Podcasts about feross

In this Risky Business News sponsored interview, Tom Uren talks to Feross Aboukhadijeh, CEO and Founder of Socket about how open source repositories are riddled with horrible software. Feross explains why it makes a difference if a package is vulnerable, malicious or just unwanted and how current transparency mechanisms such as CVEs and the NVD just aren't suitable for the challenge of open source repositories.

Many of the largest companies rely on third-party code to run critical parts of their software. However, there's often little focus on ensuring the quality of these external dependencies. Today we speak with Feross Aboukhadijeh, CEO and founder of Socket, a developer-first security platform. Socket helps developers and security teams release software faster and reduce time spent on security busywork. Feross is also a lecturer at Stanford, where he teaches CS233 Web Security. We discuss why the quality of third-party dependencies matters, when to start addressing this issue, how to handle unmaintained dependencies, and what tools are available for managing third-party dependencies. After listening to the episode, be sure to visit the Socket website, connect with Feross on Twitter, and check out his personal website. Mentioned in this episode: Socket at https://socket.dev/  Feross on X at https://x.com/feross  Feross website at: https://feross.org/ 

Socket Founder and CEO Feross Aboukhadijeh joins a16z's Joel de la Garza and Derrick Harris to discuss the open-source software supply chain. Feross and Joel share their thoughts and insights on topics ranging from the recent XZutils attack to how large language models can help overcome understaffed security teams and overwhelmed developers. Despite some increasingly sophisticated attacks making headlines and compromising countless systems, they're optimistic that LLMs, in particular, could be a turning point for security blue teams. As Feross sums up one possibility:"The way we think about gen AI on the defensive side is that it's not as good as a human looking at the code, but it's something. . . . Our challenge is that we want to scan all the open source code that exists out there. That is not something you can pay humans to do. That is not scalable at all. But, with the right techniques, with the right pre-filtering stages, you can actually put a lot of that stuff through LLMs and out the other side will pop a list of of risky packages."And then that's a much smaller number that you can have humans take a look at. And so we're using it as a tool . . . to find the needle in the haystack, what is worth looking at. It's not perfect, but it can help cut down on the noise and it can even make this problem tractable, which previously wasn't even tractable."More about Socket and  cybersecurity:SocketInvesting in SocketHiring a CISOFollow everyone :Feross AboukhadijehJoel de la GarzaDerrick Harris Check out everything a16z is doing with artificial intelligence here, including articles, projects, and more podcasts.

In this Risky Business News sponsored interview, Tom Uren talks to CEO and founder of Socket, Feross Aboukhadijeh about the open source software and supply chain security. Feross says the software ecosystem has evolved in ways that make it more vulnerable to trust-based attacks (such as seen in XZ Utils) and discusses what can be done to defend against this type of supply chain subversion.

In this episode of The Security Podcast of Silicon Valley, host Jon McLachlan of YSecurity.io invites Feross Aboukhadijeh, Founder and CEO of Socket.dev, a supply-chain cybersecurity company, to share his compelling journey as he tackles some of the most pressing challenges in software development security. Feross, a Stanford graduate and former intern at Intel, Facebook, and Quora, shares his journey from developing PeerCDN, a pioneering peer-to-peer content network, to his current venture, Socket.dev. Discover how Socket.dev is addressing critical software supply chain vulnerabilities by utilizing innovative technologies, including heuristic analysis and the latest LLMs. This episode offers valuable insights into the evolving cybersecurity landscape and Feross's unique approach to tackling some of the most pressing challenges in software development security. Join us for a captivating discussion that's a must-listen for anyone interested in the future of cybersecurity.

Feross and his team at Socket recently shipped a wrapper library for the ubiquitous npm package manager's command-line interface that brings enhanced security when you need it most: before executing any code Bradly Farias lead this effort, so Jerod & Chris invited him on the show to learn all about it.

Feross and his team at Socket recently shipped a wrapper library for the ubiquitous npm package manager's command-line interface that brings enhanced security when you need it most: before executing any code Bradly Farias lead this effort, so Jerod & Chris invited him on the show to learn all about it.

This week we're talking fresh, faster, and new web frameworks by way of JS Party. Yes, today's show is a web framework sampler because a new batch of web frameworks have emerged. There's always something new happening in the front-end world and JS Party does an amazing job of keeping us up to date. So…what's fresh, faster, and new? The first segment of the show focuses on Deno's Fresh new web framework. Luca Casonato joins Jerod & Feross to talk about Fresh – a next generation web framework, built for speed, reliability, and simplicity. In segment two, AngularJS creator Miško Hevery joins Jerod and KBall to talk about Qwik. He says Qwik is a fundamental rethinking of how a web application should work. And he's attempting to convince Jerod & KBall that the implications of that are BIG. In the last segment, Amal talks with Fred Schott about Astro 1.0. They go deep on how Astro is built to pull content from anywhere and serve it fast with their next-gen island architecture. Plus there's an 8 minute bonus for our ++ subscribers (changelog.com/++). Fred Schott explains Astro Islands and how Astro extracts your UI into smaller, isolated components on the page, and the unused JavaScript gets replaced with lightweight HTML — leading to faster loads and time-to-interactive.

This week we're talking fresh, faster, and new web frameworks by way of JS Party. Yes, today's show is a web framework sampler because a new batch of web frameworks have emerged. There's always something new happening in the front-end world and JS Party does an amazing job of keeping us up to date. So…what's fresh, faster, and new? The first segment of the show focuses on Deno's Fresh new web framework. Luca Casonato joins Jerod & Feross to talk about Fresh – a next generation web framework, built for speed, reliability, and simplicity. In segment two, AngularJS creator Miško Hevery joins Jerod and KBall to talk about Qwik. He says Qwik is a fundamental rethinking of how a web application should work. And he's attempting to convince Jerod & KBall that the implications of that are BIG. In the last segment, Amal talks with Fred Schott about Astro 1.0. They go deep on how Astro is built to pull content from anywhere and serve it fast with their next-gen island architecture. Plus there's an 8 minute bonus for our ++ subscribers (changelog.com/++). Fred Schott explains Astro Islands and how Astro extracts your UI into smaller, isolated components on the page, and the unused JavaScript gets replaced with lightweight HTML — leading to faster loads and time-to-interactive.

