10-11 juin 2025 : Modern Workplace Conference Paris 2025 - Paris (France) 11-13 juin 2025 : Devoxx Poland - Krakow (Poland) 12 juin 2025 : Positive Design Days - Strasbourg (France) 12-13 juin 2025 : Agile Tour Toulouse - Toulouse (France) 12-13 juin 2025 : DevLille - Lille (France) 13 juin 2025 : Tech F'Est 2025 - Nancy (France) 17 juin 2025 : Mobilis In Mobile - Nantes (France) 19-21 juin 2025 : Drupal Barcamp Perpignan 2025 - Perpignan (France) 24 juin 2025 : WAX 2025 - Aix-en-Provence (France) 25-26 juin 2025 : Agi'Lille 2025 - Lille (France) 25-27 juin 2025 : BreizhCamp 2025 - Rennes (France) 26-27 juin 2025 : Sunny Tech - Montpellier (France) 1-4 juillet 2025 : Open edX Conference - 2025 - Palaiseau (France) 7-9 juillet 2025 : Riviera DEV 2025 - Sophia Antipolis (France) 5 septembre 2025 : JUG Summer Camp 2025 - La Rochelle (France) 12 septembre 2025 : Agile Pays Basque 2025 - Bidart (France) 18-19 septembre 2025 : API Platform Conference - Lille (France) & Online 23 septembre 2025 : OWASP AppSec France 2025 - Paris (France) 25-26 septembre 2025 : Paris Web 2025 - Paris (France) 2-3 octobre 2025 : Volcamp - Clermont-Ferrand (France) 3 octobre 2025 : DevFest Perros-Guirec 2025 - Perros-Guirec (France) 6-10 octobre 2025 : Devoxx Belgium - Antwerp (Belgium) 7 octobre 2025 : BSides Mulhouse - Mulhouse (France) 9-10 octobre 2025 : Forum PHP 2025 - Marne-la-Vallée (France) 9-10 octobre 2025 : EuroRust 2025 - Paris (France) 16 octobre 2025 : PlatformCon25 Live Day Paris - Paris (France) 16-17 octobre 2025 : DevFest Nantes - Nantes (France) 30-31 octobre 2025 : Agile Tour Bordeaux 2025 - Bordeaux (France) 30-31 octobre 2025 : Agile Tour Nantais 2025 - Nantes (France) 30 octobre 2025-2 novembre 2025 : PyConFR 2025 - Lyon (France) 4-7 novembre 2025 : NewCrafts 2025 - Paris (France) 6 novembre 2025 : dotAI 2025 - Paris (France) 7 novembre 2025 : BDX I/O - Bordeaux (France) 12-14 novembre 2025 : Devoxx Morocco - Marrakech (Morocco) 13 novembre 2025 : DevFest Toulouse - Toulouse (France) 15-16 novembre 2025 : Capitole du Libre - Toulouse (France) 20 novembre 2025 : OVHcloud Summit - Paris (France) 21 novembre 2025 : DevFest Paris 2025 - Paris (France) 27 novembre 2025 : Devfest Strasbourg 2025 - Strasbourg (France) 28 novembre 2025 : DevFest Lyon - Lyon (France) 5 décembre 2025 : DevFest Dijon 2025 - Dijon (France) 10-11 décembre 2025 : Devops REX - Paris (France) 10-11 décembre 2025 : Open Source Experience - Paris (France) 28-31 janvier 2026 : SnowCamp 2026 - Grenoble (France) 2-6 février 2026 : Web Days Convention - Aix-en-Provence (France) 23-25 avril 2026 : Devoxx Greece - Athens (Greece) 17 juin 2026 : Devoxx Poland - Krakow (Poland) Nous contacter Pour réagir à cet épisode, venez discuter sur le groupe Google https://groups.google.com/group/lescastcodeurs Contactez-nous via X/twitter https://twitter.com/lescastcodeurs ou Bluesky https://bsky.app/profile/lescastcodeurs.com Faire un crowdcast ou une crowdquestion Soutenez Les Cast Codeurs sur Patreon https://www.patreon.com/LesCastCodeurs Tous les épisodes et toutes les infos sur https://lescastcodeurs.com/

Writes4Women
AI and Publishing: Tracey Spicer and Sandie Docker

Writes4Women

Play Episode Listen Later May 8, 2025 44:45


If you only listen to one episode of W4W this year, THIS is the one you need to make time for. Pam talks AI, its implications and the future of writing with two women on the frontlines of championing artistic rights, journalist @traceyspicer and writer @sandiedocker. We promise, you’ll leave this episode informed, aware, determined and hopeful about the future of your work. These are scary times, but this community is full of courageous women. SHOW NOTES: Writes4Women www.writes4women.com Facebook @writes4women Twitter / Instagram @w4wpodcast W4W Substack https://writes4women.substack.com/ Tracey Spicer Website: click here Facebook: click here Instagram: click here Sandie Docker Website: click here Facebook: click here Instagram: click here Check our Sandie's info on AI here: https://www.sandiedocker.com/ai-action Pamela Cook www.pamelacook.com.au Facebook: click here Twitter: click here Instagram: click here This episode produced by Pamela Cook for Writes4Women on unceded Dharawal country. Support the show: https://www.patreon.com/writes4women?fan_landing=trueSee omnystudio.com/listener for privacy information.

Ardan Labs Podcast
Hasura, Networking, and Business with Kenneth Stott

Ardan Labs Podcast

Play Episode Listen Later May 7, 2025 81:50


Kenneth Stott, Field CTO at Hasura, joins the Ardan Labs podcast to recount his journey from a BYU student to innovating computer audits at Deloitte and navigating the high-pressure world of Wall Street. He explains how early hands-on experiences with computers and his organizational behavior classes ignited an entrepreneurial mindset. Throughout the conversation, Stott underscores the critical role of relationships, cultural awareness, and the art of storytelling in advancing one's career. He wraps up by highlighting his current work at Hasura, where he's driving breakthroughs in data management and leveraging AI to empower smarter business decisions.00:00 Introduction00:40 What is Kenneth Doing Today?06:05 First Memory of a Computer11:00 Early Entrepreneurship / Interests19:00 Entering University33:00 First Job After Graduation41:00 Moving to New York47:00 Working on Wall Street52:00 Entering C-Suite Jobs1:06:00 Desired Characteristics1:09:20 Roles before Retirement1:12:00 Working at Hasura1:15:00 PromptQL1:17:00 Contact InfoConnect with  Kenneth: Linkedin: https://www.linkedin.com/in/kenstott/Mentioned in this Episode:Hasura: https://hasura.io/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

The Restump Podcast

We may be in transplant territory because there are too many pieces of our shattered purple hearts for another band-aid to hold it all together. Time to somehow Restump Podcast that depressing and demoralising Docker performance.In the context of when being in possession of supposed competent and talented lists, it was as incomprehensible a performance as we have ever delivered in our 30+ year history. There is no sugar coating it, spinning it or dismissing it, you simply can't imagine how it could get worse. In fact, you can't even take that ironic positive because, in the most unfathomable manner, we continue to find ways of lowering the bar.We take two steps forward; we take two steps back! What are we a team of Paula Abduls? Framing every second week as redemption round isn't sustainable or conducive to progress. There is something fundamentally wrong at the club that no one seems to be able to definitively put their finger on. But on the back of expectation and a specific strategic plan conveyed by the club, fans and members understandably are outraged and, reactionary or otherwise, have coach Justin Longmuir in the gun. Neesham, Drum, Connolly, Harvey and now Longmuir. We've been in the competition for 30 years and the cause of every crisis has apparently been the coach. How's that worked out for us?There is no doubt Justin Longmuir now finds himself under a level of pressure few could ever conceive but, after such a performance there shouldn't be anyone at the club not looking inward. However, while emotions run high, it would be remiss of everyone to not remember Damian Hardwick being under comparable pressure in 2016. After being in the top job at Tigerland for 7 years, the Tiges finished 13th with 8 wins and that came off the back of an elimination final loss the previous year. It had Richmond fans, members and the media calling for his head. The board responded by backing in their process and they double downed on Hardwick. We all know what happened over the next 4 years. Are the two situations comparable? Those who have made up their mind on JL will say no, and that is their prerogative. Whether we like to acknowledge it or not, us fans are victims of the overrating of our list at the time by the Fremantle administration. They were far too optimistic with their projections with such a young side, which remains the case. In 2022 we had an average age list of 24.1 years. Four years later we have an average age list of 24.5 years. However, despite the reality, it's an emotional game and many fans, irrational or otherwise, now don't contemplate reasoning other than the coach is entirely to blame. And that is understandable given the Fremantle football club put it all out there in 2022. We preach accountability, don't we? It will be interesting and very telling, how Simon Garlic handles this situation.Everything about footy is subjective. The validity of our opinions today is determined only by time.Does any of this ease the onset depression we're all suffering from Friday night? Probably not. No stranger to adversary, but the club is in a deeper hole than it usually finds itself in. The problem is the only way out is to climb a ladder! We don't know where we go from here, but if our venting and ranting provides some type of vicarious frustration outlet on the pod… you're welcome. Send us a textSupport the show

Algorütm | Geenius.ee
01.05 Algorütm: Docker konteinerite turbe ABC DevOps inseneri pilgu läbi

Algorütm | Geenius.ee

Play Episode Listen Later May 1, 2025 47:40


Tänases episoodis räägime turvalisusest konteinerite maailmas. Külas on Sten Leinasaar, Eesti Rahvusringhäälingu DevOps insener, kes jagab praktilisi soovitusi Docker konteinerite turvamiseks. Sten viib läbi ka 9. mai Digit konverentsil töötoa konteinerite turbest.Teeme ka ametlikult teatavaks Algorütmi uue saatejuhi.-----Jaga meile enda jaoks olulisimat mõtet episoodist meie Discord kanalis: https://discord.gg/8X5JTkDxccEpisoodi veavad Priit Liivak ja Martin KappAlgorütmi toetavad Patchstack https://patchstack.comNortal https://nortal.com/Veriff https://www.veriff.com/

Ardan Labs Podcast
Focused, Reputation, and AI with Austin Vance

Ardan Labs Podcast

Play Episode Listen Later Apr 30, 2025 89:47


In this conversation, Bill Kennedy and Austin Vance discuss the critical role of relationships in business, the balance between AI and human interaction, and the importance of cultivating client trust. They explore how AI can enhance efficiency without replacing the human touch in consulting. The discussion also delves into pricing strategies in a changing economic landscape, the significance of legacy code, and the need for developers to maintain empathy towards existing systems. Ultimately, they emphasize the importance of creating awareness and demonstrating expertise in the market.00:00 Introduction00:30 What is Austin Doing Today?02:10 First Experiences with a Computer06:00 Highschool Interests9:30 Early Laptops16:20 Entering College23:30 The Journey to Computer Science 26:30 First Jobs in Tech32:00 Starting Focused 35:00 Agency vs Products and Reputation44:30 Moving on From Pivotal52:48 Balancing AI and Human Interaction01:08:30 Future Market Concerns01:20:30 Controlling Chaos1:28:00 Contact InfoConnect with Austin: Linkedin: https://www.linkedin.com/in/austinbv/Mentioned in this Episode:Focused: https://focused.io/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

Spring Office Hours
S4E10 - Testcontainers and Docker Model Runner featuring Eddú Meléndez

Spring Office Hours

Play Episode Listen Later Apr 29, 2025 57:30


Join Dan Vega and DaShaun Carter for the latest updates from the Spring Ecosystem. In this episode, they welcome Eddú Meléndez, who works on Testcontainers at Docker following the company's acquisition of the project.The trio explores the recently released Docker Model Runner in Docker Desktop 4.40.0, which provides a local Inference API compatible with the OpenAI API and integrates seamlessly with Spring AI 1.0.0-M7.Eddú shares his journey of contributing to Spring projects, discusses his experience with Testcontainers, and provides insights on running AI models locally with zero API keys or data sharing. Don't miss this in-depth look at the intersection of Spring AI and Docker technologies, showcasing how developers can leverage these powerful tools in their projects.You can participate in our live stream to ask questions or catch the replay on your preferred podcast platform.Show NotesSpring AI with Docker Model RunnerEddú Meléndez on TwitterEddú Meléndez on BlueSky

