Podcasts about HashiCorp

This Open Source Startup Podcast episode has our co-hosts Robby and Tim in conversation with James Bayer, Chief Product Officer at software development platform Flox.Flox's open source, also called flox, provides a software environment platform powered by package manager Nix.In this episode, James shares lessons from his career across Cloud Foundry, Pivotal, and HashiCorp, where he helped turn widely adopted open-source projects like Terraform into sustainable businesses. His core takeaway is that support-only open source is difficult to scale; successful companies usually monetize the “multiplayer” capabilities that teams and enterprises need while keeping individual usage free.Now at Flox, James sees a similar opportunity built on top of Nix, a powerful but historically complex technology. He joined because Flox makes Nix dramatically easier to use, helping developers and AI agents manage software environments and dependencies. He also discussed the balance between open-source principles and commercial viability, and why he remains optimistic about the future of software development in the age of AI.

Every week, another round of tech layoffs gets explained away with the same two words: artificial intelligence. Meanwhile, the people making those calls have never once asked whether the cuts make strategic sense — or whether they're just making a number go up.Mat Barnes has been building brands for 30 years, survived two back-to-back acquisitions, and now leads brand at IBM. He has opinions about all of it.In this episode, Josh and Ross sit down with Mathew Barnes — brand leader at HashiCorp, now IBM after two consecutive acquisitions — to pull apart what actually makes brand work at scale. Mat makes the case that AI will expose every creative who doesn't know what good looks like, and that clarity isn't a buzzword: it's the only thing that's ever made any brand matter.We also cover:•Why AI will 'expose the hell out of you' if you don't already know what great looks like — and what taste actually is when you can't fake it•The one question every brand and creative team skips that causes every siloed, inconsistent campaign — and how Matt's team asks it before anything gets made•What it actually feels like to lead brand inside a 100-year-old institution — and what IBM's design sophistication taught a startup veteran who thought he'd seen everything

Amie Wei is a Sr. Solutions Engineer at HashiCorp and was the winner of last year's GKE Turns 10 Hackathon. It was Amie's first time entering a hackathon and she ended up bringing the prize home with a Cart-To-Kitchen AI Assistant. Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod - bluesky: @kubernetespodcast.com   News of the week Kubernetes 1.36 codename Haru is here LLM-d is a CNCF Sandbox project CNCF Certification Advancement & Recertification Experience program (CARE) Agones is a CNCF Sandbox project Links from the interview Amie Wei on LinkedIn GKE turns 10 Hackathon Hackathon winner announcement Online boutique sample Bank of Anthos sample The Cart-to-Kitchen AI Assistant on GKE  

PHP Podcast – April 30, 2026 Hosts: Eric Van Johnson & John Congdon Another fun episode of the PHP Podcast! Here’s what we covered: The Drone Slayer Strikes Eric and John wrapped up a Padres game at beautiful Petco Park in downtown San Diego — and things got weird on the way out. A rogue drone started buzzing around a busy intersection, lingering on a guy on a scooter, before making a fateful attempt to fly in front of Eric’s car. It did not make it. The controller came running out, Eric kept driving, and John has already dubbed him “the drone slayer.” Eric still hasn’t looked at whether his wife’s car got scratched, which feels like the bravest choice of all. Baseball Week Never Ends The reason today’s episode started an hour early? Baseball. John’s week was wall-to-wall: a Tuesday night little league game, the Padres game with Eric on Wednesday, practice Thursday night, the playoff draft reveal Friday, a little league game Saturday, and another Padres game Sunday. Eric pointed out John was wearing his own last name on a jersey to a Padres game, which opened up a whole sidebar on why anyone buys a $200 jersey with a player’s name on it when players change teams every two years anyway. Walking Pneumonia and the Power of the Right Antibiotic John’s week was also scrambled because his son had been diagnosed with regular pneumonia — but after not getting better, a second doctor visit revealed it was actually atypical (walking) pneumonia, which requires a completely different antibiotic. Once on the correct medication, his son bounced back almost immediately. The kid had been pushing himself trying to feel well enough for sixth grade camp, but there’s really no faking it with the wrong treatment. The Archie Situation — AI Standups Gone Sideways Eric has had a rough stretch after Anthropic shut down OpenClaw, the platform that powered their internal Discord bot Archie (a.k.a. Alfred). Archie had been running daily team standups, generating weekly summaries, letting team members tag it with updates throughout the day, and even setting reminders. Everyone got spoiled by it. Since then, attempts to migrate to Ollama — both locally and through the web service — have been plagued by slow response times and dropped messages. Eric is close to pulling the plug and going back to the old manual method, and he’s not happy about it. Claude SSH’d Into Eric’s Server and Fixed Everything For weeks, Eric had been fighting a broken Postiz Docker container — a self-hosted social media scheduling tool he uses to post across platforms. After updates broke it and multiple attempts at a fresh install still left it broken, he dropped the problem in Claude’s lap and explained the whole situation. Claude asked for permission to SSH into the remote server on Eric’s Tailscale network, and Eric said sure. Thirty minutes later, Claude had identified the culprit — a Temporal workflow engine losing its configuration on restart — wrote a fix script, configured the service to reconfigure properly on boot, and even set up a cron job to restart the container on reboot. Eric’s still trying to find that chat to review exactly what it did, but the service is running. GitHub is Getting Hammered by AI Agents GitHub has had a rough patch of outages, and the numbers tell the story: 20 million new repos per month, 1.4 billion commits, 90 million pull requests — with a dramatic spike right at the start of 2026. Part of the culprit? AI agents being unleashed on codebases to automatically open pull requests from backlog tickets. Eric has a client doing exactly this, and while it sounds impressive from the owner’s perspective (“look at all this work getting done!”), the developers on the ground report that a high percentage of those AI-generated PRs require significant human correction before they’re anywhere close to mergeable. The comparison to Reddit’s early explosion — and the one engineer who basically didn’t sleep for two years — felt pretty apt. The GitHub Security Vulnerability Nobody Talked About As if the outages weren’t enough, GitHub quietly disclosed a serious security vulnerability: a specially crafted git push — using malformed options in the push metadata — could allow arbitrary code execution on GitHub’s own servers. Eric had to dig to find the blog post because GitHub was not exactly shouting about it. To their credit, they state that their investigation found no evidence the vulnerability was ever exploited in the wild. But knowing that a specific sequence of bytes in a git push could have handed someone the keys to GitHub’s servers is genuinely unsettling. The Creator of Ghosty Is Leaving GitHub Mitchell Hashimoto — creator of the Ghostty terminal and formerly of HashiCorp — announced he’s leaving GitHub, where he’s been a user since 2008 (user #1299). This comes shortly after the Zig programming language made the same move, also citing reliability concerns. Eric was mildly skeptical of the “announcing I’m leaving” genre of posts, pointing out that GitHub doesn’t especially need your permission to stop using it. Notably, Hashimoto’s post doesn’t say what he plans to use instead. John joined GitHub in 2009, which led to a fun live expedition through his commit history — turns out he got serious about coding right around July 2013, roughly when DiegoDev landed its first client. Update Composer. Like, Right Now. PHP developers tend to set Composer up and forget about it — but there’s been a serious security vulnerability patched in a recent release that you absolutely want. The fix is simple: just run composer self-update. It updates in place and keeps a rollback copy in case anything breaks. While you’re at it, if you have global Composer packages installed, run composer global update to catch those too. Eric noted that Composer should really warn you when you’re significantly behind versions, the way Claude Code does. Until it does, just make a habit of it. Linux Kernel Exploit — Patch Your Servers A CVE was shared in the phparch Discord that affects Ubuntu, Amazon Linux, and Red Hat: a Linux kernel exploit that lets an attacker gain root access with a remarkably small payload — around 732 bytes targeting setuid. It’s a good reminder that the old sysadmin badge of honor (“my server has 5-year uptime, never rebooted”) is the wrong mentality now. With tools like Terraform and infrastructure-as-code, spinning up a freshly patched machine is the move. Keep your operating systems current, especially Linux servers running in production. Holly Built a PHP Tek App — And It’s Already Good Community member Holly built a native attendee app for PHP Tek, available now in beta on iOS (via TestFlight) and Android. You can browse the schedule, select the talks you want to attend, and it’ll warn you if two of your picks are in conflict — a “merge conflict,” as Eric put it. Best of all, it sends push notifications when sessions you’ve favorited get moved or rescheduled, which happens constantly at tech conferences. Eric’s wife installed it without being told anything about it and figured it out on her own — about as good a usability test as you can get. The app is built natively in Swift and Kotlin. Be kind to Holly — this is a gift to the community. PHP Tek in 19 Days + New PHP Architect Merch PHP Tek is nearly here — 19 days out in Chicago. A brand new PHP Architect elephant is coming (tentatively named Holly, after a live-stream vote). Eric also walked through new merch at store.phparch.com: a v-neck version of the classic rainbow PHP Architect shirt, and his personal labor of love — the “I have standards, specifically PSR 0, 1” tee — which he admits has sold exactly zero copies. If the hotel room block is sold out by the time you read this, reach out to the team directly and they’ll see what they can do. Links from the show: Postiz — Open Source Social Media Scheduling GitHub Security Advisory: Remote Code Execution via Git Push Options PHP Tek 2026 — Chicago PHP Architect Store PHP Architect Discord An update on GitHub availability Migrating from GitHub to Codeberg Ghostty Is Leaving GitHub Securing the git push pipeline: Responding to a critical remote code execution vulnerability Composer 2.9.6 fixes Perforce Driver Command Injection Vulnerabilities (CVE-2026-40261, CVE-2026-40176) Copy Fail: 732 Bytes to Root on Every Major Linux Distribution. Host: Eric Van Johnson X: @shocm Mastodon: @eric@phparch.social Bluesky: @ericvanjohnson.bsky.social PHPArch.me: @eric John Congdon X: @johncongdon Mastodon: @john@phparch.social Bluesky: @johncongdon.bsky.social PHPArch.me: @john Streams: Youtube Channel Twitch Connect & Hire PHP Architect Website Twitter/X Mastodon Hire PHP Developers Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review. Partner This podcast is made a little better thanks to our partners Displace Infrastructure Management, Simplified Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease. https://displace.tech/ PHPScore Put Your Technical Debt on Autopay with PHPScore CodeRabbit Cut code review time & bugs in half instantly with CodeRabbit. Music Provided by Epidemic Sound https://www.epidemicsound.com/ Join Us Live Next Week Youtube Channel Got feedback? Join us on Discord at discord.phparch.com The post The PHP Podcast 2026.04.30 appeared first on PHP Architect.