Deno team member Luca Casonato joins Jerod & Feross to tell us about Fresh – a next generation web framework, built for speed, reliability, and simplicity.

Deno team member Luca Casonato joins Jerod & Feross to tell us about Fresh – a next generation web framework, built for speed, reliability, and simplicity.

In this episode we speak to Feross Aboukhadijeh, CEO of Socket.dev, a software supply chain security company. We discuss the risks of using third party dependencies, how JS and NPM could improve their approach to security, whether trust in open source is eroding, and how to improve the overall security posture of your application. About Feross AboukhadijehFeross is the founder and CEO of Socket, where he's working on a new approach to open source supply chain security. Feross is the author and maintainer of WebTorrent, StandardJS, and 100s of other open source projects which are downloaded 500+ million times per month. Feross is a lecturer at Stanford University where he teaches CS 253 Web Security. Socket, the company Feross started, is auditing every package on npm to detect suspicious changes and block software supply chain attacks. Hundreds of companies use Socket to protect their software applications and critical services from malware and security threats originating in open source code.Other things mentioned:SocketWebTorrentStandard JSnpmJSTypescriptPrettierDependabotMacBook Pro M1Studio displayLogitech mouseLet us know what you think on Twitter:https://twitter.com/consoledotdevhttps://twitter.com/davidmyttonhttps://twitter.com/ferossOr by email: hello@console.devAbout ConsoleConsole is the place developers go to find the best tools. Our weekly newsletter picks out the most interesting tools and new releases. We keep track of everything - dev tools, devops, cloud, and APIs - so you don't have to. Sign up for free at: https://console.devRecorded: 2022-04-06.

Nick rewrote our JS Danger game board app from Dojo to React for his talk at React Global Online Summit about componentizing application state with React and XState. On this episode Jerod, KBall, and Feross chat with Nick about the entire process and what he learned along the way. Oh, we also play an epic round of Pro Tip Time!

Nick rewrote our JS Danger game board app from Dojo to React for his talk at React Global Online Summit about componentizing application state with React and XState. On this episode Jerod, KBall, and Feross chat with Nick about the entire process and what he learned along the way. Oh, we also play an epic round of Pro Tip Time!

Feross has been working on something big. He joins Chris and Nick, along with guests Bret Comnes and Mik Lysenko to discuss Socket, what it is, and its focus on the security of the JavaScript supply chain.

Feross has been working on something big. He joins Chris and Nick, along with guests Bret Comnes and Mik Lysenko to discuss Socket, what it is, and its focus on the security of the JavaScript supply chain.

Feross Aboukhadijeh is the creator of WebTorrent, StandardJS, and Wormhole. We talked to Feross about Wormhole back in June and he joins us now to talk about Socket.dev, a new security company that can protect your most critical apps from supply chain attacks. Links https://twitter.com/feross https://socket.dev https://socket.dev/npm/category/removed https://socketdev.notion.site/Join-the-Socket-Team https://webtorrent.io https://standardjs.com https://wormhole.app https://podrocket.logrocket.com/wormhole Review us Reviews are what help us grow and tailor our content to what you want to hear. Give us a review here (https://ratethispodcast.com/podrocket). Contact us https://podrocket.logrocket.com/contact-us @PodRocketpod (https://twitter.com/PodRocketpod) What does LogRocket do? LogRocket combines frontend monitoring, product analytics, and session replay to help software teams deliver the ideal product experience. Try LogRocket for free today. (https://logrocket.com/signup/?pdr) Special Guest: Feross Aboukhadijeh.

Malware attacks are scary, so preparation is keys. In this episode, the Jabberers talk with Feross Aboukhadijeh, a developer who's redefining malware detection to help you prepare for the next assault. “It's awesome that such small teams can make complex code, but it's not enough to just scan for vulnerabilities.” -Feross Aboukhadijeh In This Episode 1) This SCARY trend in supple chain malware attacks (and how to prepare) 2) Why tools like Socket are VERY different from common malware detection 3) How companies in 2022 are addressing their security (and what they're looking for in developers to help them) Sponsors Top End Devs (https://topenddevs.com/) Coaching | Top End Devs (https://topenddevs.com/coaching) Links Socket – protect your OSS supply chain (https://socket.dev/) Feross's Talk at CascadiaJS 2021 “It's a Jungle Out There! – Open Source Supply Chain Attacks” (https://www.youtube.com/watch?v=Cl7WVN4168M) Picks Aimee- Kubernetes Chaos Engineering Aimee- Normatec 2.0 Pro Legs | Hyperice (https://hyperice.com/products/normatec-2-pro-legs/) AJ- Socket (https://socket.dev/) AJ- Bundlephobia (https://bundlephobia.com/) AJ- NPMGraph (https://npmgraph.js.org/) Follow CoolAJ86 Live Streams: YouTube: https://youtube.com/coolaj86 Twitch: https://twitch.tv/coolaj86 Follow Beyond Code: YouTube: https://www.youtube.com/channel/UC2KJHARTj6KRpKzLU1sVxBA Twitter: https://twitter.com/@_beyondcode Charles- 7 Wonders Board Game (https://amzn.to/3IU78by) Charles- Airmeet (https://www.airmeet.com/) Charles- Events | Top End Devs (https://topenddevs.com/events) Feross- Node.js Fetch Feross- Darknet Diaries – True stories from the dark side of the Internet (https://darknetdiaries.com/) Feross- Risky Business news recap Steve- passWORDLE (https://rsk0315.github.io/playground/passwordle.html) Special Guest: Feross Aboukhadijeh.