Atareao con Linux
ATA 691 Tu propia nube en tres clics. Así de fácil

Atareao con Linux

Play Episode Listen Later Apr 28, 2025 23:10


selfh.st es un excelente sitio web que será el compañero ideal para tu viaje por el mundo del auto alojamiento donde encontrarás cientos de serviciosQue esté completamente fascinado por el mundo del auto alojamiento o self-hosted es algo completamente comprensible. Hay cientos, y cuando te digo cientos, te aseguro que no exagero de servicios disponibles para auto alojar. Cuando empecé con todo el mundo del alojamiento, fue mas bien por la curiosidad que me generaba Docker. Hoy, se ha quedado casi al margen, que sea con Docker o Podman, o cualquier otra solución. Lo que realmente me fascina, es que tengo la posibilidad de hacer casi cualquier cosa que se me pueda pasar por la cabeza. Siempre hay alguien que ha desarrollado un servicio que se adapta mas o menos a mi flujo de trabajo. Desde crear un servidor multimedia, hasta alojar tu propio código o incluso controlar el tiempo que le dedicas a cada proyecto. Actualmente las novedades relativas al mundo del auto alojamiento las obtengo de distinta forma. Desde grupos de Telegram, pasando por Reddit, y también de un servicio que se ha convertido en fundamental para mi, y es de este servicio del que te quiero hablar en este episodio. Se trata de un sitio web, que te ayudará a crear tu propia nube, en tres clics, facilitándote la tarea de seleccionar aquellos servicios que mas se adecuen a tu flujo de trabajo o a tus necesidades.Más información y enlaces en las notas del episodio

Jupiter Extras
LinuxFest Northwest 2025 Day 1

Jupiter Extras

Play Episode Listen Later Apr 26, 2025 117:05


Live from LinuxFest Norhtwest 2025 Day 1. Exclusive coverage, chats, interviews, and more. Catch day two in episode 612 of LINUX Unplugged.

live exclusive livestream cosmic linux docker chris fisher secuirty linuxfest northwest linux unplugged wes payne
The New Stack Podcast
How Heroku Is ‘Re-Platforming' Its Platform

The New Stack Podcast

Play Episode Listen Later Apr 24, 2025 18:01


Heroku has been undergoing a major transformation, re-platforming its entire Platform as a Service (PaaS) offering over the past year and a half. This ambitious effort, dubbed “Fir,” will soon reach general availability. According to Betty Junod, CMO and SVP at Heroku (owned by Salesforce), the overhaul includes a shift to Kubernetes and OCI standards, reinforcing Heroku's commitment to open source. The platform now features Heroku Cloud Native Buildpacks, which let developers create container images without Dockerfiles. Originally built on Ruby on Rails and predating Docker and AWS, Heroku now supports eight programming languages. The company has also deepened its open source engagement by becoming a platinum member of the Cloud Native Computing Foundation (CNCF), contributing to projects like OpenTelemetry. Additionally, Heroku has open sourced its Twelve-Factor Apps methodology, inviting the community to help modernize it to address evolving needs such as secrets management and workload identity. This signals a broader effort to align Heroku's future with the cloud native ecosystem. Learn more from The New Stack about Heroku's approach to Platform-as-a-Service:Return to PaaS: Building the Platform of Our DreamsHeroku Moved Twelve-Factor Apps to Open Source. What's Next?How Heroku Is Positioned To Help Ops Engineers in the GenAI EraJoin our community of newsletter subscribers to stay on top of the news and at the top of your game.

Chinchilla Squeaks
Build faster and waste less time with Depot.dev

Chinchilla Squeaks

Play Episode Listen Later Apr 24, 2025 26:07


I speak with Kyle from Depot.dev, which promise to speed up your your Docker image builds and GitHub Actions workflows. Depot easily integrates with your existing CI provider and dev workflows to save hours of build time.Learn something new with a book or course from ManningStart today with learning something new or up-skilling, get 30% of ANYTHING at manning.com by visiting go.chrischinchilla.com/manning For show notes and an interactive transcript, visit chrischinchilla.com/podcast/To reach out and say hello, visit chrischinchilla.com/contact/To support the show for ad-free listening and extra content, visit chrischinchilla.com/support/

The CyberWire
States struggle with cyber shift.

The CyberWire

Play Episode Listen Later Apr 23, 2025 34:49


The White House's shift of cybersecurity responsibilities to the states is met with skepticism. Baltimore City Public Schools suffer a ransomware attack. Russian state-backed hackers target Dutch critical infrastructure. Microsoft resolves multiple Remote Desktop issues. A new malware campaign is targeting Docker environments for cryptojacking. A new phishing campaign uses weaponized Word documents to steal Windows login credentials. Zyxel Networks issues critical patches for two high-severity vulnerabilities. CISA issues five advisories highlighting critical vulnerabilities in ICS systems. Our guest is Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division, sharing the findings of their latest IC3 report. So long, Privacy Sandbox.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division, as she is sharing the findings of their latest IC3 report. Selected Reading Trump is shifting cybersecurity to the states, but many aren't prepared (Stateline) Baltimore City Public Schools report data breach (beyondmachines) Russia attempting cyber sabotage attacks against Dutch critical infrastructure (record) Microsoft fixes Remote Desktop freezes caused by Windows updates (bleepingcomputer) New Malware Hijacking Docker Images with Unique Obfuscation Technique (cybersecuritynews) Hackers Exploit Weaponized Word Docs to Steal Windows Login Credentials (gbhackers) Kelly Benefits Data Breach Impacts 260,000 People (SecurityWeek) Data Breach at Onsite Mammography Impacts 350,000 (SecurityWeek) Zyxel Patches Privilege Management Vulnerabilities in USG FLEX H Series Firewalls (cybersecuritynews) CISA Releases Five Advisories Covering ICS Vulnerabilities & Exploits (cybersecuritynews) RIP to the Google Privacy Sandbox (The Register) 2024 IC3 ANNUAL REPORT  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Ardan Labs Podcast
Go, Rust, and Passion with Bilal Khan

Ardan Labs Podcast

Play Episode Listen Later Apr 23, 2025 69:25


In this conversation, Bilal Khan shares his journey from a small town in Pakistan to becoming a software developer and content creator. He discusses his early education, the challenges he faced while transitioning to high school in a big city, and his experiences in university. Bilal reflects on his exploration of boot camps and internships, as well as the ups and downs of navigating his early career in the tech industry. Bilal expresses a desire to deepen his programming skills and contribute to the tech community while navigating the complexities of the job market.00:00 Introduction00:30 What is Bilal Doing Today?05:00 Early Education / Life11:30 First Experience with a Computer15:45 University Experience17:30 Entering Boot Camps23:40 Looking for Tech Work 31:30 Experience During COVID-1935:00 Family Dynamics 42:00 Generating Income1:03:00 Future Aspirations1:07:20 Contact InfoConnect with Bilal: Linkedin: https://www.linkedin.com/in/ibilalkayy/Mentioned in this Episode:Go: https://go.dev/Rust: https://www.rust-lang.org/Bill.com: https://www.bill.com/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

Thinking Elixir Podcast
250: EEF Elections and Security

Thinking Elixir Podcast

Play Episode Listen Later Apr 22, 2025 14:23


News includes EEF board elections with voting beginning May 9th, Gleam v1.10.0 enhancing security with SBoMs and SLSA build provenance, an AshAuthentication vulnerability with mitigation steps, the Elixir Secure Coding Training project finding a permanent home at the EEF, announcements for both ElixirConf US 2025 in Orlando and ElixirConfEU in Krakow with speaker lineup, and more! Show Notes online - http://podcast.thinkingelixir.com/250 (http://podcast.thinkingelixir.com/250) Elixir Community News https://paraxial.io/ (https://paraxial.io/?utm_source=thinkingelixir&utm_medium=shownotes) – Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a limited time offer. https://erlef.org/blog/eef/election-2025 (https://erlef.org/blog/eef/election-2025?utm_source=thinkingelixir&utm_medium=shownotes) – EEF board elections announced with important dates - candidacy submissions by May 8th, voting open May 9-16th. https://x.com/TheErlef/status/1911847956308959650 (https://x.com/TheErlef/status/1911847956308959650?utm_source=thinkingelixir&utm_medium=shownotes) – Gleam v1.10.0 will ship with Build SBoMs and SLSA build provenance for all release artifacts and Docker images, improving visibility into dependencies and software supply chain security. https://x.com/theerlef/status/1910348770514006242 (https://x.com/theerlef/status/1910348770514006242?utm_source=thinkingelixir&utm_medium=shownotes) – The "Elixir Secure Coding Training (ESCT)" project has been transferred to the Erlang Ecosystem Foundation for a more permanent home and maintainership. https://bsky.app/profile/davelucia.com/post/3lmcqhzoc7c26 (https://bsky.app/profile/davelucia.com/post/3lmcqhzoc7c26?utm_source=thinkingelixir&utm_medium=shownotes) – Dave Lucia shares information about the ESCT project transfer from Podium to TvLabs and ultimately to the EEF. https://github.com/erlef/elixir-secure-coding (https://github.com/erlef/elixir-secure-coding?utm_source=thinkingelixir&utm_medium=shownotes) – An interactive cybersecurity curriculum designed for enterprise use at software companies using Elixir. https://github.com/phoenixframework/phoenix/pull/6184 (https://github.com/phoenixframework/phoenix/pull/6184?utm_source=thinkingelixir&utm_medium=shownotes) – Fix for Plug.Debugger screen which was showing ANSI codes in HTML. https://github.com/phoenixframework/phoenix/pull/6194 (https://github.com/phoenixframework/phoenix/pull/6194?utm_source=thinkingelixir&utm_medium=shownotes) – Fix for the Phoenix installer's incorrect application of custom variants in tailwind v4. https://github.com/team-alembic/ash_authentication/security/advisories/GHSA-3988-q8q7-p787 (https://github.com/team-alembic/ash_authentication/security/advisories/GHSA-3988-q8q7-p787?utm_source=thinkingelixir&utm_medium=shownotes) – AshAuthentication vulnerability published with mitigation steps - update packages, set requireinteraction to true, and add confirmroute above auth_routes. https://elixirconf.com/ (https://elixirconf.com/?utm_source=thinkingelixir&utm_medium=shownotes) – ElixirConf US 2025 is open for submitting talks and workshops in Orlando. Talk submissions due April 29, workshop submissions due April 15. https://x.com/elixirconf/status/1907843035544826137 (https://x.com/elixirconf/status/1907843035544826137?utm_source=thinkingelixir&utm_medium=shownotes) – Announcement for ElixirConf US 2025 in Orlando with deadlines for talk and workshop submissions. https://x.com/ElixirConfEU/status/1911747531953832323 (https://x.com/ElixirConfEU/status/1911747531953832323?utm_source=thinkingelixir&utm_medium=shownotes) – ElixirConfEU Speakers were announced for the upcoming conference in Krakow, Poland. https://www.elixirconf.eu/#tickets (https://www.elixirconf.eu/#tickets?utm_source=thinkingelixir&utm_medium=shownotes) – Ticket information for ElixirConfEU - 250 Euros for virtual ticket, 600 Euros for in-person ticket. https://www.elixirconf.eu/#keynotes (https://www.elixirconf.eu/#keynotes?utm_source=thinkingelixir&utm_medium=shownotes) – Keynote information for ElixirConfEU in Krakow, Poland, May 14-16 (training on May 14, regular sessions on May 15-16). Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at show@thinkingelixir.com (mailto:show@thinkingelixir.com) Find us online - Message the show - Bluesky (https://bsky.app/profile/thinkingelixir.com) - Message the show - X (https://x.com/ThinkingElixir) - Message the show on Fediverse - @ThinkingElixir@genserver.social (https://genserver.social/ThinkingElixir) - Email the show - show@thinkingelixir.com (mailto:show@thinkingelixir.com) - Mark Ericksen on X - @brainlid (https://x.com/brainlid) - Mark Ericksen on Bluesky - @brainlid.bsky.social (https://bsky.app/profile/brainlid.bsky.social) - Mark Ericksen on Fediverse - @brainlid@genserver.social (https://genserver.social/brainlid) - David Bernheisel on Bluesky - @david.bernheisel.com (https://bsky.app/profile/david.bernheisel.com) - David Bernheisel on Fediverse - @dbern@genserver.social (https://genserver.social/dbern)

Desde el reloj
Music Assistant en Docker, Sonos e integración en HA

Desde el reloj

Play Episode Listen Later Apr 22, 2025 14:39


Este fin de semana he estado montando y probando Music Assistant, un sistema que permite unir todos nuestros servicios de música con todos nuestros altavoces y reproductores. Además, se integra perfectamente con Home Assistant.