This is a recap of the top 10 posts on Hacker News on April 29, 2026. This podcast was generated by wondercraft.ai (00:30): Zed 1.0Original post: https://news.ycombinator.com/item?id=47949027&utm_source=wondercraft_ai(01:57): HERMES.md in commit messages causes requests to route to extra usage billingOriginal post: https://news.ycombinator.com/item?id=47952722&utm_source=wondercraft_ai(03:25): Online age verification is the hill to die onOriginal post: https://news.ycombinator.com/item?id=47950091&utm_source=wondercraft_ai(04:53): Cursor CampOriginal post: https://news.ycombinator.com/item?id=47949939&utm_source=wondercraft_ai(06:21): Copy FailOriginal post: https://news.ycombinator.com/item?id=47952181&utm_source=wondercraft_ai(07:49): Bugs Rust won't catchOriginal post: https://news.ycombinator.com/item?id=47943499&utm_source=wondercraft_ai(09:17): We need a federation of forgesOriginal post: https://news.ycombinator.com/item?id=47948603&utm_source=wondercraft_ai(10:45): Soft launch of open-source code platform for governmentOriginal post: https://news.ycombinator.com/item?id=47945918&utm_source=wondercraft_ai(12:12): Mistral Medium 3.5Original post: https://news.ycombinator.com/item?id=47949642&utm_source=wondercraft_ai(13:40): HashiCorp co-founder says GitHub 'no longer a place for serious work'Original post: https://news.ycombinator.com/item?id=47946958&utm_source=wondercraft_aiThis is a third-party project, independent from HN and YC. Text and audio generated using AI, by wondercraft.ai. Create your own studio quality podcast with text as the only input in seconds at app.wondercraft.ai. Issues or feedback? We'd love to hear from you: team@wondercraft.ai