Malware attacks are scary, so preparation is keys. In this episode, the Jabberers talk with Feross Aboukhadijeh, a developer who's redefining malware detection to help you prepare for the next assault. “It's awesome that such small teams can make complex code, but it's not enough to just scan for vulnerabilities.” -Feross Aboukhadijeh In This Episode 1) This SCARY trend in supple chain malware attacks (and how to prepare) 2) Why tools like Socket are VERY different from common malware detection 3) How companies in 2022 are addressing their security (and what they're looking for in developers to help them) Sponsors Top End Devs (https://topenddevs.com/) Coaching | Top End Devs (https://topenddevs.com/coaching) Links Socket – protect your OSS supply chain (https://socket.dev/) Feross's Talk at CascadiaJS 2021 “It's a Jungle Out There! – Open Source Supply Chain Attacks” (https://www.youtube.com/watch?v=Cl7WVN4168M) Picks Aimee- Kubernetes Chaos Engineering Aimee- Normatec 2.0 Pro Legs | Hyperice (https://hyperice.com/products/normatec-2-pro-legs/) AJ- Socket (https://socket.dev/) AJ- Bundlephobia (https://bundlephobia.com/) AJ- NPMGraph (https://npmgraph.js.org/) Follow CoolAJ86 Live Streams: YouTube: https://youtube.com/coolaj86 Twitch: https://twitch.tv/coolaj86 Follow Beyond Code: YouTube: https://www.youtube.com/channel/UC2KJHARTj6KRpKzLU1sVxBA Twitter: https://twitter.com/@_beyondcode Charles- 7 Wonders Board Game (https://amzn.to/3IU78by) Charles- Airmeet (https://www.airmeet.com/) Charles- Events | Top End Devs (https://topenddevs.com/events) Feross- Node.js Fetch Feross- Darknet Diaries – True stories from the dark side of the Internet (https://darknetdiaries.com/) Feross- Risky Business news recap Steve- passWORDLE (https://rsk0315.github.io/playground/passwordle.html) Special Guest: Feross Aboukhadijeh.

This week we're joined by the “mad scientist” himself, Feross Aboukhadijeh…and we're talking about the launch of Socket — the next big thing in the fight to secure and protect the open source supply chain. While working on the frontlines of open source, Feross and team have witnessed firsthand how supply chain attacks have swept across the software community and have damaged the trust in open source. Socket turns the problem of securing open source software on its head, and asks…“What if we assume all open source may be malicious?” So, they built a system that proactively detects indicators of compromised open source packages and brings awareness to teams in real-time. We cover the whys, the hows, and what's next for this ambitious and very much needed project.

This week we're joined by the “mad scientist” himself, Feross Aboukhadijeh…and we're talking about the launch of Socket — the next big thing in the fight to secure and protect the open source supply chain. While working on the frontlines of open source, Feross and team have witnessed firsthand how supply chain attacks have swept across the software community and have damaged the trust in open source. Socket turns the problem of securing open source software on its head, and asks…“What if we assume all open source may be malicious?” So, they built a system that proactively detects indicators of compromised open source packages and brings awareness to teams in real-time. We cover the whys, the hows, and what's next for this ambitious and very much needed project.

Tobie Langel, Open source strategist and Principal at UnlockOpen, joins Chris, Feross, and Amal to discuss recent widespread incidents affecting the JavaScript community (and breaking CI builds) around the globe. Two widely used npm libraries were self-sabotaged by their single maintainer, yet again, highlighting the many gaps in our OSS supply chain security, sustainability and overall practices. We explore all these topics and solution on what our ecosystem needs to be more resilient to these types of attacks in the future.

Tobie Langel, Open source strategist and Principal at UnlockOpen, joins Chris, Feross, and Amal to discuss recent widespread incidents affecting the JavaScript community (and breaking CI builds) around the globe. Two widely used npm libraries were self-sabotaged by their single maintainer, yet again, highlighting the many gaps in our OSS supply chain security, sustainability and overall practices. We explore all these topics and solution on what our ecosystem needs to be more resilient to these types of attacks in the future.

Rafael is joined by Feross Aboukhadijeh, the author and maintainer of WebTorrent, StandardJS, and hundreds of other open source projects, to talk about his new file-sending app, Wormhole. Feross gets into the weeds about encryption and threat models, and talks about some of the complexities around creating a simple interface accross many different devices and browsers. Links to things mentioned in the episode: - Wormhole: https://wormhole.app/ - Wormhole Roadmap: https://wormhole.app/roadmap - Wormhole Discord Server: https://discord.gg/de6FscsK5Z - Chakra UI: https://chakra-ui.com - Paul Frazee: https://twitter.com/pfrazee - Socket.dev: https://socket.dev/

Rafael is joined by Feross Aboukhadijeh, the author and maintainer of WebTorrent, StandardJS, and hundreds of other open source projects, to talk about his new file-sending app, Wormhole. Feross gets into the weeds about encryption and threat models, and talks about some of the complexities around creating a simple interface accross many different devices and browsers. Links to things mentioned in the episode: - Wormhole: https://wormhole.app/ - Wormhole Roadmap: https://wormhole.app/roadmap - Wormhole Discord Server: https://discord.gg/de6FscsK5Z - Chakra UI: https://chakra-ui.com - Paul Frazee: https://twitter.com/pfrazee - Socket.dev: https://socket.dev/

Feross is back with a brand new web app for us to pick apart! Wormhole is the fastest way to send files on the internet and we want to know why he built it, how it works, and what crazy hacks he invented along the way.

Feross is back with a brand new web app for us to pick apart! Wormhole is the fastest way to send files on the internet and we want to know why he built it, how it works, and what crazy hacks he invented along the way.