DevOps and Docker Talk
Docker Model Runner

DevOps and Docker Talk

Play Episode Listen Later Apr 21, 2025 13:06


Docker launched "Docker Model Runner" to run LLMs through llama.cpp with a single "docker model" command. In this episode Bret details examples and some useful use cases for using this way to run LLMs. He breaks down the internals. How it works, when you should use it or not use it; and, how to get started using Open WebUI for a private ChatGPT-like experience.★Topics★Model Runner DocsHub ModelsOCI ArtifactsOpen WebUIMy Open WebUI Compose fileCreators & Guests Cristi Cotovan - Editor Beth Fisher - Producer Bret Fisher - Host (00:00) - Intro (00:46) - Model Runner Elevator Pitch (01:28) - Enabling Docker Model Runner (04:28) - Self Promotion! Is that an ad? For me? (05:03) - Downloading Models (07:11) - Architectrure of Model Runner (10:49) - ORAS (11:09) - What's next for Model Runner? (12:13) - Troubleshooting You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS Stormcast Friday, April 18th: Remnux Cloud Environment; Erlang/OTP SSH Vuln; Brickstorm Backdoor Analysis; GPT 4.1 Safety Controversy

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Apr 18, 2025 6:18


RedTail: Remnux and Malware Management A description showing how to set up a malware analysis in the cloud with Remnux and Kasm. RedTail is a sample to illustrate how the environment can be used. https://isc.sans.edu/diary/RedTail%2C%20Remnux%20and%20Malware%20Management%20%5BGuest%20Diary%5D/31868 Critical Erlang/OTP SSH Vulnerability Researchers identified a critical vulnerability in the Erlang/OTP SSH library. Due to this vulnerability, SSH servers written in Erlang/OTP allow arbitrary remote code execution without prior authentication https://www.openwall.com/lists/oss-security/2025/04/16/2 Brickstorm Analysis An analysis of a recent instance of the Brickstorm backdoor. This backdoor used to be more known for infecting Linux systems, but now it also infects Windows. https://www.nviso.eu/blog/nviso-analyzes-brickstorm-espionage-backdoor https://blog.nviso.eu/wp-content/uploads/2025/04/NVISO-BRICKSTORM-Report.pdf OpenAI GPT 4.1 Controversy OpenAI released its latest model, GPT 4.1, without a safety report and guardrails to prevent malware creation. https://opentools.ai/news/openai-stirs-controversy-with-gpt-41-release-lacking-safety-report

Desde el reloj
PriceBuddy, seguimiento de precios en Amazon y más

Desde el reloj

Play Episode Listen Later Apr 18, 2025 13:19


CamelCamelCamel, Keepa, bots de Telegram... todas son herramientas para ayudarnos a ahorrar, siguiendo los precios en distintas tiendas, sobre todo en Amazon. Nos faltaba una solución auto alojada, pero ya tenemos aquí PriceBuddy, un contenedor Docker muy interesante y en pleno desarrollo. Lo he montado y te cuento mi uso.

The Azure Security Podcast
Episode 111: Securing Agentic AI

The Azure Security Podcast

Play Episode Listen Later Apr 17, 2025 23:26 Transcription Available


In this episode Michael and Sarah talk with guest Amanda Minnich about securing agentic AI systems, the security challenges they face, and how to secure them.We also discuss Azure Security news about Azure File Sync, Docker support in Azure and a new series of Secure Future Initiative videos with appearances from Michael, Sarah, and various guests.

Atareao con Linux
ATA 688 Tu contenedor Docker podría estar muerto y tu sin enterarte

Atareao con Linux

Play Episode Listen Later Apr 17, 2025 20:56


el #healthcheck es una característica de #docker para conocer la salud de un servicio, porque tu contenedor puede estar corriendo y el servicio muertoEste es un tema que tendría que haber abordado hace mucho tiempo, pero que, como en otras cosas de la vida, vas dejando. Y al igual que sucede en la vida, no es que este tema no sea importante, que lo es, sino que lo vas dejando, porque como no pasa nada, pero ¿y cuando pasa?, entonces nos lamentamos. Como te decía, es lo mismo que sucede en la vida real con la salud, mientras tienes saludo, porque te tienes que cuidar, pero cuando llegan los problemas, es cuando nos comenzamos a preocupar. En este caso, no ha sido directamente por un problema con el que me he tropezado, si no por una molestia, de la que te he hablado en otras ocasiones, y que puede ser que haya encontrado una solución. Y todo ello gracías al Health Check de Docker. Una característica que nos ofrece Docker y que nos permite conocer la salud de nuestros contenedores. Por que si, un contenedor puede estar running pero el proceso muerto, y como te digo, tu sin enterarte.Más información y enlaces en las notas del episodio

Ardan Labs Podcast
Startups, AI, and Nectir with Jordan Long

Ardan Labs Podcast

Play Episode Listen Later Apr 16, 2025 86:21


In this episode, Bill Kennedy interviews Jordan Long, co-founder and CTO of Nectir. They discuss Jordan's journey from high school in Hawaii to college at UCSB, his early interests in music and technology, and the challenges he faced in finding his path. Jordan shares his experiences with entrepreneurship, including his initial idea for a rideshare platform and the eventual creation of Nectir, a platform designed to connect students in the same classes. The conversation highlights the importance of community and collaboration in education and the entrepreneurial spirit. 00:00 Introduction00:30 What is Jordan  Doing Today?05:00 Early Interests09:00 Discovering Entrepreneurship14:00 College Decisions20:00 Beginning of Nectir34:30 Becoming an Entrepreneur Full-Time41:00 Early Funding / Hiring59:50 Developing Nectir AI Assistant1:05:20 Learning Prompting and Chunking1:18:00 Building with AI in the Future1:24:20 Contact Info Connect with Jordan: Linkedin: https://www.linkedin.com/in/jordan-t-long/Mentioned in this Episode:Nectir: https://www.nectir.io/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

Building Abundant Success!!© with Sabrina-Marie
Episode 2579: Peter Docker ~ NBC Universal, Frm. Royal Air Force Senior Officer talks Mentoring & Leadership by "Leading From the Jumpseat"

Building Abundant Success!!© with Sabrina-Marie

Play Episode Listen Later Apr 10, 2025 33:17


Accenture, American Express, ASOS, EY, Four Seasons Hotels, Google, NBC Universal  are his clientsFrm Royal Air Force Senior Officer, Frm. International Negotiator for the UK Government,  executive coach. Google, Accenture, American Express His first book, 'Find Your Why: A Practical Guide for Discovering Purpose for You and Your Team', co-authored with Simon Sinek and David Mead. Peter gets up every day inspired to enable people to be extraordinary so that they can do extraordinary things. Collaborating with Simon Sinek for over 7 years, he was a founding Igniter and Implementation Specialist on the Start With Why team, teaching leaders and companies how to use the concept of Why."The first step is to distinguish leadership from management. “Management is about handling complexity,” explains Docker, while “leadership is about creating simplicity. It's about cutting through the noise, identifying what's really important, making it personal for people, bringing them together and connecting them.”  ~  Peter Docker in Venteur Magazine January 2023One of Peter's latest books, 'Leading from The Jumpseat: How to Create Extraordinary Opportunities by Handing Over Control'Peter's commercial and industry experience has been at the most senior levels in sectors including oil & gas, construction, mining, pharmaceuticals, banking, television, film, media, manufacturing and services - across more than 90 countries. His career has spanned professional pilot; leading an aviation training and standards organisation; teaching post-graduates at an international college; and running multi-billion dollar procurement projects. A former Royal Air Force senior officer, he has been a Force Commander during combat flying operations and has seen service across the world. He is a seasoned crisis manager, a former international negotiator for the UK Government and executive coach.© 2025 Building Abundant Success!!2025 All Rights ReservedJoin Me on ~ iHeart Media @ https://tinyurl.com/iHeartBASSpot Me on Spotify: https://tinyurl.com/yxuy23bAmazon Music ~ https://tinyurl.com/AmzBASAudacy:  https://tinyurl.com/BASAud

Atareao con Linux
ATA 686 Actualiza tus contenedores Docker SIN dolor. Dockge, Cup y Homepage

Atareao con Linux

Play Episode Listen Later Apr 10, 2025 24:32


Actualiza tus contenedores #docker de otra forma utilizando #dockge #cup y #homepage de forma sencilla y con todo el control en tus propias manosEl último episodio, el 685, titulado Adios Portainer. Dockge lo destrona, trajo varios comentarios, y uno de ellos me llamó la atención, porque hablaba de la posibilidad de desplegar los contenedores desde Portainer utilizando la sincronización con git. Esto me llevó a una auténtica madriguera de conejo. Estuve durante horas vagando entre distintos servicios y configuraciones, incluso me llevó a descubrir un servicio que desconocía y que me parece muy interesante. Y es que, tal y como comentaban, hay muchas herramientas que hacen lo mismo. O, mejor dicho, hay muchas herramientas que parecen hacer lo mismo. Y digo que parecen hacer lo mismo, porque cada una tiene sus particularidades, y están enfocadas en aspectos distintos. Y esto es precisamente lo que mas me gusta de este mundo. Hay desarrolladores, que por la razón que sea implementan una variante de un determinado servicio o aplicación, por que la original, por llamarla de alguna forma, no se adecua exactamente a sus necesidades. Y de esta manera puedes dar con justo la que tu buscas. Es cierto, que podrías pedirle al desarrollador original que implementara esa solución. Pero hay cientos de razones para que este no lo haga, desde que no está contemplado en su roadmap, pasando porque es algo muy particular tuyo. o que simplemente no quiere. Sea como fuere, esto me ha llevado a dar una vuelta a mi proceso de actualización de imágenes utilizando distintas herramientas, y esto es precisamente lo que te quiero contar.

Ardan Labs Podcast
Fathom, AI Transcripts, and Startups with Richard White

Ardan Labs Podcast

Play Episode Listen Later Apr 9, 2025 48:39


In this conversation, Richard White, founder and CEO of Fathom, discusses the evolution of AI in note-taking and transcription, the challenges of developing reliable meeting recording technology, and his early experiences with technology and entrepreneurship. He shares insights into the business model of Fathom, the importance of AI in enhancing productivity, and his personal journey from a tech-savvy high school student to a successful entrepreneur.00:00 Introduction00:30 What is Richard Doing Today?02:50 AI Transcription11:00 First Memory of a Computer13:00 Early Entrepreneur Experience15:30 College Experience27:45 Starting User Voice35:00 The Birth of Fathom39:00 Fathoms Searching Strategy46:00 Contact InfoConnect with Richard: Linkedin: https://www.linkedin.com/in/rrwhite/Mentioned in this Episode:Fathom: https://fathom.video/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

AFL Daily
Brad Scott's AFLHQ plea, Bolton meets his old side

AFL Daily

Play Episode Listen Later Apr 9, 2025 22:02


Nathan Schmook and Michael Whiting bring you the latest footy news on AFL Daily. Gather Round launches tonight at the Adelaide Oval with the Crows welcoming in Geelong, Izak Rankine will be given right up to the first bounce to prove his fitness. Brad Scott has launched back at AFLHQ pleading for support to offer coaches in the game. A fresh faced Docker has found his way into the "Thursday Great Man" spot while Shai Bolton is preparing for an onslaught against his old side this weekend. Subscribe to AFL Daily and never miss an episode. Rate and review wherever you listen to podcasts.See omnystudio.com/listener for privacy information.

Hot Girls Code
64. Cloud 101: What Every Developer Needs to Know

Hot Girls Code

Play Episode Listen Later Apr 8, 2025 23:09


You've probably heard about the cloud before, but do you know what it actually is? Spoiler alert: It's not a literal cloud!In this episode, we dive into exactly what the cloud is, why it's so important in tech, and how the cloud actually works. Because let's face it: the cloud can definitely be a broad, confusing topic. Even if you use the cloud everyday for storing your photos or documents, you might not know what's going on under the hood. Like what is AWS? What is a SaaS application? Where does the stuff actually live? Well, we answer all these important questions in this episode!New episodes come out fortnightly on Wednesday morning (NZT).Links from the episode:If you're wanting to learn more a bit more, check out Episode 24. Basics of InfrastructureIf you're wanting to learn more about Virtual Machines, check out Episode 52. Cloud Computing Fundamentals: Virtual Machines, Containers and Docker.Where to Find Us: ⁠Instagram⁠ Tik Tok ⁠⁠The Hot Girls Code Website⁠Sponsored by:Trade Me

Atareao con Linux
ATA 685 Adios Portainer. Dockge lo destrona

Atareao con Linux

Play Episode Listen Later Apr 7, 2025 27:53


#portainer ha sido el rey de la gestión de #docker via web en los últimos tiempos, pero hay otras opciones como por ejemplo #dockge que es mas sencilloComo sabes soy un amante de la terminal, mas que nada por la productividad que me ofrece. De esta forma, prácticamente todo lo hago desde la terminal, incluido por supuesto, escribir los guiones de los podcast como este. Así, desde el principio me acostumbré a utilizar Docker sin interfaz gráfico. Y sobre todo con Compose la cosa se volvió sinceramente muy sencilla. Sin embargo, no siempre tengo al alcance de mis dedos una terminal, y justo es en esas circunstancias cuando tengo algún problemilla y necesito realizar alguna operación sobre los servicios que tengo corriendo con Docker. De esta forma, he implementado varias estrategias para corregir ese tipo de situaciones como por ejemplo utilizar Semaphore tal y como te conté en el episodio 489 titulado Semaphore, ansible y hardening. Pero con todo y con eso, hay veces que me preferiría tener la terminal a mano, o incluso un interfaz gráfico para poder revisar lo que está sucediendo, y aquí es donde aparede Dockge, la herramienta de la que te voy a hablar en este episodio, la herramienta que ha conseguido destronar a Portainer en mi equipo.Más información y enlaces en las notas del episodio