In this episode, Ray Cochrane unpacks Anthropic’s Mythos model and the Treasury’s emergency meetings with Wall Street, then digs into Apple’s vibe-coding crackdown and a gaming-anxiety study that hit way too close to home. Also covered: Verge’s solid-state motorcycle, UBTech humanoid robot sales jumping 23-fold, Japan’s first osmotic power plant, Finland’s permanent nuclear waste vault, Ghostty landing in Ubuntu, Cloudflare’s EmDash CMS, and a Claude Code skill that talks like a caveman. – Want to start a podcast? It’s easy to get started! Sign up at Blubrry – Thinking of buying a Starlink? Use my link to support the show. Subscribe to the Newsletter. Email Ray if you want to get in touch! Like and Follow Geek News Central’s Facebook Page. Support my Show Sponsor: Best Godaddy Promo Codes Get 1Password Full Summary Cochrane opens the show by framing Anthropic’s new Mythos model as the AlphaGo moment for cybersecurity. From there, the episode moves through Apple’s pushback against AI-generated apps, a gaming anxiety study with a deeply personal hook, a series of “first to ship” energy and robotics wins out of Finland, China, and Japan, and several developer-tool stories that show how quickly the economics of software are shifting. Mythos, the Detection Ceiling, and Wall Street’s Emergency Response Anthropic’s Mythos model has Wall Street rattled. Operating autonomously, Mythos found and demonstrated the exploitation of a 27-year-old TCP SACK bug in OpenBSD, an operating system famous for being one of the most security-focused on the planet. Per Anthropic’s red team, over 99% of the vulnerabilities Mythos has identified remain unpatched. The researchers’ conclusion is blunt: “the moat in AI cybersecurity is the system, not the model.” The policy response moved fast. On April 7th, Treasury Secretary Bessent and Fed Chair Jerome Powell pulled the CEOs of Goldman Sachs, Citi, Bank of America, and Morgan Stanley into Treasury headquarters on short notice. All four banks are now testing Mythos internally. Treasury CIO Sam Corcos is also seeking direct access. Anthropic is gating distribution through Project Glasswing, a limited-access program with JPMorgan, Apple, Google, Microsoft, and Nvidia. Cochrane comes down firmly behind Anthropic’s gated approach. Because a 5.1-billion-parameter open model can apparently recover the core analysis chain for the OpenBSD flaw, this capability is not locked behind Frontier Compute. He wants the critical infrastructure hardened before the public gets keys. However, he also notes the bigger lesson is about human wisdom: people offloading all their thinking to AI lose out on the wisdom that makes any of these tools genuinely useful. Apple Bans Vibe Coding Apps from the App Store Apple has been quietly pushing back against what people are calling “vibe coding” apps. Replit, Vibecode, and an app called Anything all run AI models on the phone and produce working software that runs inside the host app. Apple cites Guideline 2.5.2, in effect since 2017, which requires apps to be self-contained. Replit and Vibecode had their App Store updates blocked. Anything was pulled in late March, briefly restored on April 3rd, and then pulled the same day again. The forcing function is volume. App Store submissions jumped 84% in a single quarter as vibe coding tools flooded Apple’s review queue with AI-generated apps. Cochrane thinks Apple is justified, given the security issues swirling around the Vibe coding ecosystem. Even a beautiful diamond gets lost in a sea of sand, and that flood is exactly what Apple is trying to manage. The company behind Anything is now pivoting to iMessage, desktop, and Android. Playing Video Games to Win Is Linked to Higher Anxiety Cochrane gets personal on this one. Through high school and his early 20s, he was deeply addicted to League of Legends. His dad teased him about it constantly. In the last few years of that addiction, his body would go ice cold and shake every ranked match before. His partner identified it as a panic attack. The moment that happened, he quit. Today, he no longer shakes. The new study lines up with his experience. Researchers Kayleigh Watters and Mikael Rubin at Palo Alto University analyzed a publicly available database of 13,464 adult gamers, most of whom primarily played League of Legends. Players who game to win show higher generalized anxiety but actually play fewer hours, since performance pressure pushes them out. Players who game to relax show strong links between social anxiety avoidance and more hours played. The study appeared in the Journal of Affective Disorders. The headline framing of “playing to win makes you anxious” misses the point. The real finding is more interesting: gaming for avoidance and gaming for competition are both warning signs, for different reasons. Cochrane notes that the League of Legends community’s toxicity has been a running joke for years, and this study suggests the game’s structure may have been manufacturing the anxiety that fueled it. Sponsor: GoDaddy Economy hosting is $6.99/month, WordPress hosting is $12.99/month, and domains are $11.99. Both hosting plans include a free domain, professional email, and SSL certificate. Go to geeknewscentral.com/godaddy for the best pricing and to directly support this independent show. Verge Motorcycle: World’s First Production All-Solid-State Battery Cochrane filled his tank for $60 today, which made this story land especially hard. His mom has driven electric for years and patiently manages a 90-mile real-world range. The next-generation answer is already shipping. Verge Motorcycles, a Finnish company, is the first production vehicle of any kind with an all-solid-state battery. Their 2026 bikes ship in Q1 with a pack from Donut Lab, another Finnish outfit spun out of Verge. The numbers are bonkers. The pack delivers an energy density of 400 Wh/kg, roughly double that of current Tesla cells. It sustains 100kW charging, hits full charge in about 5 minutes in the lab and 12 minutes on the actual bike, and the long-range version covers 600 kilometers (about 370 miles) per charge. Toyota, QuantumScape, and Samsung SDI have all been telling us that solid-state is coming in 2027 to 2030. A Finnish motorcycle company shipping in Q1 2026 just embarrassed them all. UBTech Humanoid Robot Sales Jump 23-Fold UBTech dropped its 2025 annual earnings on April 1st. Humanoid robot revenue hit 820 million yuan, roughly $119 million USD, up 2,203% from 35.6 million yuan the year before. Unit sales went from 3 robots in 2024 to 1,079 in 2025. Shares jumped 14% on the announcement. The customer list is a real industrial deployment: BYD, Foxconn, Geely, FAW-Volkswagen, and Audi. The flagship is the Walker S2, with UBTech targeting 5,000 units in 2026 and 10,000 in 2027. Cochrane is honest about what this means. He does not think we are heading for an extinction event, but worker displacement is a real concern. The US has no universal income or universal healthcare. The people affected are not white-collar managers. They are everyday line workers who already make the least on the ladder. Work efficiency reportedly doubles when these robots arrive, which is a company-side win, but the humans they replace are not getting half a year of gardening leave to retrain. He invites the listener to take on this one directly. Japan Switches On Asia’s First Osmotic Power Plant In August 2025, Fukuoka’s Seawater Desalination Center quietly opened Asia’s first osmotic power facility. It generates about 880,000 kilowatt-hours per year, enough for roughly 220 homes. It is only the second operational osmotic plant in the world, after Mariager, Denmark, in 2023. Osmotic generation uses a salinity gradient: fresh water on one side of a membrane, salt water on the other, and the pressure difference spins a turbine. The clever part is what Fukuoka does with desalination brine. Instead of regular seawater, the plant uses concentrated brine left over from the desalination process. This amplifies the salt gradient and squeezes more energy out of the same membrane. The result is a closed-loop partnership: the desalination facility produces drinking water and leaves brine behind, the osmotic plant turns the brine into electricity, and that electricity runs the desalination facility. Every desalination plant on Earth produces brine, so if Fukuoka’s co-located model works, the same pattern could be replicated across hundreds of plants worldwide. Japan’s Luna Ring Solar Moon Proposal Goes Viral Again Shimizu Corporation’s Luna Ring concept is making the rounds again. The pitch: a 6,800-mile belt of solar panels around the Moon’s equator, beaming microwave power back to Earth. Project lead Tetsuji Yoshida has long argued that a full ring could eliminate fossil fuel dependence entirely. The proposal first surfaced in 2013, has no funding, no government endorsement, and no concrete cost estimate. Shimizu has not put any active development behind it. Cochrane finds the concept fun every time it resurfaces. However, this would have to be a worldwide effort in the truest sense, with treaties, a new generation of launch economics, and microwave power transmission at a scale nobody has demonstrated. Beaming the power back to Earth has always been one of the biggest practical holdbacks. The Luna Ring is inspirational, but not shipping. Finland’s Onkalo Nuclear Waste Vault Opens Finland’s Onkalo facility is the world’s first permanent deep geologic repository for spent nuclear fuel. Operated by Posiva, the facility is buried about 430 meters down in 1.9-billion-year-old bedrock. It is designed to hold up to 6,500 tons of spent fuel and operate until the 2120s. The construction costs about €1 billion, with operating and closure adding roughly €4 billion more before the program is done. The catch is that radioactivity remains dangerous for hundreds of thousands of years. Edwin Lyman, director of nuclear power safety at the Union of Concerned Scientists, warned that the copper canisters will eventually corrode, with different scientific opinions on how fast. Geologic disposal remains “fraught with uncertainties,” and we have never validated an engineered system across a 100,000-year time frame. The bet is that the rock and copper outlast the radioactivity. Cochrane sees Onkalo as time-buying rather than a final answer. It is more of a bank holding spent fuel while science catches up. He prefers it to Japan’s ongoing approach of releasing tritium-treated water from Fukushima Daiichi into the Pacific, even though the dilution is well below WHO drinking water guidelines. Burying the waste in an insurmountable containment strikes him as the more honest answer to a problem nobody knows how to truly solve. Ghostty Terminal Lands in the Ubuntu Repos Ghostty 1.3.0 is now available in Ubuntu 26.04 LTS’s universe repository. The install is simply `sudo apt install ghostty`, no PPAs, no Snap, no Nix, no building from source. Ghostty was created by Mitchell Hashimoto, co-founder of HashiCorp. It is GPU-accelerated, uses native Swift on macOS and native GTK4 with libadwaita on Linux, and supports tabs, splits, profiles, ligatures, and the Kitty graphics protocol. Cochrane recently caught Hashimoto on a podcast, where he walked through his agentic coding workflow. Ghostty is being actively built using AI harnesses like Claude Code and Codex. Hashimoto told a story in which Codex fixed a six-month-old bug in 45 minutes, for a total API cost of $4.14. Personally, Cochrane uses WezTerm, but he is excited to see Ghostty become more widely available with a native UI rather than Electron. Borgo: Rethinking Go Using Rust Analytics India Magazine profiled Borgo, a programming language by developer Marco Sampellegrini (GitHub: alpacaaa). Borgo is statically typed with Rust-like syntax, but it compiles to Go and uses the Go runtime and garbage collector. It includes sum types (Option and Result), pattern matching, and full compatibility with existing Go packages. Notably, it removes Rust’s borrow checker and lifetimes entirely. Borgo is not new. It first appeared on Hacker News in 2023, with a RustLab talk in 2024. The 2026 angle is a renewed look at it through the lens of AI coding agents, since type-rich languages like Rust have been showing outsized productivity gains. Cochrane is a fan of Rust and stands by the borrow checker, but he enjoys these exploratory languages for what they reveal about what developers actually want. Caveman: A Claude Code Skill That Cuts 65% of Tokens Developer Julius Brussee built a Claude Code skill called Caveman that forces Claude to respond in stripped-down fragments. No articles, no “just,” no “really,” no pleasantries, no hedging. The tagline is “why use many token when few token do trick.” Across 10 real dev tasks, Caveman mode averaged 294 tokens per response, compared to 1,214 in normal mode. That is a 65% drop in output tokens. The project is MIT licensed with three intensity levels: lite, full, and ultra. Cochrane stumbled across the project online and shared it with a classmate who had been complaining about token costs. The classmate now insists that “the caveman is the only way to live.” Cochrane has not made the switch, but the bigger point lands. If a community plugin can cut 65% of tokens without correctness regressions, the labs are shipping verbose-by-default and charging users for the privilege. He suspects verbose output makes models feel more trustworthy, even when the token math says otherwise. Cloudflare Launches EmDash as a WordPress Successor Cloudflare released EmDash on April 9th, an open-source, MIT-licensed, TypeScript-based CMS pitched as the spiritual successor to WordPress. The big flex is that it was built in 60 days using AI coding agents. EmDash runs on Astro 6.0, either on Cloudflare’s edge platform or on a standard Node.js server. The plugin security model uses sandboxed Dynamic Workers with explicit permissions, addressing the architecture flaw that Cloudflare says causes 96% of WordPress vulnerabilities. Cochrane could not resist pointing out the irony of the name. The em dash has become the trademark giveaway that an AI was involved in writing. He has reservations about whether EmDash will succeed. WordPress is extremely hard to unseat, plenty of “WordPress killers” have come and gone, and the ecosystem is twenty-plus years deep. He is curious to see what comes next but not optimistic. Google Open-Sources the DESIGN.md Format Google Labs open-sourced the DESIGN.md format used by Stitch, their AI UI design tool. DESIGN.md is a declarative file capturing a project’s design system, colors, typography, and spacing in a way AI agents can read and apply. Cochrane has tried Stitch personally and finds it impressive at producing web designs. He has also seen DESIGN.md-style files already start appearing in repositories. He sees this kind of file becoming a new paradigm for agentic design, alongside robots.txt and llms.txt. However, he worries about a side effect. If everyone uses the same standardized format and the same AI tools, the web could become a homogeneous set of sites that all look the same. He is enthusiastic about the standardization but hopes designers continue to push for genuinely unique work. A 13-Liter PC With a Water Loop Built Into the Case Geeky Gadgets covered a build by “Visual Thinker”, a 13-liter mini-ITX case with custom SLA-printed water distribution plates built directly into the chassis. Instead of traditional soft tubing, plates channel coolant between the CPU and GPU blocks and are sealed with TPU and silicone molds. The case supports a full-size GPU and an SFX power supply. No thermal benchmarks, parts list, or pricing have been published. It is a one-off you cannot buy. Cochrane sees this as a sign of where PC building has gone in 2026. Modern mid-grade GPUs run nearly every recent game, so raw performance is no longer the differentiator. He likes seeing builders lean into design and craft rather than just stuffing the most powerful parts into a box. He admits he is the traditional type and built his own machine to maximize parts, but the design-first direction is a healthy evolution for the hobby. To close out the show, Cochrane recommends Pocket Casts as a podcast app. He finds it picks up new episodes very quickly. Big thanks to GoDaddy for over twenty years of keeping this show on the air, and a reminder that every promo code use is like writing a check to the show. The post Mythos: Cybersecurity’s AlphaGo Moment #1862 appeared first on Geek News Central.