Guest Dominic Nguyen Panelists Eric Berry | Justin Dorfman | Richard Littauer Show Notes Hello and welcome to Sustain! The podcast where we talk about sustaining open source for the long haul. We are very excited about our guest today, Dominic Nguyen, founder of Chromatic, the company behind Storybook.js. Storybook.js is an open source tool for building UI components and pages in isolation. On this episode, Dominic fills us in on Chromatic, how Storybook evolved, the story behind Meteor, which is the first full-stack JavaScript framework, and who their venture backers are. We also learn the difference between Declarative and Imperative UI, and Dominic tells us what it means for him to be an open source project. Download this episode now to find out much more! [00:01:21] Dominic tells us about Storybook and how it evolved. [00:06:26] We learn the difference between Declarative and Imperative UI. [00:08:22] Find out what other projects have come out of Meteor. [00:09:07] Richard wonders what the financial situation is for Storybook, how much money is needed, and where does it go. [00:11:00] Dominic announces Chromatic is hiring engineers to do open source development, and he tells us who his seed funders are that believe in his mission. [00:14:24] Dominic talks about open source companies launching these open source business models. [00:16:04] Eric wonders if there's a direction with Storybook to work with or integrate with non-JavaScript based frameworks. [00:18:26] Richard wonders how Dominic is avoiding becoming a “kitchen sink” and making sure that he doesn't just fill all the needs for everyone and then do it badly. Dominic explains why they exist as the guiding light. [00:21:43] Richard asks Dominic what it means for him to be an open source project and how does he mentally manage the divide between the Storybook community as a whole needing to be sustained. [00:25:04] Eric asks Richard why would the funds that are generated to develop and maintain this project, why should they be distributed outside of the team that's the primary maintainers of it. Eric and Justin chime in and share their perspectives on this topic as well. [00:32:39] Find out where you follow Dominic online. Quotes [00:02:57] “Meteor was, for the audience who might not be familiar or who is just jumping into JavaScript now, was one of the first, or if not the first full-stack JavaScript framework.” [00:05:38] “If you look at the kind of long history of what components and why components exist, you can think about them as standardized parts.” [00:09:22] “The way we do it at Meteor is two ways: One, we have this idea of we're a community led open source project. We have an open collective that donates, like folks in the community donate money and then it's used effectively for marketing, marketing purposes, swag, doing stuff like CI, bills, like kind of incidentals.” [00:09:49] “Because when you think about it, it hasn't been enough to really pay someone a salary without asking for donations all the time and I think that's what's happening in Babel right now.” [00:10:10] “So, what we do on the Chromatic is the company behind Meteor, we have maintainers, official maintainers whose full-time job is to push that project forward, build the features that people want and maintain that kind of core API, and that is in partnership with our community.” [00:14:37] “If you look at the long answer in the context of other open source companies that are coming out right now and are launching, it seems like this is the model that everyone has landed on that separates you from these older style like open source, I would say classic open source business models.” [00:15:02] “It seems like the modern kind of like open source business models, build an open source project, sell some type of service that compliments it.” [00:17:57] “So for instance, isomorphic was like the hot word five years ago.” [00:22:28] “We put money back into the open source project and in doing so the development experience is better for everyone and it's that cycle that we're trying to maintain and continue.” [00:27:34] “Yeah, for me, the issue is like people who contribute to it, they're self-serving, it's a self-serving action. They are contributing to it for their own benefit.” [00:28:11] “And when that is the case, I agree with you a hundred percent. When that's not the case, when it's a tool that's being used by anybody, to me honestly, that is the beauty of open source.” [00:29:52] “So, the hard part about open source is maintaining it for a really long time.” [00:30:28] “Just staying afloat is like a full-time job.” [00:30:33] “And what we hope to offer the community from Chromatic, as like the maintainers, is a stable release cadence that keeps up with the rest of the ecosystem and includes some new, helpful, handy features.” Spotlight [00:33:26] Eric's spotlight is s tutorial, “Dockerize your Rails app” by Nate Hopkins. [00:34:25] Justin's spotlight is Wormhole by Feross. [00:34:49] Richard's spotlight is Brian T. Ford. [00:35:19] Dominic's spotlights are open source projects such as State of JS by Sacha Greif, Wordpress, Mock Service Worker (MSW), and Mirage JS. Links Dominic Nguyen Linkedin (https://www.linkedin.com/in/dominic-nguyen-25aa4821) Dominic Nguyen Twitter (https://twitter.com/domyen) Chromatic (https://www.chromatic.com/) Storybook (https://storybook.js.org/) Meteor (https://www.meteor.com/) “Dockerize your Rails app” by Nate Hopkins (https://gist.github.com/hopsoft/c27da1a9fda405169994a004957597b4) Nate Hopkins Twitter (https://twitter.com/hopsoft) Wormhole (https://wormhole.app/) Brian T. Ford (https://twitter.com/briantford) State of JS (https://stateofjs.com/) Sacha Greif (https://sachagreif.com/) Wordpress (https://wordpress.com/create/?utm_source=google&utm_campaign=google_wpcom_search_brand_desktop_us_en&utm_medium=paid_search&keyword=wordpress&creative=476205831529&campaignid=998785131&adgroupid=53026924047&matchtype=e&device=c&network=g&targetid=aud-1244516595356:kwd-295456403946&gclsrc=aw.ds&gclid=Cj0KCQjwkZiFBhD9ARIsAGxFX8AtjkQqNxxpBf4uxWORYLafGtBppOm4Ko5Ga4haPy076aHpBmA6_NIaAhbYEALw_wcB) Mock Service Worker (https://mswjs.io/) Mirage JS (https://miragejs.com/) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr at Peachtree Sound (https://www.peachtreesound.com/) Special Guest: Dominic Nguyen.

Yulia Startsev from Mozilla's SpiderMonkey team joins Jerod & Feross to talk compilers, going back to get your Master's, making decisions as a group, process of shepherding a feature through TC39, how Firefox actually works, and LavaMoats. Yes, LavaMoats.

Yulia Startsev from Mozilla's SpiderMonkey team joins Jerod & Feross to talk compilers, going back to get your Master's, making decisions as a group, process of shepherding a feature through TC39, how Firefox actually works, and LavaMoats. Yes, LavaMoats.

Ever wanted a language like JavaScript, but without the warts, with a great type system, and with a lean build toolchain that doesn’t waste your time? Patrick Ecker from the ReScript Association sits down with Jerod and Feross to tell us all about this “JavaScript-like language you have been waiting for”.

Ever wanted a language like JavaScript, but without the warts, with a great type system, and with a lean build toolchain that doesn’t waste your time? Patrick Ecker from the ReScript Association sits down with Jerod and Feross to tell us all about this “JavaScript-like language you have been waiting for”.

KBall, Amal, and Feross are joined by special guest Jenn Creighton to talk about all things Apollo. How does Apollo fit into the GraphQL ecosystem, what’s the next big thing, and when would you choose to use it?

KBall, Amal, and Feross are joined by special guest Jenn Creighton to talk about all things Apollo. How does Apollo fit into the GraphQL ecosystem, what’s the next big thing, and when would you choose to use it?

Jerod & Feross learn all about htmx (a pragmatic approach to web frontends) and _hyperscript (an experimental scripting language inspired by HyperTalk) with special guest Carson from Big Sky Software. Thanks to Rajasegar Chandran for requesting this episode!

Jerod & Feross learn all about htmx (a pragmatic approach to web frontends) and _hyperscript (an experimental scripting language inspired by HyperTalk) with special guest Carson from Big Sky Software. Thanks to Rajasegar Chandran for requesting this episode!