Software Sessions
Brandon Liu on Protomaps

Software Sessions

Play Episode Listen Later Apr 6, 2025 59:57


Brandon Liu is an open source developer and creator of the Protomaps basemap project. We talk about how static maps help developers build sites that last, the PMTiles file format, the role of OpenStreetMap, and his experience funding and running an open source project full time. Protomaps Protomaps PMTiles (File format used by Protomaps) Self-hosted slippy maps, for novices (like me) Why Deploy Protomaps on a CDN User examples Flickr Pinball Map Toilet Map Related projects OpenStreetMap (Dataset protomaps is based on) Mapzen (Former company that released details on what to display based on zoom levels) Mapbox GL JS (Mapbox developed source available map rendering library) MapLibre GL JS (Open source fork of Mapbox GL JS) Other links HTTP range requests (MDN) Hilbert curve Transcript You can help correct transcripts on GitHub. Intro [00:00:00] Jeremy: I'm talking to Brandon Liu. He's the creator of Protomaps, which is a way to easily create and host your own maps. Let's get into it. [00:00:09] Brandon: Hey, so thanks for having me on the podcast. So I'm Brandon. I work on an open source project called Protomaps. What it really is, is if you're a front end developer and you ever wanted to put maps on a website or on a mobile app, then Protomaps is sort of an open source solution for doing that that I hope is something that's way easier to use than, um, a lot of other open source projects. Why not just use Google Maps? [00:00:36] Jeremy: A lot of people are gonna be familiar with Google Maps. Why should they worry about whether something's open source? Why shouldn't they just go and use the Google maps API? [00:00:47] Brandon: So Google Maps is like an awesome thing it's an awesome product. Probably one of the best tech products ever right? And just to have a map that tells you what restaurants are open and something that I use like all the time especially like when you're traveling it has all that data. And the most amazing part is that it's free for consumers but it's not necessarily free for developers. Like if you wanted to embed that map onto your website or app, that usually has an API cost which still has a free tier and is affordable. But one motivation, one basic reason to use open source is if you have some project that doesn't really fit into that pricing model. You know like where you have to pay the cost of Google Maps, you have a side project, a nonprofit, that's one reason. But there's lots of other reasons related to flexibility or customization where you might want to use open source instead. Protomaps examples [00:01:49] Jeremy: Can you give some examples where people have used Protomaps and where that made sense for them? [00:01:56] Brandon: I follow a lot of the use cases and I also don't know about a lot of them because I don't have an API where I can track a hundred percent of the users. Some of them use the hosted version, but I would say most of them probably use it on their own infrastructure. One of the cool projects I've been seeing is called Toilet Map. And what toilet map is if you're in the UK and you want find a public restroom then it maps out, sort of crowdsourced all of the public restrooms. And that's important for like a lot of people if they have health issues, they need to find that information. And just a lot of different projects in the same vein. There's another one called Pinball Map which is sort of a hobby project to find all the pinball machines in the world. And they wanted to have a customized map that fit in with their theme of pinball. So these sorts of really cool indie projects are the ones I'm most excited about. Basemaps vs Overlays [00:02:57] Jeremy: And if we talk about, like the pinball map as an example, there's this concept of a basemap and then there's the things that you lay on top of it. What is a basemap and then is the pinball locations is that part of it or is that something separate? [00:03:12] Brandon: It's usually something separate. The example I usually use is if you go to a real estate site, like Zillow, you'll open up the map of Seattle and it has a bunch of pins showing all the houses, and then it has some information beneath it. That information beneath it is like labels telling, this neighborhood is Capitol Hill, or there is a park here. But all that information is common to a lot of use cases and it's not specific to real estate. So I think usually that's the distinction people use in the industry between like a base map versus your overlay. The overlay is like the data for your product or your company while the base map is something you could get from Google or from Protomaps or from Apple or from Mapbox that kind of thing. PMTiles for hosting the basemap and overlays [00:03:58] Jeremy: And so Protomaps in particular is responsible for the base map, and that information includes things like the streets and the locations of landmarks and things like that. Where is all that information coming from? [00:04:12] Brandon: So the base map information comes from a project called OpenStreetMap. And I would also, point out that for Protomaps as sort of an ecosystem. You can also put your overlay data into a format called PMTiles, which is sort of the core of what Protomaps is. So it can really do both. It can transform your data into the PMTiles format which you can host and you can also host the base map. So you kind of have both of those sides of the product in one solution. [00:04:43] Jeremy: And so when you say you have both are you saying that the PMTiles file can have, the base map in one file and then you would have the data you're laying on top in another file? Or what are you describing there? [00:04:57] Brandon: That's usually how I recommend to do it. Oftentimes there'll be sort of like, a really big basemap 'cause it has all of that data about like where the rivers are. Or while, if you want to put your map of toilets or park benches or pickleball courts on top, that's another file. But those are all just like assets you can move around like JSON or CSV files. Statically Hosted [00:05:19] Jeremy: And I think one of the things you mentioned was that your goal was to make Protomaps or the, the use of these PMTiles files easy to use. What does that look like for, for a developer? I wanna host a map. What do I actually need to, to put on my servers? [00:05:38] Brandon: So my usual pitch is that basically if you know how to use S3 or cloud storage, that you know how to deploy a map. And that, I think is the main sort of differentiation from most open source projects. Like a lot of them, they call themselves like, like some sort of self-hosted solution. But I've actually avoided using the term self-hosted because I think in most cases that implies a lot of complexity. Like you have to log into a Linux server or you have to use Kubernetes or some sort of Docker thing. What I really want to emphasize is the idea that, for Protomaps, it's self-hosted in the same way like CSS is self-hosted. So you don't really need a service from Amazon to host the JSON files or CSV files. It's really just a static file. [00:06:32] Jeremy: When you say static file that means you could use any static web host to host your HTML file, your JavaScript that actually renders the map. And then you have your PMTiles files, and you're not running a process or anything, you're just putting your files on a static file host. [00:06:50] Brandon: Right. So I think if you're a developer, you can also argue like a static file server is a server. It's you know, it's the cloud, it's just someone else's computer. It's really just nginx under the hood. But I think static storage is sort of special. If you look at things like static site generators, like Jekyll or Hugo, they're really popular because they're a commodity or like the storage is a commodity. And you can take your blog, make it a Jekyll blog, hosted on S3. One day, Amazon's like, we're charging three times as much so you can move it to a different cloud provider. And that's all vendor neutral. So I think that's really the special thing about static storage as a primitive on the web. Why running servers is a problem for resilience [00:07:36] Jeremy: Was there a prior experience you had? Like you've worked with maps for a very long time. Were there particular difficulties you had where you said I just gotta have something that can be statically hosted? [00:07:50] Brandon: That's sort of exactly why I got into this. I've been working sort of in and around the map space for over a decade, and Protomaps is really like me trying to solve the same problem I've had over and over again in the past, just like once and forever right? Because like once this problem is solved, like I don't need to deal with it again in the future. So I've worked at a couple of different companies before, mostly as a contractor, for like a humanitarian nonprofit for a design company doing things like, web applications to visualize climate change. Or for even like museums, like digital signage for museums. And oftentimes they had some sort of data visualization component, but always sort of the challenge of how to like, store and also distribute like that data was something that there wasn't really great open source solutions. So just for map data, that's really what motivated that design for Protomaps. [00:08:55] Jeremy: And in those, those projects in the past, were those things where you had to run your own server, run your own database, things like that? [00:09:04] Brandon: Yeah. And oftentimes we did, we would spin up an EC2 instance, for maybe one client and then we would have to host this server serving map data forever. Maybe the client goes away, or I guess it's good for business if you can sign some sort of like long-term support for that client saying, Hey, you know, like we're done with a project, but you can pay us to maintain the EC2 server for the next 10 years. And that's attractive. but it's also sort of a pain, because usually what happens is if people are given the choice, like a developer between like either I can manage the server on EC2 or on Rackspace or Hetzner or whatever, or I can go pay a SaaS to do it. In most cases, businesses will choose to pay the SaaS. So that's really like what creates a sort of lock-in is this preference for like, so I have this choice between like running the server or paying the SaaS. Like businesses will almost always go and pay the SaaS. [00:10:05] Jeremy: Yeah. And in this case, you either find some kind of free hosting or low-cost hosting just to host your files and you upload the files and then you're good from there. You don't need to maintain anything. [00:10:18] Brandon: Exactly, and that's really the ideal use case. so I have some users these, climate science consulting agencies, and then they might have like a one-off project where they have to generate the data once, but instead of having to maintain this server for the lifetime of that project, they just have a file on S3 and like, who cares? If that costs a couple dollars a month to run, that's fine, but it's not like S3 is gonna be deprecated, like it's gonna be on an insecure version of Ubuntu or something. So that's really the ideal, set of constraints for using Protomaps. [00:10:58] Jeremy: Yeah. Something this also makes me think about is, is like the resilience of sites like remaining online, because I, interviewed, Kyle Drake, he runs Neocities, which is like a modern version of GeoCities. And if I remember correctly, he was mentioning how a lot of old websites from that time, if they were running a server backend, like they were running PHP or something like that, if you were to try to go to those sites, now they're like pretty much all dead because there needed to be someone dedicated to running a Linux server, making sure things were patched and so on and so forth. But for static sites, like the ones that used to be hosted on GeoCities, you can go to the internet archive or other websites and they were just files, right? You can bring 'em right back up, and if anybody just puts 'em on a web server, then you're good. They're still alive. Case study of news room preferring static hosting [00:11:53] Brandon: Yeah, exactly. One place that's kind of surprising but makes sense where this comes up, is for newspapers actually. Some of the users using Protomaps are the Washington Post. And the reason they use it, is not necessarily because they don't want to pay for a SaaS like Google, but because if they make an interactive story, they have to guarantee that it still works in a couple of years. And that's like a policy decision from like the editorial board, which is like, so you can't write an article if people can't view it in five years. But if your like interactive data story is reliant on a third party, API and that third party API becomes deprecated, or it changes the pricing or it, you know, it gets acquired, then your journalism story is not gonna work anymore. So I have seen really good uptake among local news rooms and even big ones to use things like Protomaps just because it makes sense for the requirements. Working on Protomaps as an open source project for five years [00:12:49] Jeremy: How long have you been working on Protomaps and the parts that it's made up of such as PMTiles? [00:12:58] Brandon: I've been working on it for about five years, maybe a little more than that. It's sort of my pandemic era project. But the PMTiles part, which is really the heart of it only came in about halfway. Why not make a SaaS? [00:13:13] Brandon: So honestly, like when I first started it, I thought it was gonna be another SaaS and then I looked at it and looked at what the environment was around it. And I'm like, uh, so I don't really think I wanna do that. [00:13:24] Jeremy: When, when you say you looked at the environment around it what do you mean? Why did you decide not to make it a SaaS? [00:13:31] Brandon: Because there already is a lot of SaaS out there. And I think the opportunity of making something that is unique in terms of those use cases, like I mentioned like newsrooms, was clear. Like it was clear that there was some other solution, that could be built that would fit these needs better while if it was a SaaS, there are plenty of those out there. And I don't necessarily think that they're well differentiated. A lot of them all use OpenStreetMap data. And it seems like they mainly compete on price. It's like who can build the best three column pricing model. And then once you do that, you need to build like billing and metrics and authentication and like those problems don't really interest me. So I think, although I acknowledge sort of the indie hacker ethos now is to build a SaaS product with a monthly subscription, that's something I very much chose not to do, even though it is for sure like the best way to build a business. [00:14:29] Jeremy: Yeah, I mean, I think a lot of people can appreciate that perspective because it's, it's almost like we have SaaS overload, right? Where you have so many little bills for your project where you're like, another $5 a month, another $10 a month, or if you're a business, right? Those, you add a bunch of zeros and at some point it's just how many of these are we gonna stack on here? [00:14:53] Brandon: Yeah. And honestly. So I really think like as programmers, we're not really like great at choosing how to spend money like a $10 SaaS. That's like nothing. You know? So I can go to Starbucks and I can buy a pumpkin spice latte, and that's like $10 basically now, right? And it's like I'm able to make that consumer choice in like an instant just to spend money on that. But then if you're like, oh, like spend $10 on a SaaS that somebody put a lot of work into, then you're like, oh, that's too expensive. I could just do it myself. So I'm someone that also subscribes to a lot of SaaS products. and I think for a lot of things it's a great fit. Many open source SaaS projects are not easy to self host [00:15:37] Brandon: But there's always this tension between an open source project that you might be able to run yourself and a SaaS. And I think a lot of projects are at different parts of the spectrum. But for Protomaps, it's very much like I'm trying to move maps to being it is something that is so easy to run yourself that anyone can do it. [00:16:00] Jeremy: Yeah, and I think you can really see it with, there's a few SaaS projects that are successful and they're open source, but then you go to look at the self-hosting instructions and it's either really difficult to find and you find it, and then the instructions maybe don't work, or it's really complicated. So I think doing the opposite with Protomaps. As a user, I'm sure we're all appreciative, but I wonder in terms of trying to make money, if that's difficult. [00:16:30] Brandon: No, for sure. It is not like a good way to make money because I think like the ideal situation for an open source project that is open that wants to make money is the product itself is fundamentally complicated to where people are scared to run it themselves. Like a good example I can think of is like Supabase. Supabase is sort of like a platform as a service based on Postgres. And if you wanted to run it yourself, well you need to run Postgres and you need to handle backups and authentication and logging, and that stuff all needs to work and be production ready. So I think a lot of people, like they don't trust themselves to run database backups correctly. 