Most engineers approach open source the wrong way. They write code, open a PR, and wonder why it never gets merged. Bruno Schaatsbergen, Terraform core contributor and ex-HashiCorp engineer, breaks down the real craft behind contributions that actually land, and why AI is quietly breaking the ecosystem we all depend on.In this episode, we cover:Why pull requests get ignored (and the counterintuitive fix)How AI slop is killing open source from the insideUsing AI agents without losing your identity as an engineerWhy open source beats a tailored resume in today's marketHow consistent contributions can reshape your entire careerIf you've ever wanted to contribute to open source but didn't know where to start, this episode gives you a clear perspective from someone who's been on both sides.Connect with Bruno:https://www.linkedin.com/in/bschaatsbergenOUTILNE00:00:00 - Intro00:01:04 - How Open Source Shaped My Entire Career00:02:14 - Why I Take Pride in Every PR I Write00:03:16 - Open Source vs Personal Projects: The Real Difference00:04:18 - Why Your PRs Get Ignored (And How to Fix It)00:05:41 - Know Your Audience: The Counterintuitive PR Hack00:06:35 - Dealing With Imposter Syndrome as a Contributor00:07:10 - Read Code Like a Writer Reads Books00:09:31 - My First Contribution (And How It Changed My Career)00:10:51 - Should You Contribute to Open Source Early in Your Career?00:12:46 - The Dark Side: When Contributions Become Noise00:13:44 - Killed With Kindness: The AI Slop Problem00:16:17 - How Maintainers Are Fighting AI Slop00:18:02 - How I Actually Use AI Agents in My Workflow00:19:11 - Don't Outsource Your Thinking to AI00:20:11 - Who's Liable for AI-Generated Code?00:21:16 - Earned Rights: Why Trust Matters in Open Source00:22:52 - How to Approach People at Tech Conferences00:24:52 - Open Source Is Not a Democracy00:26:04 - Why Open Source Beats a Tailored Resume00:27:12 - Never Contribute With the Goal of Getting Hired00:28:38 - The Real Reason Consistency Pays Off00:29:30 - Admitting I'm a University Dropout00:30:42 - Why I Haven't Contributed in Weeks (And That's Okay)00:32:07 - The Trap of Chasing Contributor Rankings00:34:32 - Open Source Lets You Work With Anyone in the World00:35:52 - Final Advice: Don't Let AI Steal Your Identity

Rosemary Wang and Michael Kosir (developer advocates at HashiCorp, an IBM Company) discuss what's new in product release cadences, Packer 1.15, Consul 1.22.6, and the release candidate for Vault 2.0.0. PODCAST NOTES Changes to Product Release Cadence: https://support.hashicorp.com/hc/en-us/articles/48015293517203-Changes-to-HashiCorp-Self-Managed-Enterprise-Product-Release-Cadence-and-Support HashiCorp support site migrated: https://www.ibm.com/support/pages/node/7254264 Packer 1.15: https://developer.hashicorp.com/packer/docs/provisioners/hcp-sbom Vault 2.0.0-rc1: https://github.com/hashicorp/vault/blob/main/CHANGELOG.md#200-rc1 Consul 1.22.6: https://github.com/hashicorp/consul/releases/tag/v1.22.6 Consul-k8s: https://github.com/hashicorp/consul-k8s/releases/tag/v1.9.6

Michael Irwin of Docker joins me to run through Gordon AI improvements, Docker Hardened Images and what's now free, Docker Sandboxes for running agents in proper isolation, Model Runner updates including MLX support on Mac, MCP Toolkit dynamic discovery, and the newly renamed Docker Agent with its GitHub Action for automating PR reviews and docs checks.Check out the video podcast version here: https://youtu.be/dTF3b36Bq6w

Bret is joined by the founders of Plakar - Julien Mangeard and Gilles Chehade - to nerd out over backup engineering. The kind where you're building your own file formats and cryptographic layers, not just wiring up cron jobs. We get into how Plakar deduplicates and encrypts at the source so your cloud provider never sees your keys. Also, their snapshot model has no chain dependencies, which means you can delete any backup without breaking the others. We had a fun hour of backup horror stories, ransomware pragmatism, where I'm lobbying hard for a Docker volume integration.Check out the video podcast version here: https://youtu.be/OPRK5osKQHI

In this episode ofThe New Stack Agents, Marcin Wyszynski, co-founder of Spacelift and OpenTofu, explains how AI is transforming infrastructure as code (IaC). Originally built for individual operators, tools like Terraform struggled to scale across teams, prompting Wyszynski to help launch OpenTofu after HashiCorp's 2023 license change. Now, the bigger shift is AI: engineers no longer write configuration languages like HCL manually, as AI tools generate it, dramatically lowering the barrier to entry. However, this creates a dangerous gap between generating infrastructure and truly understanding it—like using a phrasebook to ask questions in a foreign language but not understanding the response. In infrastructure, that lack of comprehension can lead to serious risks. To address this, Spacelift introduced Intent, which allows AI to directly interact with cloud systems in real time while enforcing deterministic guardrails through policy controls. The broader challenge remains balancing speed with control—enabling faster experimentation without sacrificing safety. Wyszynski argues that, like humans, AI can be trusted when constrained by strong guardrails. Learn more from The New Stack about the latest developments around how AI is transforming infrastructure as code (IaC). The Maturing State of Infrastructure as Code in 2025 Generative AI Tools for Infrastructure as Code Join our community of newsletter subscribers to stay on top of the news and at the top of your game. 

Rosemary Wang and Michael Kosir (developer advocates at HashiCorp, an IBM Company) discuss how to use Terraform and Packer agent skills, explorer in Terraform Enterprise 1.2, and caching in Vault Secrets Operator 1.3.0. Podcast Notes - GO-2026-4337: https://pkg.go.dev/vuln/GO-2026-4337 - Vault Secrets Operator 1.3.0: https://github.com/hashicorp/vault-secrets-operator/releases/tag/v1.3.0 - Terraform Enterprise 1.2: https://www.hashicorp.com/en/blog/terraform-enterprise-12-upgrades-workflows-visibility-and-brownfield-migration - Agent Skills: https://www.hashicorp.com/en/blog/introducing-hashicorp-agent-skills - Understanding instructions, context, skills and MCP servers for code generation by Sam McGeown: https://www.definit.co.uk/2026/03/understanding-instructions-context-skills-and-mcp-servers-for-code-generation/

Container base images (like Official Docker Hub images) are often updated without new tag versions. I call this Silent Rebuilds. There's no way to know this happens without image digest-checking automation like Dependabot and Renovate with specific settings. Failure to keep up-to-date is a prime source of vulnerabilities that can lead to serious security breaches. Automate the updates!Check out the video podcast version here: https://youtu.be/z_ahbsSc4Fo