Our debate format returns! Divya & Feross take the “Nope” side while Amal & Nick represent the “Yep”s. Whose side will you take?

Our debate format returns! Divya & Feross take the “Nope” side while Amal & Nick represent the “Yep”s. Whose side will you take?

Tailwind CSS creator Adam Wathan joins Jerod, Nick, & Feross for an in-depth discussion of his trending utility-first CSS framework. We cover why everyone complains about CSS, how Tailwind began and how it gained popularity, how developers use with Tailwind and integrate it into their workflows, and how Adam has managed to build a business around the project. Thanks, Bette Midler!

Tailwind CSS creator Adam Wathan joins Jerod, Nick, & Feross for an in-depth discussion of his trending utility-first CSS framework. We cover why everyone complains about CSS, how Tailwind began and how it gained popularity, how developers use with Tailwind and integrate it into their workflows, and how Adam has managed to build a business around the project. Thanks, Bette Midler!

Did you know Feross taught Web Security at Stanford last Fall? On this episode, Divya and Nick enroll in his security school to learn about XSS, CSP, ambient authority, and a whole lot more.

Did you know Feross taught Web Security at Stanford last Fall? On this episode, Divya and Nick enroll in his security school to learn about XSS, CSP, ambient authority, and a whole lot more.

This week Feross and Emma chat with Segun Adebayo about Chakra UI, a modular React component library that’s changing the game for design systems and app development.

This week Feross and Emma chat with Segun Adebayo about Chakra UI, a modular React component library that’s changing the game for design systems and app development.

In this episode on Coding in Open Source, we interview Feross Aboukhadijeh about his innovative projects and experience with open source software. Feross is an entrepreneur, programmer, open source author, and mad scientist who will tell you, "It's possible to make a profit and share your code with the world!"

KBall, Divya, Mikeal, and Feross dig deep into refactoring. When to do it, best practices, things to watch out for, and the difference between a refactor and a rewrite. We then close out with some key pro tips.

KBall, Divya, Mikeal, and Feross dig deep into refactoring. When to do it, best practices, things to watch out for, and the difference between a refactor and a rewrite. We then close out with some key pro tips.

Panelists Justin Dorfman | Pia Mancini | Richard Littauer | Eric Berry Guest Ewa Jodlowska Executive Director at Python Software Foundation Show Notes 01:20 (/18?t=80) How Ewa Got Started in Open Source 02:38 (/18?t=158) Keeping the Python Culture Going Concentrating on Diversity 03:32 (/18?t=212) Challenges the PSF is Dealing With 04:10 (/18?t=250) PyCon Revenue Location 07:58 (/18?t=478) PSF Sponsorship Program Impact Report PSF Grants Program 12:05 (/18?t=725) BDFL Steps Down Evolution of Python Since 15:25 (/18?t=935) Where Developers are Going with Python Web Development and the Scientific Community Workgroup Giving out Funding for Scientific Python Groups 21:38 (/18?t=1268) Starting Workgroups Funding Requests 24:10 (/18?t=1443) Challenges Python Developers Face 26:03 (/18?t=1569) Questions Other Languages Ask 28:25 (/18?t=1712) Addressing Diversity at PSF Code of Conduct 31:05 (/18?t=1872) PSF Membership Levels Psfmember.org 33:00 (/18?t=1980) Updates in the Python Governance from PyCon 2019 Spotlights Pia - npm Funding (https://blog.opencollective.com/beyond-post-install/) Justin - pythoncheatsheet.org (https://pythoncheatsheet.org) Richard - Thanks by Feross (https://github.com/feross/thanks) Eric - Back Your Stack (http://backyourstack.com/) Ewa - Thanks (https://pypi.org/project/thanks/) Special Guest: Ewa Jodlowska.

Emission du mercredi 25 septembre 2019Le podcast de l'émission d'hier est en ligne ! Avec un mix spécial 45T par Djar'One dont lui seul à le secret et pour ma part un mix rap fr post 2000 : L'Argent De La Drogue, Vîrus, Tchad Unpoe, Karim Nazem & Seïsme (Christophe Gotham), EXPérimental, Le Sept & GREMS, VII, Eskicit (Eone), D'oz Kroniker, Feross & Asco Bunzen, Vincha, Ockney, Meurso & Fono, Mc Zombi, 5 Majeur, Mr JL, Gueule D'Ange, La Rumeur

KBall, Divya, Feross, and Jerod get together to discuss tips and tricks for communicating with other coders, project stakeholders, and users.

KBall, Divya, Feross, and Jerod get together to discuss tips and tricks for communicating with other coders, project stakeholders, and users.

With the jumping off point of KBall’s question: “What are best practices for organizing a Node project?” Mikeal and Feross drop an incredible amount of wisdom about Node, organizing using modules, release management, deployment approaches, how to adopt change, and more.

With the jumping off point of KBall’s question: “What are best practices for organizing a Node project?” Mikeal and Feross drop an incredible amount of wisdom about Node, organizing using modules, release management, deployment approaches, how to adopt change, and more.

In this episode we’re shining our maintainer spotlight on Feross Aboukhadijeh. Feross is the creator and maintainer of 100’s of open source projects which have been downloaded 100’s of million of times each month — projects like StandardJS, BitMidi, and WebTorrent to name a few. This episode with Feross continues our maintainer spotlight series where we dig deep into the life of an open source software maintainer. We’re producing this series in partnership with Tidelift. Huge thanks to Tidelift for making this series possible.

In this episode we’re shining our maintainer spotlight on Feross Aboukhadijeh. Feross is the creator and maintainer of 100’s of open source projects which have been downloaded 100’s of million of times each month — projects like StandardJS, BitMidi, and WebTorrent to name a few. This episode with Feross continues our maintainer spotlight series where we dig deep into the life of an open source software maintainer. We’re producing this series in partnership with Tidelift. Huge thanks to Tidelift for making this series possible.