'cause if you get it wrong once, then you're kind of screwed. So I think that fundamental aspect of the product, like a database is something that is very, very ripe for being a SaaS while still being open source because it's fundamentally hard to run. Another one I can think of is like tailscale, which is, like a VPN that works end to end. That's something where, you know, it has this networking complexity where a lot of developers don't wanna deal with that. So they'd happily pay, for tailscale as a service. There is a lot of products or open source projects that eventually end up just changing to becoming like a hosted service. Businesses going from open source to closed or restricted licenses [00:17:58] Brandon: But then in that situation why would they keep it open source, right? Like, if it's easy to run yourself well, doesn't that sort of cannibalize their business model? And I think that's really the tension overall in these open source companies. So you saw it happen to things like Elasticsearch to things like Terraform where they eventually change the license to one that makes it difficult for other companies to compete with them. [00:18:23] Jeremy: Yeah, I mean there's been a number of cases like that. I mean, specifically within the mapping community, one I can think of was Mapbox's. They have Mapbox gl. Which was a JavaScript client to visualize maps and they moved from, I forget which license they picked, but they moved to a much more restrictive license. I wonder what your thoughts are on something that releases as open source, but then becomes something maybe a little more muddy. [00:18:55] Brandon: Yeah, I think it totally makes sense because if you look at their business and their funding, it seems like for Mapbox, I haven't used it in a while, but my understanding is like a lot of their business now is car companies and doing in dash navigation. And that is probably way better of a business than trying to serve like people making maps of toilets. And I think sort of the beauty of it is that, so Mapbox, the story is they had a JavaScript renderer called Mapbox GL JS. And they changed that to a source available license a couple years ago. And there's a fork of it that I'm sort of involved in called MapLibre GL. But I think the cool part is Mapbox paid employees for years, probably millions of dollars in total to work on this thing and just gave it away for free. Right? So everyone can benefit from that work they did. It's not like that code went away, like once they changed the license. Well, the old version has been forked. It's going its own way now. It's quite different than the new version of Mapbox, but I think it's extremely generous that they're able to pay people for years, you know, like a competitive salary and just give that away. [00:20:10] Jeremy: Yeah, so we should maybe look at it as, it was a gift while it was open source, and they've given it to the community and they're on continuing on their own path, but at least the community running Map Libre, they can run with it, right? It's not like it just disappeared. [00:20:29] Brandon: Yeah, exactly. And that is something that I use for Protomaps quite extensively. Like it's the primary way of showing maps on the web and I've been trying to like work on some enhancements to it to have like better internationalization for if you are in like South Asia like not show languages correctly. So I think it is being taken in a new direction. And I think like sort of the combination of Protomaps and MapLibre, it addresses a lot of use cases, like I mentioned earlier with like these like hobby projects, indie projects that are almost certainly not interesting to someone like Mapbox or Google as a business. But I'm happy to support as a small business myself. Financially supporting open source work (GitHub sponsors, closed source, contracts) [00:21:12] Jeremy: In my previous interview with Tom, one of the main things he mentioned was that creating a mapping business is incredibly difficult, and he said he probably wouldn't do it again. So in your case, you're building Protomaps, which you've admitted is easy to self-host. So there's not a whole lot of incentive for people to pay you. How is that working out for you? How are you supporting yourself? [00:21:40] Brandon: There's a couple of strategies that I've tried and oftentimes failed at. Just to go down the list, so I do have GitHub sponsors so I do have a hosted version of Protomaps you can use if you don't want to bother copying a big file around. But the way I do the billing for that is through GitHub sponsors. If you wanted to use this thing I provide, then just be a sponsor. And that definitely pays for itself, like the cost of running it. And that's great. GitHub sponsors is so easy to set up. It just removes you having to deal with Stripe or something. 'cause a lot of people, their credit card information is already in GitHub. GitHub sponsors I think is awesome if you want to like cover costs for a project. But I think very few people are able to make that work. A thing that's like a salary job level. It's sort of like Twitch streaming, you know, there's a handful of people that are full-time streamers and then you look down the list on Twitch and it's like a lot of people that have like 10 viewers. But some of the other things I've tried, I actually started out, publishing the base map as a closed source thing, where I would sell sort of like a data package instead of being a SaaS, I'd be like, here's a one-time download, of the premium data and you can buy it. And quite a few people bought it I just priced it at like $500 for this thing. And I thought that was an interesting experiment. The main reason it's interesting is because the people that it attracts to you in terms of like, they're curious about your products, are all people willing to pay money. While if you start out everything being open source, then the people that are gonna be try to do it are only the people that want to get something for free. So what I discovered is actually like once you transition that thing from closed source to open source, a lot of the people that used to pay you money will still keep paying you money because like, it wasn't necessarily that that closed source thing was why they wanted to pay. They just valued that thought you've put into it your expertise, for example. So I think that is one thing, that I tried at the beginning was just start out, closed source proprietary, then make it open source. That's interesting to people. Like if you release something as open source, if you go the other way, like people are really mad if you start out with something open source and then later on you're like, oh, it's some other license. Then people are like that's so rotten. But I think doing it the other way, I think is quite valuable in terms of being able to find an audience. [00:24:29] Jeremy: And when you said it was closed source and paid to open source, do you still sell those map exports? [00:24:39] Brandon: I don't right now. It's something that I might do in the future, you know, like have small customizations of the data that are available, uh, for a fee. still like the core OpenStreetMap based map that's like a hundred gigs you can just download. And that'll always just be like a free download just because that's already out there. All the source code to build it is open source. So even if I said, oh, you have to pay for it, then someone else can just do it right? So there's no real reason like to make that like some sort of like paywall thing. But I think like overall if the project is gonna survive in the long term it's important that I'd ideally like to be able to like grow like a team like have a small group of people that can dedicate the time to growing the project in the long term. But I'm still like trying to figure that out right now. [00:25:34] Jeremy: And when you mentioned that when you went from closed to open and people were still paying you, you don't sell a product anymore. What were they paying for? [00:25:45] Brandon: So I have some contracts with companies basically, like if they need a feature or they need a customization in this way then I am very open to those. And I sort of set it up to make it clear from the beginning that this is not just a free thing on GitHub, this is something that you could pay for if you need help with it, if you need support, if you wanted it. I'm also a little cagey about the word support because I think like it sounds a little bit too wishy-washy. Pretty much like if you need access to the developers of an open source project, I think that's something that businesses are willing to pay for. And I think like making that clear to potential users is a challenge. But I think that is one way that you might be able to make like a living out of open source. [00:26:35] Jeremy: And I think you said you'd been working on it for about five years. Has that mostly been full time? [00:26:42] Brandon: It's been on and off. it's sort of my pandemic era project. But I've spent a lot of time, most of my time working on the open source project at this point. So I have done some things that were more just like I'm doing a customization or like a private deployment for some client. But that's been a minority of the time. Yeah. [00:27:03] Jeremy: It's still impressive to have an open source project that is easy to self-host and yet is still able to support you working on it full time. I think a lot of people might make the assumption that there's nothing to sell if something is, is easy to use. But this sort of sounds like a counterpoint to that. [00:27:25] Brandon: I think I'd like it to be. So when you come back to the point of like, it being easy to self-host. Well, so again, like I think about it as like a primitive of the web. Like for example, if you wanted to start a business today as like hosted CSS files, you know, like where you upload your CSS and then you get developers to pay you a monthly subscription for how many times they fetched a CSS file. Well, I think most developers would be like, that's stupid because it's just an open specification, you just upload a static file. And really my goal is to make Protomaps the same way where it's obvious that there's not really some sort of lock-in or some sort of secret sauce in the server that does this thing. How PMTiles works and building a primitive of the web [00:28:16] Brandon: If you look at video for example, like a lot of the tech for how Protomaps and PMTiles works is based on parts of the HTTP spec that were made for video. And 20 years ago, if you wanted to host a video on the web, you had to have like a real player license or flash. So you had to go license some server software from real media or from macromedia so you could stream video to a browser plugin. But now in HTML you can just embed a video file. And no one's like, oh well I need to go pay for my video serving license. I mean, there is such a thing, like YouTube doesn't really use that for DRM reasons, but people just have the assumption that video is like a primitive on the web. So if we're able to make maps sort of that same way like a primitive on the web then there isn't really some obvious business or licensing model behind how that works. Just because it's a thing and it helps a lot of people do their jobs and people are happy using it. So why bother? [00:29:26] Jeremy: You mentioned that it a tech that was used for streaming video. What tech specifically is it? [00:29:34] Brandon: So it is byte range serving. So when you open a video file on the web, So let's say it's like a 100 megabyte video. You don't have to download the entire video before it starts playing. It streams parts out of the file based on like what frames... I mean, it's based on the frames in the video. So it can start streaming immediately because it's organized in a way to where the first few frames are at the beginning. And what PMTiles really is, is it's just like a video but in space instead of time. So it's organized in a way where these zoomed out views are at the beginning and the most zoomed in views are at the end. So when you're like panning or zooming in the map all you're really doing is fetching byte ranges out of that file the same way as a video. But it's organized in, this tiled way on a space filling curve. IIt's a little bit complicated how it works internally and I think it's kind of cool but that's sort of an like an implementation detail. [00:30:35] Jeremy: And to the person deploying it, it just looks like a single file. [00:30:40] Brandon: Exactly in the same way like an mp3 audio file is or like a JSON file is. [00:30:47] Jeremy: So with a video, I can sort of see how as someone seeks through the video, they start at the beginning and then they go to the middle if they wanna see the middle. For a map, as somebody scrolls around the map, are you seeking all over the file or is the way it's structured have a little less chaos? [00:31:09] Brandon: It's structured. And that's kind of the main technical challenge behind building PMTiles is you have to be sort of clever so you're not spraying the reads everywhere. So it uses something called a hilbert curve, which is a mathematical concept of a space filling curve. Where it's one continuous curve that essentially lets you break 2D space into 1D space. So if you've seen some maps of IP space, it uses this crazy looking curve that hits all the points in one continuous line. And that's the same concept behind PMTiles is if you're looking at one part of the world, you're sort of guaranteed that all of those parts you're looking at are quite close to each other and the data you have to transfer is quite minimal, compared to if you just had it at random. [00:32:02] Jeremy: How big do the files get? If I have a PMTiles of the entire world, what kind of size am I looking at? [00:32:10] Brandon: Right now, the default one I distribute is 128 gigabytes, so it's quite sizable, although you can slice parts out of it remotely. So if you just wanted. if you just wanted California or just wanted LA or just wanted only a couple of zoom levels, like from zero to 10 instead of zero to 15, there is a command line tool that's also called PMTiles that lets you do that. Issues with CDNs and range queries [00:32:35] Jeremy: And when you're working with files of this size, I mean, let's say I am working with a CDN in front of my application. I'm not typically accustomed to hosting something that's that large and something that's where you're seeking all over the file. is that, ever an issue or is that something that's just taken care of by the browser and, and taken care of by, by the hosts? [00:32:58] Brandon: That is an issue actually, so a lot of CDNs don't deal with it correctly. And my recommendation is there is a kind of proxy server or like a serverless proxy thing that I wrote. That runs on like cloudflare workers or on Docker that lets you proxy those range requests into a normal URL and then that is like a hundred percent CDN compatible. So I would say like a lot of the big commercial installations of this thing, they use that because it makes more practical sense. It's also faster. But the idea is that this solution sort of scales up and scales down. If you wanted to host just your city in like a 10 megabyte file, well you can just put that into GitHub pages and you don't have to worry about it. If you want to have a global map for your website that serves a ton of traffic then you probably want a little bit more sophisticated of a solution. It still does not require you to run a Linux server, but it might require (you) to use like Lambda or Lambda in conjunction with like a CDN. [00:34:09] Jeremy: Yeah. And that sort of ties into what you were saying at the beginning where if you can host on something like CloudFlare Workers or Lambda, there's less time you have to spend keeping these things running. [00:34:26] Brandon: Yeah, exactly. and I think also the Lambda or CloudFlare workers solution is not perfect. It's not as perfect as S3 or as just static files, but in my experience, it still is better at building something that lasts on the time span of years than being like I have a server that is on this Ubuntu version and in four years there's all these like security patches that are not being applied. So it's still sort of serverless, although not totally vendor neutral like S3. Customizing the map [00:35:03] Jeremy: We've mostly been talking about how you host the map itself, but for someone who's not familiar with these kind of tools, how would they be customizing the map? [00:35:15] Brandon: For customizing the map there is front end style customization and there's also data customization. So for the front end if you wanted to change the water from the shade of blue to another shade of blue there is a TypeScript API where you can customize it almost like a text editor color scheme. So if you're able to name a bunch of colors, well you can customize the map in that way you can change the fonts. And that's all done using MapLibre GL using a TypeScript API on top of that for customizing the data. So all the pipeline to generate this data from OpenStreetMap is open source. There is a Java program using a library called PlanetTiler which is awesome, which is this super fast multi-core way of building map tiles. And right now there isn't really great hooks to customize what data goes into that. But that's something that I do wanna work on. And finally, because the data comes from OpenStreetMap if you notice data that's missing or you wanted to correct data in OSM then you can go into osm.org. You can get involved in contributing the data to OSM and the Protomaps build is daily. So if you make a change, then within 24 hours you should see the new base map. Have that change. And of course for OSM your improvements would go into every OSM based project that is ingesting that data. So it's not a protomap specific thing. It's like this big shared data source, almost like Wikipedia. OpenStreetMap is a dataset and not a map [00:37:01] Jeremy: I think you were involved with OpenStreetMap to some extent. Can you speak a little bit to that for people who aren't familiar, what OpenStreetMap is? [00:37:11] Brandon: Right. So I've been using OSM as sort of like a tools developer for over a decade now. And one of the number one questions I get from developers about what is Protomaps is why wouldn't I just use OpenStreetMap? What's the distinction between Protomaps and OpenStreetMap? And it's sort of like this funny thing because even though OSM has map in the name it's not really a map in that you can't... In that it's mostly a data set and not a map. It does have a map that you can see that you can pan around to when you go to the website but the way that thing they show you on the website is built is not really that easily reproducible. It involves a lot of c++ software you have to run. But OpenStreetMap itself, the heart of it is almost like a big XML file that has all the data in the map and global. And it has tagged features for example. So you can go in and edit that. It has a web front end to change the data. It does not directly translate into making a map actually. Protomaps decides what shows at each zoom level [00:38:24] Brandon: So a lot of the pipeline, that Java program I mentioned for building this basemap for protomaps is doing things like you have to choose what data you show when you zoom out. You can't show all the data. For example when you're zoomed out and you're looking at all of a state like Colorado you don't see all the Chipotle when you're zoomed all the way out. That'd be weird, right? So you have to make some