Vandaag aan tafel:Barend BaarssenKarel van der WoudeMustafa GülkaraCojan van BallegooijenTimeline:0:00 Intro0:29 Introductie2:33 Wat is Vault?8:52 Wat is de doelstelling van Vault?13:44 Data encryptie 15:25 Open Source vs Enterprise17:25 Vault Setup20:45 Vault Use Case26:05 HashiCorp + IBM + Red HatIn deze aflevering duiken we diep in HashiCorp Vault: dé oplossing voor secret management, identity brokering en dynamische toegangscontrole in moderne, hybride IT‑omgevingen. Onze gast is Cojan van Ballegooijen, Solution Engineer bij HashiCorp, die dagelijks organisaties helpt om veilig en schaalbaar met credentials, keys, tokens en data‑encryptie om te gaan.We blikken kort terug op de eerdere HashiCorp‑aflevering met Mahil en bouwen daarop voort. Cojan gebruikt een herkenbare analogie van twee discotheken om helder uit te leggen hoe Vault zowel authenticatie (wie ben jij als persoon of applicatie?) als autorisatie (wat mag jij?) regelt. Daarbij staat The Principle of Least Privilege centraal: minimale toegang, maximaal veilig.Daarnaast bespreken we onder andere:- Secret Management als strategische security‑laag- Vault als Identity Broker tussen applicaties, clouds en platformen- Automatisch certificaten roteren (bijvoorbeeld elke 47 dagen)- Use cases in OpenShift, AWS, Azure, GitHub, GitLab en CI/CD‑pijplijnen- Dynamic Secrets voor on‑the‑fly toegangsrechten (bijv. databases)- Integraties met Ansible, Terraform, IBM Concert en andere automation‑tools- Het verschil tussen Open Source Vault en Enterprise Vault, inclusief mogelijkheden voor hybrid cloud‑scenario's- Waar je moet beginnen: developer.hashicorp.com met tutorials, open‑source downloads en praktijkvoorbeeldenOf je nu DevOps‑engineer, architect of security‑specialist bent, deze aflevering geeft je een helder en praktisch beeld van hoe Vault werkt, waarom het cruciaal is in moderne IT‑omgevingen, en hoe je het slim inzet van day zero tot decommission.Links:Analogie op HashiCorp Vault: https://medium.com/hashicorp-engineering/the-expensive-seats-problem-25829f7edc1eWaar kan ik beginnen: https://developer.hashicorp.comLinkedIn Cojan van Ballegooijen: https://www.linkedin.com/in/cojanvanballegooijen/Op- en aanmerkingen kunnen gestuurd worden naar: ofjestoptdestekkererin@nl.ibm.com

Rosemary Wang and Michael Kosir (developer advocates at HashiCorp, an IBM Company) discuss what's new in HCP Terraform, Terraform, Vault, and the Vault ecosystem including remote state sharing across projects, ephemeral resources in the Vault provider, and a sneak peek at the deprecated attribute in Terraform. Podcast Notes - https://developer.hashicorp.com/terraform/cloud-docs/workspaces/settings#remote-state-sharing - https://github.com/hashicorp/terraform/blob/v1.15.0-alpha20260204/CHANGELOG.md - https://github.com/hashicorp/terraform-provider-vault/releases/tag/v5.7.0 - https://github.com/hashicorp/vault/releases/tag/v1.21.2 - https://github.com/hashicorp/vault-helm/releases/tag/v0.32.0 - https://github.com/hashicorp/vault-secrets-operator/releases/tag/v1.2.0

I'm joined by Nirmal Mehta of AWS and Viktor Farcic from Upbound, to go through our 2025 year in review. We look into the AI tools that consumed us this year, from CLI agents to terminal emulators, IDEs, AI browsers - what worked, what flopped, what's worth your time and money, and what we think isn't!Check out the video podcast version here: https://youtu.be/mnagfUsh5bc

Guest Ryan Johnson talks about automation and his open source plugin project that enables Packer in VCF environments. Learn what Ryan does in his open source project including the packer examples directory on github

I talk with David Flanagan, aka Rawkode, about his new opinionated Tech Matrix that helps you navigate the overwhelming CNCF landscape. https://rawkode.academy/technology/matrix

IBM's recent acquisitions of Red Hat, HashiCorp, and its planned purchase of Confluent reflect a deliberate strategy to build the infrastructure required for enterprise AI. According to IBM's Sanil Nambiar, AI depends on consistent hybrid cloud runtimes (Red Hat), programmable and automated infrastructure (HashiCorp), and real-time, trustworthy data (Confluent). Without these foundations, AI cannot function effectively. Nambiar argues that modern, software-defined networks have become too complex for humans to manage alone, overwhelmed by fragmented data, escalating tool sophistication, and a widening skills gap that makes veteran “tribal knowledge” hard to transfer. Trust, he says, is the biggest barrier to AI adoption in networking, since errors can cause costly outages. To address this, IBM launched IBM Network Intelligence, a “network-native” AI solution that combines time-series foundation models with reasoning large language models. This architecture enables AI agents to detect subtle warning patterns, collapse incident response times, and deliver accurate, trustworthy insights for real-world network operations.Learn more from The New Stack about AI infrastructure and IBM's approach:  AI in Network Observability: The Dawn of Network Intelligence How Agentic AI Is Redefining Campus and Branch Network Needs Join our community of newsletter subscribers to stay on top of the news and at the top of your game.  Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Michael Kosir and Rosemary Wang (developer advocates at HashiCorp, an IBM Company) recap AWS re:Invent and discuss Terraform 1.14, including the query CLI command. Podcast Notes: - https://www.hashicorp.com/en/blog/re-invent-2025-how-hashicorp-and-aws-are-simplifying-cloud-operations - https://www.hashicorp.com/en/blog/day-2-infrastructure-management-with-terraform-actions - https://github.com/hashicorp/terraform/releases/tag/v1.14.0 - https://developer.hashicorp.com/terraform/language/v1.14.x/import/bulk