Adam adds a twist to our YepNope format this week. Instead of 2v2, it’s 1v1v1 with Mikeal reppin’ team Yep, Divya on team Nope, and Feross sitting in the middle on team It Depends. You don’t want to miss this excellent debate/discussion all about JS tooling complexity. Many packages New frameworks built all the time Config hell. Webpack

Adam adds a twist to our YepNope format this week. Instead of 2v2, it’s 1v1v1 with Mikeal reppin’ team Yep, Divya on team Nope, and Feross sitting in the middle on team It Depends. You don’t want to miss this excellent debate/discussion all about JS tooling complexity. Many packages New frameworks built all the time Config hell. Webpack

Jerod, Feross, and Nick discuss the latest npm security fiasco, opine on the strengths and weaknesses of spreadsheets, explain CORS like they’re 5 (sorta), and give shout outs to deserving purveyors of fine software.

Jerod, Feross, and Nick discuss the latest npm security fiasco, opine on the strengths and weaknesses of spreadsheets, explain CORS like they’re 5 (sorta), and give shout outs to deserving purveyors of fine software.

We’re trying a brand new segment called YepNope, wherein your intrepid panelists engage in a lively debate around a premise. In this debate, Feross and KBall argue that websites should work without requiring JS and Divya and Chris say, “Nah!” Please let us know if you like this style episode! We had fun recording it, but that doesn’t matter much if y’all don’t enjoy listening to it.

We’re trying a brand new segment called YepNope, wherein your intrepid panelists engage in a lively debate around a premise. In this debate, Feross and KBall argue that websites should work without requiring JS and Divya and Chris say, “Nah!” Please let us know if you like this style episode! We had fun recording it, but that doesn’t matter much if y’all don’t enjoy listening to it.

Jerod, Mikeal, and Feross welcome Antoni Kepinski to the show to discuss his open source pizza ordering management web app. We talk about learning programming at a young age, how overwhelming web development can be these days, how Antoni decided which technologies to use, and more. This is a super fun conversation with many insights and takeaways for developers at every stage of their career.

Jerod, Mikeal, and Feross welcome Antoni Kepinski to the show to discuss his open source pizza ordering management web app. We talk about learning programming at a young age, how overwhelming web development can be these days, how Antoni decided which technologies to use, and more. This is a super fun conversation with many insights and takeaways for developers at every stage of their career.

Suz, Feross, and Emma have an honest conversation about burnout. They ask questions like — How do developers deal with burnout? What is burnout? What are examples of burnout in open source? Plus they close the show by sharing tips for avoiding burnout and also how to manage burnout if/when it happens.

Suz, Feross, and Emma have an honest conversation about burnout. They ask questions like — How do developers deal with burnout? What is burnout? What are examples of burnout in open source? Plus they close the show by sharing tips for avoiding burnout and also how to manage burnout if/when it happens.

Where does Feross get all those wonderful toys? He builds them with JavaScript, of course! BitMidi – a website for listening to your favorite MIDI files – is his latest creation. In this episode, Jerod “sits down” with Feross to learn all about it. How do MIDIs even work? Why won’t they play on the web anymore? Can WASM save the day (hint: yes)? How does Feross get so many eyeballs on his creations? Is Preact awesome for building sites like this? What’s the future of BitMidi look like? Don’t ask us, listen to the episode!

Where does Feross get all those wonderful toys? He builds them with JavaScript, of course! BitMidi – a website for listening to your favorite MIDI files – is his latest creation. In this episode, Jerod “sits down” with Feross to learn all about it. How do MIDIs even work? Why won’t they play on the web anymore? Can WASM save the day (hint: yes)? How does Feross get so many eyeballs on his creations? Is Preact awesome for building sites like this? What’s the future of BitMidi look like? Don’t ask us, listen to the episode!

Feross talks with Mathias Buus and Paul Frazee about the decentralized web, why the average person should care about decentralization of the web, the Beaker browser, Dat and the differences and similarities to BitTorrent, and how Paul and Mathias first got involved in this work.

Feross talks with Mathias Buus and Paul Frazee about the decentralized web, why the average person should care about decentralization of the web, the Beaker browser, Dat and the differences and similarities to BitTorrent, and how Paul and Mathias first got involved in this work.

In this special episode of JS Party at JS Conf in Carlsbad, Nick, Suz, Feross, and KBall talk about crazy JavaScript combinations, tips to get started speaking, being committed to diversity as a conference organizer, and much more.

In this special episode of JS Party at JS Conf in Carlsbad, Nick, Suz, Feross, and KBall talk about crazy JavaScript combinations, tips to get started speaking, being committed to diversity as a conference organizer, and much more.

Kball and Feross talk with Shelley Vohr and Jeremy Apthorp about what Electron is, why to use it, and what comes next for the platform.

Kball and Feross talk with Shelley Vohr and Jeremy Apthorp about what Electron is, why to use it, and what comes next for the platform.

MJS 032: Feross Aboukhadijeh Today's episode is a My JavaScript Story with Feross Aboukhadijeh. Feross talked about his contributions to the JavaScript community to the decentralized web. Listen to learn more about Mike! [01:00] – Introduction to Feross Aboukhadijeh Feross was on episode 155 and he talked about Webtorrent. It was 2 years ago. [01:35] – How did you get into programming? Toddler Feross has always been interested in computers and technology. His mom told him a story about how when he was a toddler, he was always watching people whenever they’re using technology – the television, the microwave, or the VCR. She said that he’s trying to imitate what he saw. HTML and Web proxies According to Feross, he became seriously interested when he was in middle school when he learned about HTML and wanted to make a personal site. In high school, there was this class that you could take. It’s a tech team where they went around and fixed teachers’ computers because they were understaffed. Some of the computers have administrator privileges turned on for the student accounts as well because some of the software that was required for certain classes needed it. The computers always had viruses on them because people would install first-person shooters and play during class time. They actually have school-wide filtering system so students can’t access certain sites. One of the categories they blocked was downloading sites. In order to even do their job, they have to figure out web proxies to get around the filters. He ended up setting up one of those on his own server. First website Feross’ real programming experience was PHP. It was in his junior year of high school. He bought a book in Barnes & Noble about PHP and MySQL. He wanted to build a site to host his favorite flash animations. That project was a database-driven website where people can segment their flash animations and soundboards, prank phone calls, and other internet humor. The site was called freetoflash. That was the first website that he built. [07:10] – How did you get into JavaScript? Feross thinks JavaScript is one of those languages that you don’t actually really bother to sit down and learn. There weren’t any good resources. According to him, He really didn’t know JavaScript until he started a company right after he graduated from college. He started taking JavaScript seriously because he was learning Node.js and realized that you can build real things from it. The start-up is called PeerCDN. They’re trying to make a content delivery network that would work in the browser using WebRTC. The idea is you would add a script tag to your website and then we would try to find other people visiting your site that already has the content that you want, you’ll fetch it from them over a peer-to-peer connection to save on your hosting build to reduce your CDN bill. That was a big Node application. It also has intense front-end component. He started learning about NPM, how you build things with microservices, and how do you deploy a JavaScript application. That was in 2013. [09:35] – Webtorrent Feross has been trying to transition Webtorrent into a distributed contribution model. It’s always been something that he would give out commit rights. If someone makes a good contribution, he’ll just add them to the Github for it. He recently made it into an organization on Github. He’s hoping to make it something that’s not completely dependent on him in order for it to continue existing. He’s going to be involved with it for the foreseeable future but he’s also trying to do new projects as well besides that. The good news is Webtorrent is mostly done in some sense. It works well. There are bugs. But if you use Webtorrent, especially if you use the desktop application to torrent things, it’s really polished and works nicely. Picks Feross Aboukhadijeh Decentralized web Dat Project Beaker Project IPFS Secure Scuttlebutt Patchwork Brave Twitter: @WebTorrentApp Twitter: @feross Charles Max Wood Let’s Encrypt Digital Ocean