sort of decision in logic that says this data only shows up at this zoom level. And that's really what is the challenge in optimizing the size of that for the Protomaps map project. [00:39:03] Jeremy: Oh, so those decisions of what to show at different Zoom levels those are decisions made by you when you're creating the PMTiles file with Protomaps. [00:39:14] Brandon: Exactly. It's part of the base maps build pipeline. and those are honestly very subjective decisions. Who really decides when you're zoomed out should this hospital show up or should this museum show up nowadays in Google, I think it shows you ads. Like if someone pays for their car repair shop to show up when you're zoomed out like that that gets surfaced. But because there is no advertising auction in Protomaps that doesn't happen obviously. So we have to sort of make some reasonable choice. A lot of that right now in Protomaps actually comes from another open source project called Mapzen. So Mapzen was a company that went outta business a couple years ago. They did a lot of this work in designing which data shows up at which Zoom level and open sourced it. And then when they shut down, they transferred that code into the Linux Foundation. So it's this totally open source project, that like, again, sort of like Mapbox gl has this awesome legacy in that this company funded it for years for smart people to work on it and now it's just like a free thing you can use. So the logic in Protomaps is really based on mapzen. [00:40:33] Jeremy: And so the visualization of all this... I think I understand what you mean when people say oh, why not use OpenStreetMaps because it's not really clear it's hard to tell is this the tool that's visualizing the data? Is it the data itself? So in the case of using Protomaps, it sounds like Protomaps itself has all of the data from OpenStreetMap and then it has made all the decisions for you in terms of what to show at different Zoom levels and what things to have on the map at all. And then finally, you have to have a separate, UI layer and in this case, it sounds like the one that you recommend is the Map Libre library. [00:41:18] Brandon: Yeah, that's exactly right. For Protomaps, it has a portion or a subset of OSM data. It doesn't have all of it just because there's too much, like there's data in there. people have mapped out different bushes and I don't include that in Protomaps if you wanted to go in and edit like the Java code to add that you can. But really what Protomaps is positioned at is sort of a solution for developers that want to use OSM data to make a map on their app or their website. because OpenStreetMap itself is mostly a data set, it does not really go all the way to having an end-to-end solution. Financials and the idea of a project being complete [00:41:59] Jeremy: So I think it's great that somebody who wants to make a map, they have these tools available, whether it's from what was originally built by Mapbox, what's built by Open StreetMap now, the work you're doing with Protomaps. But I wonder one of the things that I talked about with Tom was he was saying he was trying to build this mapping business and based on the financials of what was coming in he was stressed, right? He was struggling a bit. And I wonder for you, you've been working on this open source project for five years. Do you have similar stressors or do you feel like I could keep going how things are now and I feel comfortable? [00:42:46] Brandon: So I wouldn't say I'm a hundred percent in one bucket or the other. I'm still seeing it play out. One thing, that I really respect in a lot of open source projects, which I'm not saying I'm gonna do for Protomaps is the idea that a project is like finished. I think that is amazing. If a software project can just be done it's sort of like a painting or a novel once you write, finish the last page, have it seen by the editor. I send it off to the press is you're done with a book. And I think one of the pains of software is so few of us can actually do that. And I don't know obviously people will say oh the map is never finished. That's more true of OSM, but I think like for Protomaps. One thing I'm thinking about is how to limit the scope to something that's quite narrow to where we could be feature complete on the core things in the near term timeframe. That means that it does not address a lot of things that people want. Like search, like if you go to Google Maps and you search for a restaurant, you will get some hits. that's like a geocoding issue. And I've already decided that's totally outta scope for Protomaps. So, in terms of trying to think about the future of this, I'm mostly looking for ways to cut scope if possible. There are some things like better tooling around being able to work with PMTiles that are on the roadmap. but for me, I am still enjoying working on the project. It's definitely growing. So I can see on NPM downloads I can see the growth curve of people using it and that's really cool. So I like hearing about when people are using it for cool projects. So it seems to still be going okay for now. [00:44:44] Jeremy: Yeah, that's an interesting perspective about how you were talking about projects being done. Because I think when people look at GitHub projects and they go like, oh, the last commit was X months ago. They go oh well this is dead right? But maybe that's the wrong framing. Maybe you can get a project to a point where it's like, oh, it's because it doesn't need to be updated. [00:45:07] Brandon: Exactly, yeah. Like I used to do a lot of c++ programming and the best part is when you see some LAPACK matrix math library from like 1995 that still works perfectly in c++ and you're like, this is awesome. This is the one I have to use. But if you're like trying to use some like React component library and it hasn't been updated in like a year, you're like, oh, that's a problem. So again, I think there's some middle ground between those that I'm trying to find. I do like for Protomaps, it's quite dependency light in terms of the number of hard dependencies I have in software. but I do still feel like there is a lot of work to be done in terms of project scope that needs to have stuff added. You mostly only hear about problems instead of people's wins [00:45:54] Jeremy: Having run it for this long. Do you have any thoughts on running an open source project in general? On dealing with issues or managing what to work on things like that? [00:46:07] Brandon: Yeah. So I have a lot. I think one thing people point out a lot is that especially because I don't have a direct relationship with a lot of the people using it a lot of times I don't even know that they're using it. Someone sent me a message saying hey, have you seen flickr.com, like the photo site? And I'm like, no. And I went to flickr.com/map and it has Protomaps for it. And I'm like, I had no idea. But that's cool, if they're able to use Protomaps for this giant photo sharing site that's awesome. But that also means I don't really hear about when people use it successfully because you just don't know, I guess they, NPM installed it and it works perfectly and you never hear about it. You only hear about people's negative experiences. You only hear about people that come and open GitHub issues saying this is totally broken, and why doesn't this thing exist? And I'm like, well, it's because there's an infinite amount of things that I want to do, but I have a finite amount of time and I just haven't gone into that yet. And that's honestly a lot of the things and people are like when is this thing gonna be done? So that's, that's honestly part of why I don't have a public roadmap because I want to avoid that sort of bickering about it. I would say that's one of my biggest frustrations with running an open source project is how it's self-selected to only hear the negative experiences with it. Be careful what PRs you accept [00:47:32] Brandon: 'cause you don't hear about those times where it works. I'd say another thing is it's changed my perspective on contributing to open source because I think when I was younger or before I had become a maintainer I would open a pull request on a project unprompted that has a hundred lines and I'd be like, Hey, just merge this thing. But I didn't realize when I was younger well if I just merge it and I disappear, then the maintainer is stuck with what I did forever. You know if I add some feature then that person that maintains the project has to do that indefinitely. And I think that's very asymmetrical and it's changed my perspective a lot on accepting open source contributions. I wanna have it be open to anyone to contribute. But there is some amount of back and forth where it's almost like the default answer for should I accept a PR is no by default because you're the one maintaining it. And do you understand the shape of that solution completely to where you're going to support it for years because the person that's contributing it is not bound to those same obligations that you are. And I think that's also one of the things where I have a lot of trepidation around open source is I used to think of it as a lot more bazaar-like in terms of anyone can just throw their thing in. But then that creates a lot of problems for the people who are expected out of social obligation to continue this thing indefinitely. [00:49:23] Jeremy: Yeah, I can totally see why that causes burnout with a lot of open source maintainers, because you probably to some extent maybe even feel some guilt right? You're like, well, somebody took the time to make this. But then like you said you have to spend a lot of time trying to figure out is this something I wanna maintain long term? And one wrong move and it's like, well, it's in here now. [00:49:53] Brandon: Exactly. To me, I think that is a very common failure mode for open source projects is they're too liberal in the things they accept. And that's a lot of why I was talking about how that choice of what features show up on the map was inherited from the MapZen projects. If I didn't have that then somebody could come in and say hey, you know, I want to show power lines on the map. And they open a PR for power lines and now everybody who's using Protomaps when they're like zoomed out they see power lines are like I didn't want that. So I think that's part of why a lot of open source projects eventually evolve into a plugin system is because there is this demand as the project grows for more and more features. But there is a limit in the maintainers. It's like the demand for features is exponential while the maintainer amount of time and effort is linear. Plugin systems might reduce need for PRs [00:50:56] Brandon: So maybe the solution to smash that exponential down to quadratic maybe is to add a plugin system. But I think that is one of the biggest tensions that only became obvious to me after working on this for a couple of years. [00:51:14] Jeremy: Is that something you're considering doing now? [00:51:18] Brandon: Is the plugin system? Yeah. I think for the data customization, I eventually wanted to have some sort of programmatic API to where you could declare a config file that says I want ski routes. It totally makes sense. The power lines example is maybe a little bit obscure but for example like a skiing app and you want to be able to show ski slopes when you're zoomed out well you're not gonna be able to get that from Mapbox or from Google because they have a one size fits all map that's not specialized to skiing or to golfing or to outdoors. But if you like, in theory, you could do this with Protomaps if you changed the Java code to show data at different zoom levels. And that is to me what makes the most sense for a plugin system and also makes the most product sense because it enables a lot of things you cannot do with the one size fits all map. [00:52:20] Jeremy: It might also increase the complexity of the implementation though, right? [00:52:25] Brandon: Yeah, exactly. So that's like. That's really where a lot of the terrifying thoughts come in, which is like once you create this like config file surface area, well what does that look like? Is that JSON? Is that TOML, is that some weird like everything eventually evolves into some scripting language right? Where you have logic inside of your templates and I honestly do not really know what that looks like right now. That feels like something in the medium term roadmap. [00:52:58] Jeremy: Yeah and then in terms of bug reports or issues, now it's not just your code it's this exponential combination of whatever people put into these config files. [00:53:09] Brandon: Exactly. Yeah. so again, like I really respect the projects that have done this well or that have done plugins well. I'm trying to think of some, I think obsidian has plugins, for example. And that seems to be one of the few solutions to try and satisfy the infinite desire for features with the limited amount of maintainer time. Time split between code vs triage vs talking to users [00:53:36] Jeremy: How would you say your time is split between working on the code versus issue and PR triage? [00:53:43] Brandon: Oh, it varies really. I think working on the code is like a minority of it. I think something that I actually enjoy is talking to people, talking to users, getting feedback on it. I go to quite a few conferences to talk to developers or people that are interested and figure out how to refine the message, how to make it clearer to people, like what this is for. And I would say maybe a plurality of my time is spent dealing with non-technical things that are neither code or GitHub issues. One thing I've been trying to do recently is talk to people that are not really in the mapping space. For example, people that work for newspapers like a lot of them are front end developers and if you ask them to run a Linux server they're like I have no idea. But that really is like one of the best target audiences for Protomaps. So I'd say a lot of the reality of running an open source project is a lot like a business is it has all the same challenges as a business in terms of you have to figure out what is the thing you're offering. You have to deal with people using it. You have to deal with feedback, you have to deal with managing emails and stuff. I don't think the payoff is anywhere near running a business or a startup that's backed by VC money is but it's definitely not the case that if you just want to code, you should start an open source project because I think a lot of the work for an opensource project has nothing to do with just writing the code. It is in my opinion as someone having done a VC backed business before, it is a lot more similar to running, a tech company than just putting some code on GitHub. Running a startup vs open source project [00:55:43] Jeremy: Well, since you've done both at a high level what did you like about running the company versus maintaining the open source project? [00:55:52] Brandon: So I have done some venture capital accelerator programs before and I think there is an element of hype and energy that you get from that that is self perpetuating. Your co-founder is gungho on like, yeah, we're gonna do this thing. And your investors are like, you guys are geniuses. You guys are gonna make a killing doing this thing. And the way it's framed is sort of obvious to everyone that it's like there's a much more traditional set of motivations behind that, that people understand while it's definitely not the case for running an open source project. Sometimes you just wake up and you're like what the hell is this thing for, it is this thing you spend a lot of time on. You don't even know who's using it. The people that use it and make a bunch of money off of it they know nothing about it. And you know, it's just like cool. And then you only hear from people that are complaining about it. And I think like that's honestly discouraging compared to the more clear energy and clearer motivation and vision behind how most people think about a company. But what I like about the open source project is just the lack of those constraints you know? Where you have a mandate that you need to have this many customers that are paying by this amount of time. There's that sort of pressure on delivering a business result instead of just making something that you're proud of that's simple to use and has like an elegant design. I think that's really a difference in motivation as well. Having control [00:57:50] Jeremy: Do you feel like you have more control? Like you mentioned how you've decided I'm not gonna make a public roadmap. I'm the sole developer. I get to decide what goes in. What doesn't. Do you feel like you have more control in your current position than you did running the startup? [00:58:10] Brandon: Definitely for sure. Like that agency is what I value the most. It is possible to go too far. Like, so I'm very wary of the BDFL title, which I think is how a lot of open source projects succeed. But I think there is some element of for a project to succeed there has to be somebody that makes those decisions. Sometimes those decisions will be wrong and then hopefully they can be rectified. But I think going back to what I was talking about with scope, I think the overall vision and the scope of the project is something that I am very opinionated about in that it should do these things. It shouldn't do these things. It should be easy to use for this audience. Is it gonna be appealing to this other audience? I don't know. And I think that is really one of the most important parts of that leadership role, is having the power to decide we're doing this, we're not doing this. I would hope other developers would be able to get on board if they're able to make good use of the project, if they use it for their company, if they use it for their business, if they just think the project is cool. So there are other contributors at this point and I want to get more involved. But I think being able to make those decisions to what I believe is going to be the best project is something that is very special about open source, that isn't necessarily true about running like a SaaS business. [00:59:50] Jeremy: I think that's a good spot to end it on, so if people want to learn more about Protomaps or they wanna see what you're up to, where should they head? [01:00:00] Brandon: So you can go to Protomaps.com, GitHub, or you can find me or Protomaps on bluesky or Mastodon. [01:00:09] Jeremy: All right, Brandon, thank you so much for chatting today. [01:00:12] Brandon: Great. Thank you very much.