This week, hosts Lois Houston and Nikita Abraham are shining a light on multicloud, a game-changing strategy involving the use of multiple cloud service providers. Joined by Senior Manager of CSS OU Cloud Delivery Samvit Mishra, they discuss why multicloud is becoming essential for businesses, offering freedom from vendor lock-in and the ability to cherry-pick the best services. They also talk about Oracle's pioneering role in multicloud and its partnerships with Microsoft Azure, Google Cloud, and Amazon Web Services.   Oracle Cloud Infrastructure Multicloud Architect Professional: https://mylearn.oracle.com/ou/course/oracle-cloud-infrastructure-multicloud-architect-professional-2025-/144474 Oracle University Learning Community: https://education.oracle.com/ou-community LinkedIn: https://www.linkedin.com/showcase/oracle-university/ X: https://x.com/Oracle_Edu   Special thanks to Arijit Ghosh, David Wright, Kris-Ann Nansen, and the OU Studio Team for helping us create this episode.   ------------------------------------------------------   Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started! 00:25 Lois: Welcome to the Oracle University Podcast! I'm Lois Houston, Director of Communications and Adoption with Customer Success Services, and with me is Nikita Abraham, Team Lead: Editorial Services with Oracle University.   Nikita: Hi everyone! You're listening to our Best of 2025 series, where over the next few weeks, we're revisiting four of our most popular episodes of the year.      Lois: Today is #2 of 4, and we're throwing it back to an episode with Senior Manager of CSS OU Cloud Delivery Samvit Mishra. This episode was all about shining a light on multicloud, a game-changing strategy involving the use of multiple cloud service providers.     01:07 Nikita: That's right, Lois. Oracle has been an early adopter of multicloud and a pioneer in multicloud services. So, we began that conversation by asking Samvit to explain what multicloud is and why someone would need more than one cloud provider.  Samvit: Multicloud is a very simple, basic concept. It is the coordinated use of cloud services from more than one cloud service provider.  01:30 Nikita: But why would someone want to use more than one cloud service provider? Samvit: There are many reasons why a customer might want to leverage two or more cloud service providers. First, it addresses the very real concern of mitigating or avoiding vendor lock-in. By using multiple providers, companies can avoid being tied down to one vendor and maintain their flexibility. 01:53 Lois: That's like not putting all your eggs in one basket, so to speak. Samvit: Exactly. Another reason is that customers want the best of breed. What that means is basically leveraging or utilizing the best product from one cloud service provider and pairing it against the best product from another cloud service provider. Getting a solution out of the combined products…out of the coordinated use of those services.  02:22 Nikita: So, it sounds like multicloud is becoming the new normal. And as we were saying before, Oracle was a pioneer in this space. But why did we embrace multicloud so wholeheartedly? Samvit: We recognized that our customers were already moving in this direction. Independent studies from Flexera found that 89% of the subjects of the study used multicloud. And we conducted our own study and came to similar numbers. Over 90% of our customers use two or more cloud service providers.  HashiCorp, the big infrastructure as code company, came to similar numbers as well, 94%. They basically asked companies if multicloud helped them advance their business goals. And 94% said yes. And all this is very recent data.  03:13 Lois: Can you give us the backstory of Oracle's entry into the multicloud space? Samvit: Sure. So back in 2019, Oracle and Microsoft Azure joined forces and announced the interconnect service between Oracle Cloud Infrastructure and Microsoft Azure. The interconnect was between Oracle's FastConnect and Microsoft Azure's ExpressRoute. This was a big step, as it allowed for a direct connection between the two providers without needing a third-party. And now we have several of our data centers interconnected already. So, out of the 48 regions, 12 of them are already interconnected. And more are coming. And you can very easily configure the interconnect.  This interconnectivity guarantees low latency, high throughput, and predictable performance. And also, on the OCI side, there are no egress or ingress charges for your data.  There's also a product called Oracle Database@Azure, where Oracle and Microsoft deliver Oracle Database services in Microsoft Azure data centers.  04:20 Lois: That's exciting! And what are the benefits of this product? Samvit: The main advantage is the co-location. Being co-located with the Microsoft Azure data center offers you native integration between Azure and OCI resources. No manual configuration of a private interconnect between the two providers is needed. You're going to get microsecond latency between your applications and the Oracle Database.  The OCI-native Exadata Database Service is available on Oracle Database@Azure. This enables you to get the highest level of Oracle Database performance, scalability, security, and availability. And your tech support can be provided either from Microsoft or from Oracle.  05:11 AI is being used in nearly every industry…healthcare, manufacturing, retail, customer service, transportation, agriculture, you name it! And it's only going to get more prevalent and transformational in the future. It's no wonder that AI skills are the most sought-after by employers. If you're ready to dive in to AI, check out the OCI AI Foundations training and certification that's available for free! It's the perfect starting point to build your AI knowledge. So, get going! Head on over to mylearn.oracle.com to find out more.  05:51 Nikita: Welcome back. Samvit, there have been some new multicloud milestones from OCI, right? Can you tell us about them?  Samvit: That's right, Niki. I am thrilled to share the latest news on Oracle's multicloud partnerships. We now have agreements with Microsoft Azure, Google Cloud, and Amazon Web Services.  So, as we were discussing earlier, with Azure, we have the Oracle Interconnect for Azure and Oracle Database@Azure. Now, with Google Cloud, we have the Oracle Interconnect for Google Cloud. And it is very similar to the Oracle Interconnect for Azure. With Google Cloud, we have physically interconnected data centers and they provide a sub-2 millisecond latency private interconnection. So, you can come in and provision virtual circuits going from Oracle FastConnect to Google Cloud Interconnect.  And the best thing is that there are no egress or ingress charges for your data. The way it is structured is you have your Oracle Cloud Infrastructure on one side, with your virtual cloud network, your subnets, and your resources. And on the other side, you have your Google Cloud router with your virtual private cloud subnet and your resources interconnecting.  You initiate the connectivity on the Google Cloud side, retrieve the service key and provide that service key to Oracle Cloud Infrastructure, and complete the interconnection on the OCI side. So, for example, our US East Ashburn interconnect will match with us-east4 on the Google Cloud side.  07:29 Lois: Now, wasn't the other major announcement Oracle Database@Google Cloud? Tell us more about that, please. Samvit: With Oracle Database@Google Cloud, you can run your applications on Google Cloud and the database inside the Google Cloud platform. That's the Oracle Cloud Infrastructure database co-located in Google Cloud platform data centers. It allows you to run native integration between GCP and OCI resources with no manual configuration of private interconnect between these two cloud service providers.  That means no FastConnect, no Interconnect because, again, the database is located in the Google Cloud data center. And you're going to get microsecond latency and the OCI native Exadata Database Service. So, you're going to gain the highest level of Oracle Database performance, scalability, security, and availability.  08:25 Lois: And how is the tech support managed? Samvit: The technical support is a collaboration between Google Cloud and Oracle Cloud Infrastructure. That means you can either have the technical support provided to completion by Google Cloud or by Oracle. One of us will provide you with an end-to-end solution.  08:43 Nikita: During CloudWorld last year, we also announced Oracle Database@AWS, right?  Samvit: Yes, Niki. That's where Oracle and Amazon Web Services deliver the Oracle Database service on Oracle Cloud Infrastructure in your AWS data center. This will provide you with native integration between AWS and OCI resources, with no manual configuration of private interconnect between AWS and OCI. And you're getting microsecond latency with the OCI-native Exadata Database Service.  And again, as with Oracle Database@Google Cloud and Oracle Database@Azure, you're gaining the highest level of Oracle Database performance, scalability, security, and availability. And the technical support is provided by either AWS or Oracle all the way to completion. Now, Oracle Database@AWS is currently available in limited preview, with broader availability in the coming months as it expands to new regions to meet the needs of our customers.  09:49 Lois: That's great. Now, how does Oracle fare when it comes to pricing, especially compared to our major cloud competitors?  Samvit: Our pricing is pretty consistent. You'll see that in all cases across the world, we have the less expensive solution for you and the highest performance as well.  10:06 Nikita: Let's move on to some use cases, Samvit. How might a company use the multicloud setup? Samvit: Let's start with the split-stack architecture between Oracle Cloud Infrastructure and Microsoft Azure.  Like I was saying earlier, this partnership dates back to 2019. And basically, we eliminated the FastConnect partner from the middle. And this will provide you with high throughput, low latency, and very predictable performance, all of this on highly available links. These links are redundant, ensuring business continuity between OCI and Azure.  And you can have your database on the OCI side and your application on Microsoft Azure side or the other way around. You can have SQL Server on Azure and the application running on Oracle Cloud Infrastructure. And this is very easy to configure.  10:55 Lois: It really sounds like Oracle is at the forefront of the multicloud revolution. Thanks so much, Samvit, for shedding light on this exciting topic.  Samvit: It was my pleasure.  Nikita: That's a wrap for today. To learn more about what we discussed, head over to mylearn.oracle.com and search for the Oracle Cloud Infrastructure Multicloud Architect Professional course.  Lois: We hope you enjoyed that conversation. Join us next week for another throwback episode. Until then, this is Lois Houston...   Nikita: And Nikita Abraham, signing off!   11:26 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.

¿Está muriendo realmente el open source… o está mutando hacia algo muy distinto? Repasamos los cambios de licencias que están sacudiendo el ecosistema —Redis, HashiCorp, Elastic, MongoDB, RHEL— y exploramos cómo conceptos como open-washing o source-available están generando confusión y desdibujando el significado del software libre. En este programa reflexionamos sobre: 🌩️ El terremoto reciente en el modelo open source Cambios de licencias, restricciones y cierres inesperados. ⚠️ El riesgo del open-washing Proyectos que se presentan como libres… sin serlo. 🤖 El impacto de la IA y las Big Tech en la sostenibilidad del software libre Nuevos intereses, nuevas presiones, nuevas amenazas. 🛠️ Lo que sigue muy vivo Kernel Linux, Debian, Arch, Fedora, Blender, GIMP, Krita, OpenSSF, RISC-V… 🔍 Por qué el open source no está muriendo… pero sí está siendo confundido con otra cosa. 🧩 Qué podemos hacer como comunidad Claridad, educación, modelos sostenibles y apoyo real a los proyectos libres. Un episodio para pensar, debatir y tomar conciencia del momento crítico que vive la cultura del software libre. 💬 Comparte tu opinión ¿Crees que el open source está en crisis o simplemente adaptándose? ¿Has vivido algún cambio reciente que te haya hecho replantearte tu confianza en un proyecto? Te leo en comentarios y redes.

Enterprises are discovering that the first wave of cloud adoption didn't simplify operations. It created flexibility, but it also introduced fragmentation, rising costs, and skills gaps that now make AI adoption harder to manage. In this episode of Tech Transformed, analyst and host Dana Gardner speaks with two leaders from across the IBM portfolio: Maria Bracho, CTO for the Americas at Red Hat, and Tyler Lynch, Field CTO for the HashiCorp product suite. They discuss how organisations can move from scattered cloud operations to a unified, automated model that supports AI securely and at scale. The conversation covers the pressures leaders face today, the role of automation, and the skills and operating model changes required as AI becomes core to enterprise strategy. What you'll learn Why tool sprawl and shrinking teams are increasing operational risk How AI amplifies gaps in data, security, and processes What skills and operating model changes CIOs must prioritise Why hybrid cloud is essential for multi-model AI workloads The growing importance of automation in cloud and AI delivery How poor data hygiene can rapidly increase AI costs Practical steps for building secure, reliable AI operations Key insights from the discussion Cloud complexity is accelerating Most organisations now run “a sprawl of tool sets and environments,” Bracho notes, often without the people or standardized processes to manage them. While cloud created opportunities, the operational overhead has increased. AI raises the stakes Training, tuning, and inference often run in different environments, each with separate performance and security requirements. Bracho describes AI as “the killer workload,” reinforcing the need for robust hybrid architectures. Skills gaps slow progress Lynch highlights the disconnect between AI teams and production engineering teams. Without alignment, model deployment becomes slow and risky — echoing findings from the HashiCorp 2025 Cloud Complexity Report, where most organizations say platform and security teams are not working in sync. AI exposes underlying weaknesses “AI is not going to solve complexity; it will amplify what you already have,” Bracho says. But with structured processes and automation, AI can reduce operator workload and help teams adopt best practices faster. Automation is becoming essential The Cloud Complexity Report shows that more than half of enterprises see automation as key to unlocking cloud innovation. With the foundations already laid, AI can accelerate progress by improving consistency and reducing manual effort. Modernization is continuous Both guests emphasise that AI success depends on long-term investment in people, operating rhythms, and security. Consulting can help organizations start strong, but lasting results come from internal alignment and disciplined execution. Episode chapters 00:00 Navigating cloud complexity08:11 Skills and operating model challenges15:13 Automation for cloud and AI productivity21:48 How consulting accelerates AI readiness24:10 Final guidance for CIOs About...