MJS 032: Feross Aboukhadijeh Today's episode is a My JavaScript Story with Feross Aboukhadijeh. Feross talked about his contributions to the JavaScript community to the decentralized web. Listen to learn more about Mike! [01:00] – Introduction to Feross Aboukhadijeh Feross was on episode 155 and he talked about Webtorrent. It was 2 years ago. [01:35] – How did you get into programming? Toddler Feross has always been interested in computers and technology. His mom told him a story about how when he was a toddler, he was always watching people whenever they’re using technology – the television, the microwave, or the VCR. She said that he’s trying to imitate what he saw. HTML and Web proxies According to Feross, he became seriously interested when he was in middle school when he learned about HTML and wanted to make a personal site. In high school, there was this class that you could take. It’s a tech team where they went around and fixed teachers’ computers because they were understaffed. Some of the computers have administrator privileges turned on for the student accounts as well because some of the software that was required for certain classes needed it. The computers always had viruses on them because people would install first-person shooters and play during class time. They actually have school-wide filtering system so students can’t access certain sites. One of the categories they blocked was downloading sites. In order to even do their job, they have to figure out web proxies to get around the filters. He ended up setting up one of those on his own server. First website Feross’ real programming experience was PHP. It was in his junior year of high school. He bought a book in Barnes & Noble about PHP and MySQL. He wanted to build a site to host his favorite flash animations. That project was a database-driven website where people can segment their flash animations and soundboards, prank phone calls, and other internet humor. The site was called freetoflash. That was the first website that he built. [07:10] – How did you get into JavaScript? Feross thinks JavaScript is one of those languages that you don’t actually really bother to sit down and learn. There weren’t any good resources. According to him, He really didn’t know JavaScript until he started a company right after he graduated from college. He started taking JavaScript seriously because he was learning Node.js and realized that you can build real things from it. The start-up is called PeerCDN. They’re trying to make a content delivery network that would work in the browser using WebRTC. The idea is you would add a script tag to your website and then we would try to find other people visiting your site that already has the content that you want, you’ll fetch it from them over a peer-to-peer connection to save on your hosting build to reduce your CDN bill. That was a big Node application. It also has intense front-end component. He started learning about NPM, how you build things with microservices, and how do you deploy a JavaScript application. That was in 2013. [09:35] – Webtorrent Feross has been trying to transition Webtorrent into a distributed contribution model. It’s always been something that he would give out commit rights. If someone makes a good contribution, he’ll just add them to the Github for it. He recently made it into an organization on Github. He’s hoping to make it something that’s not completely dependent on him in order for it to continue existing. He’s going to be involved with it for the foreseeable future but he’s also trying to do new projects as well besides that. The good news is Webtorrent is mostly done in some sense. It works well. There are bugs. But if you use Webtorrent, especially if you use the desktop application to torrent things, it’s really polished and works nicely. Picks Feross Aboukhadijeh Decentralized web Dat Project Beaker Project IPFS Secure Scuttlebutt Patchwork Brave Twitter: @WebTorrentApp Twitter: @feross Charles Max Wood Let’s Encrypt Digital Ocean

MJS 032: Feross Aboukhadijeh Today's episode is a My JavaScript Story with Feross Aboukhadijeh. Feross talked about his contributions to the JavaScript community to the decentralized web. Listen to learn more about Mike! [01:00] – Introduction to Feross Aboukhadijeh Feross was on episode 155 and he talked about Webtorrent. It was 2 years ago. [01:35] – How did you get into programming? Toddler Feross has always been interested in computers and technology. His mom told him a story about how when he was a toddler, he was always watching people whenever they’re using technology – the television, the microwave, or the VCR. She said that he’s trying to imitate what he saw. HTML and Web proxies According to Feross, he became seriously interested when he was in middle school when he learned about HTML and wanted to make a personal site. In high school, there was this class that you could take. It’s a tech team where they went around and fixed teachers’ computers because they were understaffed. Some of the computers have administrator privileges turned on for the student accounts as well because some of the software that was required for certain classes needed it. The computers always had viruses on them because people would install first-person shooters and play during class time. They actually have school-wide filtering system so students can’t access certain sites. One of the categories they blocked was downloading sites. In order to even do their job, they have to figure out web proxies to get around the filters. He ended up setting up one of those on his own server. First website Feross’ real programming experience was PHP. It was in his junior year of high school. He bought a book in Barnes & Noble about PHP and MySQL. He wanted to build a site to host his favorite flash animations. That project was a database-driven website where people can segment their flash animations and soundboards, prank phone calls, and other internet humor. The site was called freetoflash. That was the first website that he built. [07:10] – How did you get into JavaScript? Feross thinks JavaScript is one of those languages that you don’t actually really bother to sit down and learn. There weren’t any good resources. According to him, He really didn’t know JavaScript until he started a company right after he graduated from college. He started taking JavaScript seriously because he was learning Node.js and realized that you can build real things from it. The start-up is called PeerCDN. They’re trying to make a content delivery network that would work in the browser using WebRTC. The idea is you would add a script tag to your website and then we would try to find other people visiting your site that already has the content that you want, you’ll fetch it from them over a peer-to-peer connection to save on your hosting build to reduce your CDN bill. That was a big Node application. It also has intense front-end component. He started learning about NPM, how you build things with microservices, and how do you deploy a JavaScript application. That was in 2013. [09:35] – Webtorrent Feross has been trying to transition Webtorrent into a distributed contribution model. It’s always been something that he would give out commit rights. If someone makes a good contribution, he’ll just add them to the Github for it. He recently made it into an organization on Github. He’s hoping to make it something that’s not completely dependent on him in order for it to continue existing. He’s going to be involved with it for the foreseeable future but he’s also trying to do new projects as well besides that. The good news is Webtorrent is mostly done in some sense. It works well. There are bugs. But if you use Webtorrent, especially if you use the desktop application to torrent things, it’s really polished and works nicely. Picks Feross Aboukhadijeh Decentralized web Dat Project Beaker Project IPFS Secure Scuttlebutt Patchwork Brave Twitter: @WebTorrentApp Twitter: @feross Charles Max Wood Let’s Encrypt Digital Ocean