Software Defined Talk
Episode 513: Put On A Musical

Software Defined Talk

Play Episode Listen Later Apr 4, 2025 47:50


This week, we discuss the shifting world of observability, the nightmare of “Configuration Hell,” and OpenAI's latest valuation. Plus, a surprise Broadway musical review! Runner-up Titles We say we're friends, but I don't really know them Observability 2025 I don't have any sympathy for anyone If you want to win observability, put on a musical Just is THE trigger word It's a well-known Hell The blog posts are making me angry Rundown CISO MUSICAL | Official Broadway Trailer (https://www.youtube.com/watch?v=4W17F9Ho_38) Monitoring is back Observability 3.0 - bitdrift Blog (https://blog.bitdrift.io/post/observability-3-0) Another observability 3.0 appears on the horizon (https://charity.wtf/2025/03/24/another-observability-3-0-appears-on-the-horizon/) ControlTheory Secures $5M Seed Funding to Bring Controllability to Observability (https://www.controltheory.com/blog/controltheory-secures-5m-seed-funding-to-bring-controllability-to-observability/) What is (https://www.controltheory.com/blog/what-is-controllability/) Cloud veterans launch ConfigHub to fix 'configuration hell' (https://techcrunch.com/2025/03/26/cloud-veterans-launch-confighub-to-fix-configuration-hell/) DOGE Plans to Rebuild SSA Codebase In Months, Risking Benefits and System Collapse (https://www.wired.com/story/doge-rebuild-social-security-administration-cobol-benefits/) OpenAI Exclusive | The Secrets and Misdirection Behind Sam Altman's Firing From OpenAI (https://www.wsj.com/tech/ai/the-real-story-behind-sam-altman-firing-from-openai-efd51a5d?st=GmdXEX&reflink=desktopwebshare_permalink) OpenAI closes $40 billion funding round, largest private tech deal on record (https://www.cnbc.com/2025/03/31/openai-closes-40-billion-in-funding-the-largest-private-fundraise-in-history-softbank-chatgpt.html) Relevant to your Interests How vibe coding will affect Engineering Managers (https://newsletter.manager.dev/p/effect-of-ai-on-engineering-managers) Mastering GitHub Copilot: When to use AI agent mode (https://github.blog/ai-and-ml/github-copilot/mastering-github-copilot-when-to-use-ai-agent-mode/) Using Spring AI 1.0.0-SNAPSHOT: Important Changes and Updates (https://spring.io/blog/2025/03/27/spring-ai-update-to-snapshots) Former Intel CEO Pat Gelsinger Makes a Few More Long-Shot Bets (https://www.wsj.com/articles/former-intel-ceo-pat-gelsinger-makes-a-few-more-long-shot-bets-01e7337f) Pat Gelsinger has joined VC firm Playground Global (https://www.axios.com/newsletters/axios-pro-rata-ad45da7c-2daa-4290-b379-bba556718155.html?chunk=2&utm_term=emshare#story2) Amazon Is Canceling a Major Alexa Privacy Feature on March 28: Should You Worry? (https://www.cnet.com/home/security/amazon-is-canceling-this-alexa-privacy-feature-on-march-28-should-you-worry/) oneAPI: A New Era of Heterogeneous Computing (https://www.intel.com/content/www/us/en/developer/tools/oneapi/overview.html#gs.kqodnv) Amazon unveils Nova Act, an AI agent that can control a web browser (https://techcrunch.com/2025/03/31/amazon-unveils-nova-act-an-ai-agent-that-uses-a-web-browser/) Ransomware Found in VSCode Extensions Raises Concerns Over Microsoft's Security Review (https://www.cysecurity.news/2025/03/ransomware-found-in-vscode-extensions.html?m=1) Lip-Bu Tan says Intel will spin off non-core units (https://techcrunch.com/2025/04/01/lip-bu-tan-says-intel-will-spin-off-non-core-units/) Announcing Chainguard VMs: Minimal, Zero-CVE Container Host Images (https://www.chainguard.dev/unchained/announcing-chainguard-vms-minimal-zero-cve-container-host-images) Andreessen Horowitz in talks to help buy out TikTok's Chinese owners (https://on.ft.com/4iXhAkG) Nonsense This couple is obsessed with Costco. Why do they love it so much? (https://www.deseret.com/2024/1/10/24031947/joy-of-costco-susan-and-david-schwartz-king-husein-utah/) CISO MUSICAL | Official Broadway Trailer (https://www.youtube.com/watch?v=4W17F9Ho_38) Conferences DevOps Days Atlanta (https://devopsdays.org/events/2025-atlanta/welcome/), April 29-30 Cloud Foundry Day US (https://events.linuxfoundation.org/cloud-foundry-day-north-america/), May 14th, Palo Alto, CA NDC Oslo (https://ndcoslo.com/), May 21-23, Coté speaking. SDT News & Community Join our Slack community (https://softwaredefinedtalk.slack.com/join/shared_invite/zt-1hn55iv5d-UTfN7mVX1D9D5ExRt3ZJYQ#/shared-invite/email) Email the show: questions@softwaredefinedtalk.com (mailto:questions@softwaredefinedtalk.com) Free stickers: Email your address to stickers@softwaredefinedtalk.com (mailto:stickers@softwaredefinedtalk.com) Follow us on social media: Twitter (https://twitter.com/softwaredeftalk), Threads (https://www.threads.net/@softwaredefinedtalk), Mastodon (https://hachyderm.io/@softwaredefinedtalk), LinkedIn (https://www.linkedin.com/company/software-defined-talk/), BlueSky (https://bsky.app/profile/softwaredefinedtalk.com) Watch us on: Twitch (https://www.twitch.tv/sdtpodcast), YouTube (https://www.youtube.com/channel/UCi3OJPV6h9tp-hbsGBLGsDQ/featured), Instagram (https://www.instagram.com/softwaredefinedtalk/), TikTok (https://www.tiktok.com/@softwaredefinedtalk) Book offer: Use code SDT for $20 off "Digital WTF" by Coté (https://leanpub.com/digitalwtf/c/sdt) Sponsor the show (https://www.softwaredefinedtalk.com/ads): ads@softwaredefinedtalk.com (mailto:ads@softwaredefinedtalk.com) Recommendations Brandon: OrbStack · Fast, light, simple Docker & Linux (https://orbstack.dev/) Photo Credits Header (https://unsplash.com/photos/red-theater-curtain-WW1jsInXgwM)

DataTalks.Club
From Supply Chain Management to Digital Warehousing and FinOps - Eddy Zulkifly

DataTalks.Club

Play Episode Listen Later Apr 4, 2025 52:08


In this podcast episode, we talked with Eddy Zulkifly about From Supply Chain Management to Digital Warehousing and FinOpsAbout the Speaker: Eddy Zulkifly is a Staff Data Engineer at Kinaxis, building robust data platforms across Google Cloud, Azure, and AWS. With a decade of experience in data, he actively shares his expertise as a Mentor on ADPList and Teaching Assistant at Uplimit. Previously, he was a Senior Data Engineer at Home Depot, specializing in e-commerce and supply chain analytics. Currently pursuing a Master's in Analytics at the Georgia Institute of Technology, Eddy is also passionate about open-source data projects and enjoys watching/exploring the analytics behind the Fantasy Premier League.In this episode, we dive into the world of data engineering and FinOps with Eddy Zulkifly, Staff Data Engineer at Kinaxis. Eddy shares his unconventional career journey—from optimizing physical warehouses with Excel to building digital data platforms in the cloud.

Ardan Labs Podcast
AI, Career Growth, and Studio X with Ajay Malik

Ardan Labs Podcast

Play Episode Listen Later Apr 2, 2025 97:21


In this conversation, Bill Kennedy and Ajay Malik discuss various themes surrounding business relationships, the importance of continuous learning, career transitions, and the evolution of AI. They explore the challenges faced in business and the significance of trust in professional relationships. Ajay shares his journey through different tech companies, emphasizing his passion for learning and innovation. The discussion delves into the differences between AI and traditional algorithms, the future of AI in data integration, and the importance of privacy in AI solutions. They also touch on the competitive landscape of AI and the necessity of customer-centric product development.00:00 Introduction00:30 What is Ajay Doing Today?05:50 First Memory of a Computer16:00 Initial Jobs / Projects24:30 Moving to the U.S34:40 Pursuing a Management Position40:20 Working in Wireless Technology45:00 First Startup55:30 Ethics and Trust in American Business1:04:00 Entering the AI Space1:12:00 Model Context Protocol1:27:00 Future of LLMs1:35:00 Contact InfoConnect with Ajay: Linkedin:https://www.linkedin.com/in/artofai/Mentioned in this Episode:StudioX: https://www.studiox-ai.com/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

A Bootiful Podcast
My friend Anthony Dahanne on Buildpacks, Production, Docker images, and more

A Bootiful Podcast

Play Episode Listen Later Mar 27, 2025 48:58


Salut fans de Spring! In this installment I'm joined by the legendary Anthony Dahanne. If you've enjoyed success in production using Spring's built-in spring-boot:build-image capability, you've got today's guest Anthony to thank for it!

After The Whistle with Andrew Peters & Craig Rivet
Episode 609 "SAINT BERNARD-DOCKER" with JR

After The Whistle with Andrew Peters & Craig Rivet

Play Episode Listen Later Mar 26, 2025 52:52


DYLAN COZENS RETURN BACK TO BUFFALO. A NICE RESPONSE TO FROM CROWN DURING HIS TRIBUTE VIDEO. BERNARD-DOCKER SCORES VS OLD TEAM. HE'S PLAYING HARDTO TRY AND STAY IN THE LEAGUE. PLAYER TRIBUTE VIDEOS, WHY DO WE DO THIS? JR JOINS THE SHOW TO TALK SABRES, TRIBUTE VIDEOS, CBA NEGOTIATIONS AND EXPANSION Learn more about your ad choices. Visit megaphone.fm/adchoices

DevOps and Docker Talk
What's Coming in 2025?