Michael Kosir and Kerim Satirli (developer advocates at HashiCorp, an IBM Company) discuss what's new in Terraform and Vault, including Terraform Stacks, Terraform Search, Terraform Actions as well as the future of agentic infrastructure automation with Project Infragraph. Podcast Notes: - https://www.hashicorp.com/en/blog/day-2-infrastructure-management-with-terraform-actions - https://www.youtube.com/watch?v=3P8MrvrHia4 - https://www.hashicorp.com/en/blog/building-intelligent-infrastructure-automation-with-hashicorp - https://developer.hashicorp.com/vault/docs/updates/release-notes

Your background and experiences outside of tech can become a significant factor in your tech career. Guest Chris Williams is a good example; he talks about how his undergraduate and graduate studies in psychology influenced his work as a Developer Relations Manger at Hashicorp. Hosts Alexis Bertholf and Kevin Nanns chat with him about how... Read more »

Your background and experiences outside of tech can become a significant factor in your tech career. Guest Chris Williams is a good example; he talks about how his undergraduate and graduate studies in psychology influenced his work as a Developer Relations Manger at Hashicorp. Hosts Alexis Bertholf and Kevin Nanns chat with him about how... Read more »

Bret is joined by Philip Andrews and Dan Muret of Cast AI to discuss pod live migration between nodes in a Kubernetes cluster.

How much of your code exists only to prevent failures? Discover a new paradigm for building reliable applications.In this episode, Preeti Somal, SVP at Temporal, explores a paradigm shift that can dramatically boost productivity and give developers peace of mind. Drawing on her experience leading massive infrastructure at Yahoo and HashiCorp, she explains Temporal's concept of durable execution that helps developers focus on business logic and remove reliability concerns. Preeti also discusses key findings from Temporal's first State of Development Report.In this episode, you will learn about:Lessons from operating large-scale systems at Yahoo and HashiCorpWhy reliability ranks higher than cost for most engineering teamsHow durable execution removes reliability complexity from developer concernsWhy unlearning old patterns proves harder than learning Temporal's modelCreating a strong incident response culture through blameless post-mortemNurturing psychological safety in infrastructure teams and on-call engineersBuilding security and compliance from day one versus retrofitting laterTimestamps:(00:00) Trailer & Intro(02:20) Career Turning Points(04:43) Key Learnings from Operating Large Scale Infrastructure(07:56) Key Learnings on Platform Engineering(09:59) Key Learnings on Maintaining High Reliability(12:02) Key Highlights Working at HashiCorp(13:52) Running Infra as Code using Temporal(15:28) Key Principles for Managing a Strong Incident Response(18:37) The Importance of Nurturing Psychological Safety within Infra Team(21:13) The Temporal's State of Development Report(22:39) The State of AI Usage & Adoption(23:54) Using Temporal for Building AI Applications(26:06) The Complexities Involved in Building AI Applications(28:51) Key Learnings from Temporal's State of Development Report(31:03) The Choice of Developer Tooling Misalignment(33:12) Integrating Security, Compliance, and Cost into Your Engineering Mindset(33:39) Building with Security and Compliance-First Mindset(36:57) Temporal Paradigm Shift(39:14) How Temporal Hides Away The Complexities of Building Reliable Applications(42:47) Unlearning Required for Using Temporal Programming Model(46:33) Getting Started Building with Temporal(48:34) Temporal's Durable Execution Guarantee(51:23) The Concern About Temporal Lock-In(54:09) Temporal's Strong Developer Focus(56:16) The Compliance and Security Aspect of Temporal Cloud(58:41) 3 Tech Lead Wisdom_____Preeti Somal's BioPreeti is Senior Vice President of Engineering at Temporal. Preeti is passionate about building great products, growing world class organizations and solving complex problems. Prior to Temporal, Preeti led the Platform, Security and IT engineering organizations at HashiCorp. Her extensive career includes engineering leadership roles at Yahoo!, VMware and Oracle. While at Yahoo! Preeti was VP of Cloud Services in the Platform organization delivering highly scalable services used by engineers across Yahoo to build and operate applications with improved agility, reliability and security. These services power Yahoo!'s consumer and advertising business.Follow Preeti:LinkedIn – linkedin.com/in/preeti-somal-131890Twitter – x.com/psomal

Peggy Smedley and Michelle Pellegrin, IBM's VP and Global Managing Director for Microsoft, talk about smarter hybrid cloud operations and giving customers a unified approach to managing cloud infrastructure. She says bringing into IBM really strengthens the joint work IBM is already doing with Microsoft. They also discuss: · How they are giving customers a unified approach to managing cloud infrastructure. · What Microsoft and HashiCorp launched at HashiConf. · A client story that shows how the partnership is delivering value. https://www.ibm.com/microsoft   HashiCorp + IBM: https://www.ibm.com/products/hashicorp    HashiCorp at IBM THINK blog: https://www.hashicorp.com/en/blog/how-ibm-and-hashicorp-are-simplifying-ai-ready-hybrid-cloud-operations

Michael Kosir (Developer Advocate at HashiCorp) covers what's new in Terraform, Packer, and the upcoming conference season. Terraform Stacks in the command line, a Packer plugin registry migration, and a major version for the Terraform Google provider. Podcast Notes: - https://discuss.hashicorp.com/t/important-update-official-packer-plugin-distribution-moving-to-releases-hashicorp-com/75972 - https://github.com/hashicorp/packer/releases/tag/v1.14.0 - https://github.com/hashicorp/terraform/releases/tag/v1.13.0 - https://www.hashicorp.com/en/blog/terraform-stacks-explained - https://github.com/hashicorp/terraform-provider-google/releases/tag/v7.0.0 - https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/version_7_upgrade

Bret discusses exciting news about Swarm being maintained until 2030.

Bret and Nirmal are joined by Michael Irwin to discuss Docker's comprehensive AI toolkit, covering everything from local model deployment to cloud-based container orchestration across multiple interconnected tools and services.

SaaS companies were traditionally measured on how many years it took to achieve $100M ARR - a key milestone! In today's brave new world of AI, this milestone is now measured in MONTHS. Dave "CAC" Kellogg and Ray "Growth" Rike highlight discuss this new AI growth metric in today's episode with many examples including:LovableCursorWizBoltAnthropicOpenAIDave and Ray discuss how these new hypergrowth AI-Native companies compare to some of the fastest growing traditional SaaS companies including DocuSign, Atlassian, Box, HashiCorp, Zoom and Slack.The Metrics Brothers then dive a little deeper into the details of the "months to $100M" to discuss WHEN does that clock begin to tick, at launch or at $1M ARR? They then go beyond just AI and discuss how Product-Led Growth was once viewed as a key to accelerating growth to $100M and where the reality meets the expectations.Lastly, CAC and Growth discuss one example of a fast growing AI company that could not quite sustain the early growth trajectory that was greatly helped by the hype and the hope of AI - a cautionary tale for other high flyers or just an interesting data point?Take a listen to this episode if you are involved, interested or evaluating how growth rate expectations for software companies in the new era of software!!!See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

In today's Cloud Wars Minute, I share how IBM has built a $7.5 billion GenAI business in just 18 months, transforming everything from mainframes to consulting under the bold leadership of CEO Arvind Krishna.Highlights00:13 — IBM last week reported its Q2 numbers. Very impressive. I thought one of the most interesting points was that in just 18 months, IBM has built up a GenAI business with a revenue run rate of $7.5 billion. And that GenAI impact is cutting across IBM's entire, huge product portfolio, everything from mainframes to software to consulting.01:00 —This is a company that's 114 years young. And if you were to stack up all the startups or companies of any age that launched AI businesses within the last 18 months, I wonder how many of those would now have revenue of $7.5 billion. But IBM is right there, smack in the middle of that business. Krishna said GenAI's sparking growth in everything — even with mainframes.02:16 — And on the software level, Krishna said that this new rise of the AI products within IBM are helping to improve products it currently has, like Apptio, Turbonomic, and HashiCorp, adding additional value to them. Now, one area where Krishna said there could be a little bit of cannibalization is in the broad area of consulting.03:29 — This is all another sign of the remarkable job that Arvind Krishna has done in his five years now as the CEO at IBM. It's hard to recall, as well as the company's doing now and the innovation that's underway, what a mess it was five years ago when Krishna took over. IBM now has a fantastic portfolio of partnerships with many of the Cloud Wars Top 10 companies.04:30 — So again, a big turnover here in the products, the technologies that come to use, how it goes to market, and the culture that it takes out to clients to let them know: We at IBM are very happy to bring together the best of the best companies in the world to drive new value for those clients. So hats off to IBM. Very nice quarter. Visit Cloud Wars for more.