Support our Teespring campaign! Get your JavaScript Jabber unisex t-shirts, hoodies, ladies’-sized, and long-sleeve tees! 02:01 - Feross Aboukhadijeh Introduction Twitter GitHub Blog 02:39 - Peer-to-Peer Background, Content Delivery Networks (CDNs) WebRTC PeerCDN BitTorrent 09:43 - The BitTorrent Protocol and Hypertext Transfer Protocol (HTTP) [YouTube] Feross Aboukhadijeh: WebTorrent (JSConf.Asia 2014) Distributed Hash Table (DHT) 13:08 - WebTorrent = BitTorrent over WebRTC Transmission Control Protocol (TCP) The User Datagram Protocol (UDP) Session Traversal Utilities for NAT (STUN) 17:22 - Where Do Original Files Come From? Tracker Servers BitTorrent Enhancement Proposal (BEP) 21:23 - Opposition 27:26 - Where is WebTorrent Going? (Use Cases) Instant.io [GitHub] instant.io 29:52 - Live Broadcasts 31:12 - Progression of BitTorrent Over Time Technical Decentralization 35:03 - Same-Origin Policy 36:33 - Firefox Hello Picks January 12th, 2016: Goodbye IE8 and IE9! (Dave) js-must-watch (Aimee) Headspace (Aimee) Popcorn Time (AJ) Steelheart (The Reckoners) by Brandon Sanderson (Chuck) Teespring (Chuck) Loop Drop by Matt McKegg (Feross) SceneVR by Ben Nolan (Feross) WebTorrent (Feross) node-nat-upnp (AJ) node-nat-pmp (AJ) simple-peer (Feross)

Support our Teespring campaign! Get your JavaScript Jabber unisex t-shirts, hoodies, ladies’-sized, and long-sleeve tees! 02:01 - Feross Aboukhadijeh Introduction Twitter GitHub Blog 02:39 - Peer-to-Peer Background, Content Delivery Networks (CDNs) WebRTC PeerCDN BitTorrent 09:43 - The BitTorrent Protocol and Hypertext Transfer Protocol (HTTP) [YouTube] Feross Aboukhadijeh: WebTorrent (JSConf.Asia 2014) Distributed Hash Table (DHT) 13:08 - WebTorrent = BitTorrent over WebRTC Transmission Control Protocol (TCP) The User Datagram Protocol (UDP) Session Traversal Utilities for NAT (STUN) 17:22 - Where Do Original Files Come From? Tracker Servers BitTorrent Enhancement Proposal (BEP) 21:23 - Opposition 27:26 - Where is WebTorrent Going? (Use Cases) Instant.io [GitHub] instant.io 29:52 - Live Broadcasts 31:12 - Progression of BitTorrent Over Time Technical Decentralization 35:03 - Same-Origin Policy 36:33 - Firefox Hello Picks January 12th, 2016: Goodbye IE8 and IE9! (Dave) js-must-watch (Aimee) Headspace (Aimee) Popcorn Time (AJ) Steelheart (The Reckoners) by Brandon Sanderson (Chuck) Teespring (Chuck) Loop Drop by Matt McKegg (Feross) SceneVR by Ben Nolan (Feross) WebTorrent (Feross) node-nat-upnp (AJ) node-nat-pmp (AJ) simple-peer (Feross)

Support our Teespring campaign! Get your JavaScript Jabber unisex t-shirts, hoodies, ladies’-sized, and long-sleeve tees! 02:01 - Feross Aboukhadijeh Introduction Twitter GitHub Blog 02:39 - Peer-to-Peer Background, Content Delivery Networks (CDNs) WebRTC PeerCDN BitTorrent 09:43 - The BitTorrent Protocol and Hypertext Transfer Protocol (HTTP) [YouTube] Feross Aboukhadijeh: WebTorrent (JSConf.Asia 2014) Distributed Hash Table (DHT) 13:08 - WebTorrent = BitTorrent over WebRTC Transmission Control Protocol (TCP) The User Datagram Protocol (UDP) Session Traversal Utilities for NAT (STUN) 17:22 - Where Do Original Files Come From? Tracker Servers BitTorrent Enhancement Proposal (BEP) 21:23 - Opposition 27:26 - Where is WebTorrent Going? (Use Cases) Instant.io [GitHub] instant.io 29:52 - Live Broadcasts 31:12 - Progression of BitTorrent Over Time Technical Decentralization 35:03 - Same-Origin Policy 36:33 - Firefox Hello Picks January 12th, 2016: Goodbye IE8 and IE9! (Dave) js-must-watch (Aimee) Headspace (Aimee) Popcorn Time (AJ) Steelheart (The Reckoners) by Brandon Sanderson (Chuck) Teespring (Chuck) Loop Drop by Matt McKegg (Feross) SceneVR by Ben Nolan (Feross) WebTorrent (Feross) node-nat-upnp (AJ) node-nat-pmp (AJ) simple-peer (Feross)