DevOps and Docker Talk

Play Episode Listen Later Mar 26, 2025 16:42 Transcription Available


This episode is about what I'm seeing and what I'm doing right now, and then for the rest of the year. There are three parts. First, I talk about what's about to happen for me for the next few weeks re going to London for KubeCon. Then what I'm planning to change in this podcast, as well as my other content on YouTube for the rest of the year. And lastly, I talk about some industry trends that I'm seeing that will force me, I think, to change the format of this show. I recorded the episode on March 22, 2025.★Topics★My work at KubeCon EU in LondonWhat's next for this Podcast and my YouTubeWhat's up with AI for DevOps?Creators & Guests Beth Fisher - Producer Bret Fisher - Host (00:00) - What's Coming in 2025 (01:07) - Highlights I'm excited about re KubeCon (04:35) - Changes to this Podcast (05:58) - What's up with AI and "Agentic DevOps"? (15:11) - Upcoming guests You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

Ardan Labs Podcast
LoftLabs, vCluster, and Kubernetes with Lukas Gentele

Ardan Labs Podcast

Play Episode Listen Later Mar 26, 2025 119:48


In this episode, Bill Kennedy interviews Lukas Gentele, CEO and co-founder of Loft Labs, discussing the innovative vCluster technology that virtualizes Kubernetes clusters, enhancing resource utilization and developer autonomy while addressing challenges in cloud environments. The conversation explores the balance between operational security and developer freedom, the introduction of vCluster snapshots for easier deployment, and Lukas's personal journey into technology.00:00 Introduction00:20 What is Luis Doing Today?05:36 Performance and Resource Management21:42 First Memories of a Computer32:00 Highschool Interests36:00 Education System in Germany45:19 Choosing a University and Major58:00 Jobs After University 1:13:10 Working with K8's1:21:20 Building a Startup1:37:00   The Future of AI and Data Privacy 1:42:10 Transitioning to VCluster 1:58:00 Contact InfoConnect with Lukas: Linkedin: https://www.linkedin.com/in/gentele/X: https://x.com/lukasgenteleMentioned in this Episode:LoftLabs :  https://www.loft.sh/vCluster: https://www.vcluster.com/Want more from Ardan Labs? You can learn Go, Kubernetes, Docker & more through our video training, live events, or through our blog!Online Courses : https://ardanlabs.com/education/ Live Events : https://www.ardanlabs.com/live-training-events/ Blog : https://www.ardanlabs.com/blog Github : https://github.com/ardanlabs

Sabres Hockey
03-25 Jacob Bernard-Docker Postgame

Sabres Hockey

Play Episode Listen Later Mar 26, 2025 2:48


03-25 Jacob Bernard-Docker Postgame bonus 168 Wed, 26 Mar 2025 02:15:02 +0000 dxoqWJ2OObxQNVXiHFpvMpdeCBkH3727 nhl,buffalo sabres,jacob bernard docker,sports Sabres Hockey nhl,buffalo sabres,jacob bernard docker,sports 03-25 Jacob Bernard-Docker Postgame Nobody talks more Sabres than WGR Sports Radio 550 and broadcasts all the games from training camp through the regular season and playoffs. WGR Sports Radio 550 proud partner and official voice of the Buffalo Sabres. On Demand Audio is presented by Northwest Bank. For What's Next. 2024 © 2021 Audacy, Inc. Sports False https://player.amperwavepodcasting.com?feed-link=https%3A

DevOps and Docker Talk
Docker Build the best way with Docker Bake

DevOps and Docker Talk

Play Episode Listen Later Mar 24, 2025 15:05 Transcription Available


The Docker Bake Build tool just went general availability, and I'm excited about what this means for creating reproducible builds and automation that can run anywhere  CI locally. I love it. Really, and in this video I'm gonna break down some of the features, the benefits and walk through some examples.In this episode I explain why docker buildx bake exists, what it can do, and I walk through multiple examples of Bake files and how it's better than docker build image and docker compose build. I also touch on BuildKit and Docker's GitHub Actions.There's also a video version of this show on YouTube.★Get started with Docker Bake★Walkthough https://docs.docker.com/guides/bake/ Docs: https://docs.docker.com/build/bake/GA Announcement: https://www.docker.com/blog/ga-launch-docker-bake/Creators & Guests Beth Fisher - Producer Bret Fisher - Host (00:00) - Intro (00:04) - / (00:41) - History Lesson (01:29) - Bake Today (02:43) - Ad for... Me! (03:53) - List of Benefits (10:29) - Use Bake Everywhere (12:41) - Leaning into Bake, maybe? You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

Monero Talk
Onboarding Colombian Coffee Farmers to Monero | EPI 206

Monero Talk

Play Episode Listen Later Mar 17, 2025 214:40


47e6GvjL4in5Zy5vVHMb9PQtGXQAcFvWSCQn2fuwDYZoZRk3oFjefr51WBNDGG9EjF1YDavg7pwGDFSAVWC5K42CBcLLv5U OR DONATE HERE: https://www.monerotalk.live/donate LINKS: https://x.com/saucy_xmr TIMESTAMPS Coming soon! NEWS SEGMENT LINKS: Boating accidents don't apply to BTC: https://x.com/douglastuman/status/1899181656142983376?s=46&t=mVZ0A2C1bwwnAvgawJjlw Thomas Massie: https://x.com/repthomasmassie/status/1899187371314413636?s=46&t=mVZ0A2C1bwwnAvgawJjlw Total transparency must be accepted: https://x.com/aillialink/status/1766853753162932564?s=46&t=mVZ0A2C1bwwnAvgawJjlw XMR tops orangefren: https://x.com/orangefren/status/1900491300027158969?s=46&t=mVZ0A2C1bwwnAvgawJjlw The xmr community on X: https://x.com/0xkharon/status/1900126890863599788?s=46&t=mVZ0A2C1_bwwnAvgawJjlw Docker opens doors for hackers: https://www.spiceworks.com/finance/fintech/articles/docker-opens-door-to-crypto-hackers-for-monero-currency/ CEXs closed XMR withdrawals: https://www.reddit.com/r/Monero/s/FeFlD6gEVz Cuprate is released: https://www.reddit.com/r/Monero/s/F5WRwewYyZ SPONSORS: PRICE REPORT: https://exolix.com/ GUEST SEGMENT: https://cakewallet.com & https://monero.com NEWS SEGMENT: https://www.wizardswap.io Don't forget to SUBSCRIBE! The more subscribers, the more we can help Monero grow! XMRtopia TELEGRAM: https://t.me/monerotopia XMRtopia MATRIX: https://matrix.to/#/%23monerotopia%3Amonero.social ODYSEE: https://bit.ly/3bMaFtE WEBSITE: monerotopia.com CONTACT: monerotopia@protonmail.com MASTADON: @Monerotopia@mastodon.social MONERO.TOWN https://monero.town/u/monerotopia Get Social with us: X: https://twitter.com/monerotopia INSTAGRAM: https://www.instagram.com/monerotopia DOUGLAS: https://twitter.com/douglastuman SUNITA: https://twitter.com/sunchakr TUX: https://twitter.com/tuxpizza

Talk Python To Me - Python conversations for passionate developers
#496: Scaf: Complete blueprint for new Python Kubernetes projects

Talk Python To Me - Python conversations for passionate developers

Play Episode Listen Later Mar 14, 2025 79:34 Transcription Available


Today we explore the wild world of Python deployment with my friend, Calvin Hendricks-Parker from Six Feet Up. We'll tackle some of the biggest challenges in taking a Python app from “it works on my machine” to production, covering inconsistent environments, conflicting dependencies, and sneaky security pitfalls. Along the way, Calvin shares how containerization with Docker and Kubernetes can both simplify and complicate deployments, especially for smaller teams. Finally, we'll introduce Scaf, a powerful project blueprint designed to give developers a rock-solid start on Python web projects of all sizes. Get notified when the Talk Python in Production book goes live and read the first third online right now. Episode sponsors Posit Python in Production Talk Python Courses Links from the show Calvin Hendryx-Parker: github.com Scaf on GitHub: github.com Scaf on GitHub (duplicate): github.com "Deploy the Dream" song: deploy-the-dream-talk-python.mp3 CloudDevEngineering YouTube Channel: youtube.com TechWorld with Nana YouTube Channel: youtube.com Tilt (Kubernetes Dev Tool): tilt.dev Talos (Minimal OS for Kubernetes): talos.dev Traefik Reverse Proxy: traefik.io Sealed Secrets on GitHub: github.com Argo CD Documentation: readthedocs.io MailHog on GitHub: github.com Next.js: nextjs.org Cloud Custodian: cloudcustodian.io Valky (Redis Replacement): valkey.io “The ‘Works on My Machine' Certification Program” (Coding Horror): blog.codinghorror.com NVIDIA's First Desktop AI PC (Ars Technica): arstechnica.com Kind (Kubernetes in Docker): kind.sigs.k8s.io Updated Effective PyCharm Course: training.talkpython.fm Talk Python in Production book: talkpython.fm/books/python-in-production Watch this episode on YouTube: youtube.com Episode transcripts: talkpython.fm --- Stay in touch with us --- Subscribe to Talk Python on YouTube: youtube.com Talk Python on Bluesky: @talkpython.fm at bsky.app Talk Python on Mastodon: talkpython Michael on Bluesky: @mkennedy.codes at bsky.app Michael on Mastodon: mkennedy

The Tim Ferriss Show
#790: Chris Sacca — How to Succeed by Living on Your Own Terms and Getting Into Good Trouble

The Tim Ferriss Show

Play Episode Listen Later Jan 23, 2025 185:50


Chris Sacca is the co-founder of Lowercarbon Capital and manages a portfolio of countless startups in energy, industrial materials, and carbon removal. If it's unf**king the planet, he's probably working on it. Previously, Chris founded Lowercase Capital, one of history's most successful funds ever, primarily known for its very early investments in companies like Twitter, Uber, Instagram, Twilio, Docker, Optimizely, Blue Bottle Coffee, and Stripe. But you might just know him as the guy who wore those ridiculous cowboy shirts for a few seasons of Shark Tank. To purchase Chris's ranch, schedule a viewing at FivePondsRanch.com.P.S. This episode features a special, one-of-a-kind introduction that Chris recorded of yours truly. :) Sponsors:MUDWTR energy-boosting coffee alternative—without the jitters: https://MUDWTR.com/Tim (between 15% and 43% off) Helix Sleep premium mattresses: https://HelixSleep.com/Tim (Between 20% and 27% off all mattress orders and two free pillows)AG1 all-in-one nutritional supplement: https://DrinkAG1.com/Tim (1-year supply of Vitamin D (and 5 free AG1 travel packs) with your first subscription purchase.)*For show notes and past guests on The Tim Ferriss Show, please visit tim.blog/podcast.For deals from sponsors of The Tim Ferriss Show, please visit tim.blog/podcast-sponsorsSign up for Tim's email newsletter (5-Bullet Friday) at tim.blog/friday.For transcripts of episodes, go to tim.blog/transcripts.Discover Tim's books: tim.blog/books.Follow Tim:Twitter: twitter.com/tferriss Instagram: instagram.com/timferrissYouTube: youtube.com/timferrissFacebook: facebook.com/timferriss LinkedIn: linkedin.com/in/timferrissPast guests on The Tim Ferriss Show include Jerry Seinfeld, Hugh Jackman, Dr. Jane Goodall, LeBron James, Kevin Hart, Doris Kearns Goodwin, Jamie Foxx, Matthew McConaughey, Esther Perel, Elizabeth Gilbert, Terry Crews, Sia, Yuval Noah Harari, Malcolm Gladwell, Madeleine Albright, Cheryl Strayed, Jim Collins, Mary Karr, Maria Popova, Sam Harris, Michael Phelps, Bob Iger, Edward Norton, Arnold Schwarzenegger, Neil Strauss, Ken Burns, Maria Sharapova, Marc Andreessen, Neil Gaiman, Neil de Grasse Tyson, Jocko Willink, Daniel Ek, Kelly Slater, Dr. Peter Attia, Seth Godin, Howard Marks, Dr. Brené Brown, Eric Schmidt, Michael Lewis, Joe Gebbia, Michael Pollan, Dr. Jordan Peterson, Vince Vaughn, Brian Koppelman, Ramit Sethi, Dax Shepard, Tony Robbins, Jim Dethmer, Dan Harris, Ray Dalio, Naval Ravikant, Vitalik Buterin, Elizabeth Lesser, Amanda Palmer, Katie Haun, Sir Richard Branson, Chuck Palahniuk, Arianna Huffington, Reid Hoffman, Bill Burr, Whitney Cummings, Rick Rubin, Dr. Vivek Murthy, Darren Aronofsky, Margaret Atwood, Mark Zuckerberg, Peter Thiel, Dr. Gabor Maté, Anne Lamott, Sarah Silverman, Dr. Andrew Huberman, and many more.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.