On today’s show, we talk to Armon Dadgar, co-founder and CTO of HashiCorp regarding HashiCorp’s future within IBM. We start with a quick recap of IBM’s acquisition of HashiCorp and then move on to the challenges of bringing a small, young tech company into a huge corporation that makes lots of its revenue on legacy... Read more »

On today’s show, we talk to Armon Dadgar, co-founder and CTO of HashiCorp regarding HashiCorp’s future within IBM. We start with a quick recap of IBM’s acquisition of HashiCorp and then move on to the challenges of bringing a small, young tech company into a huge corporation that makes lots of its revenue on legacy... Read more »

On today’s show, we talk to Armon Dadgar, co-founder and CTO of HashiCorp regarding HashiCorp’s future within IBM. We start with a quick recap of IBM’s acquisition of HashiCorp and then move on to the challenges of bringing a small, young tech company into a huge corporation that makes lots of its revenue on legacy... Read more »

Bret is joined by Andrew Tunall, the President and Chief Product Officer at Embrace, to discuss his prediction that we'll all start shipping non-QA'd code (buggier code in production) and QA will need to be replaced with better observability.

How do you modernize security in a 180-year-old company that operates critical national infrastructure? What does it look like when you discover tens or even hundreds of thousands of credentials hidden across your estate?In this episode, we sit down with Christian Schwarz, Security Director for Network Services at BT Group , recorded at HashiDays London. Christian shares the immense challenge and strategic approach to standardizing secret management across one of the world's oldest telecommunication companies.He details BT's journey away from the "moat and a castle" security model towards a future with no passwords for developers , reducing friction and enhancing security by design.Guest Socials -⁠⁠ ⁠Christian's LinkedinPodcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels:-⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠- ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠If you are interested in AI Cybersecurity, you can check out our sister podcast -⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ AI Cybersecurity PodcastQuestions asked:(00:00) - Why Standardizing Secrets is a Challenge(02:24) - Introducing Christian Schwarz & His Role at BT(05:50) - Beyond the "Castle & Moat": A New Approach to Security(07:59) - The Challenge of Securing a 180-Year-Old Company(10:04) - The Power of Storytelling and Discovering Hidden Credentials(11:59) - The Starting Point: Threat Modeling Your Critical Infrastructure(13:48) - The Upside of Standardization: Reducing Cognitive Load for Teams(16:08) - Fun Questions: Cycling, Innovation, and Favorite CuisinesThank you to our episode sponsor HashiCorp

For today's essential Heretics 101 feature, Kelli and Nolan explore compensation testing, remote culture scaling, leadership transparency, and AI adoption challenges through the analytical lens of Christine Centa, HashiCorp's Chief People Officer.*Email us your questions or topics for Kelli & Nolan: hrheretics@turpentine.coFor coaching and advising inquire at https://kellidragovich.com/HR Heretics is a podcast from Turpentine.Support HR Heretics Sponsors:Planful empowers teams just like yours to unlock the secrets of successful workforce planning. Use data-driven insights to develop accurate forecasts, close hiring gaps, and adjust talent acquisition plans collaboratively based on costs today and into the future. ✍️ Go to https://planful.com/heretics to see how you can transform your HR strategy.Metaview is the AI platform built for recruiting. Our suite of AI agents work across your hiring process to save time, boost decision quality, and elevate the candidate experience.Learn why team builders at 3,000+ cutting-edge companies like Brex, Deel, and Quora can't live without Metaview.It only takes minutes to get up and running. Check it out!KEEP UP WITH PETER, NOLAN + KELLI ON LINKEDINChristine: https://www.linkedin.com/in/christine-centa-0a809b7/Nolan: https://www.linkedin.com/in/nolan-church/Kelli: https://www.linkedin.com/in/kellidragovich/—HashiCorp: https://www.hashicorp.com/en—TIMESTAMPS:(00:00) Introduction & Christine's Background(01:15) The Compensation Specialist to CPO Transition(02:26) Current Compensation Landscape & Market Data(04:00) The Midpoint Experiment(05:28) Equity Strategy & New Grant Structures(06:20) Going Public: Private to Public Transition(07:28) Sponsor: Planful | MetaView (10:27) Remote Work Philosophy & Scaling Challenges(11:53) The Connection Crisis(13:00) Leadership Dynamics: The Professor & Accountant(13:51) Transparency as Strategy(14:40) AI Strategy & Implementation Reality(16:00) AI in Recruiting: The Future Frontier(17:17) The AI Arms Race(18:00) The Work Behind the AI Dream(19:25) Preparing Teams for AI Future(20:09) Wrap This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit hrheretics.substack.com

In this episode, Scott chats with Preeti Somal, Senior Vice President of Engineering at Temporal, to explore how teams at OpenAI, Stripe, Netflix, and beyond are building long-running, crash-proof applications using Temporal's open‑source durable execution engine. Drawing on her leadership roles at HashiCorp, Yahoo!, and VMware, Preeti breaks down the orchestration challenges in today's AI‑powered agentic architectures, shares how platform engineering, culture, and developer experience interact, and explains the feedback loops that drive platform improvement. She also offers a dive into resilience patterns like retries, state management, and sagas, and shares lessons on scaling engineering organizations through rapid growth. 

The Daytona founders - Ivan Burazin and Vedran Jukic - discuss their pivot to an AI agent cloud. We dig into the new infrastructure requirements of developing agents that need their own sandboxes to operate in.A year ago, we had them on to talk about Daytona giving us remote development environments for humans, and they have now pivoted the company to focusing on providing cloud hosting environments for AI agents to operate.I suspect this is something we're all gonna eventually need to tackle as we work to automate more of our software engineering. So we spend time breaking down the concepts and the real world needs of humans developing agents, and then the needs of AI that require places to run their own tools in code.Check out the video podcast version here https://youtu.be/l8LBqDUwtV8Creators & Guests Cristi Cotovan - Editor Bret Fisher - Host Beth Fisher - Producer Ivan Burazin - Guest Vedran Jukic - Guest You can also support my content by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com (00:00) - Intro (06:08) - Daytona's Sandbox Technology (12:57) - Practical Applications and Use Cases (14:29) - Security and Isolation in AI Agents (17:59) - Start Up Times for Sandboxing and Kubernetes (22:51) - Daytona vs Lambda (31:06) - Rogue Models and Isolation (34:54) - Humanless Operations and the Future of DevOps (47:17) - SDK vs MCP (50:15) - Human in the Loop (51:13) - Daytona: Open Source vs Product Offering

After going over the full Hashicorp tale in the last few episodes, let's recap and see why exactly it is so incredibly difficult for an successful Open Source project to become a profitable enterprise. Please use the Contact Form on this blog or our twitter feed to send us your questions, or to suggest future episode topics you would like us to cover.

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.Microsoft and CrowdStrike have announced a strategic alliance aimed at deconflicting threat actor names across their platforms.A new, anonymous figure calling himself GangExposed has surfaced in the cyber threat landscape, publishing a significant set of internal documents that reveal the identities of top leadership within the Conti and Trickbot ransomware crews.A new supply chain attack targeting the Ruby ecosystem has emerged, leveraging impersonated packages to exfiltrate sensitive data from Telegram communications. Researchers at Wiz have published what appears to be the first confirmed case of active exploitation of misconfigured HashiCorp Nomad servers in the wild, used by attackers to mine Monero cryptocurrency.

Melanie Sumner: Why Continuous Accessibility Is a Strategic AdvantageMelanie Sumner, Product Accessibility Lead for Design Systems at HashiCorp, joins Robby to talk about what it takes to scale accessibility across legacy products—and how aligning design and engineering processes creates lasting change. Melanie shares her work making Ember.js more accessible, her team's philosophy behind their design system, and why she treats accessibility like any other technical concern.From the pitfalls of nested interactive elements to the strengths of Ember's conventions and codemods, this conversation offers a roadmap for integrating accessibility into every layer of product development.Melanie also reflects on why she trademarked the term Continuous Accessibility, how it fits into product lifecycles, and what other frameworks can learn from the Ember community's approach.“Accessibility is a technical problem with a technical solution.”Melanie joins us from Chicago, Illinois.Episode Highlights[00:01:00] What Well-Maintained Software Looks Like: Consistency, purpose, and bridging design and engineering[00:02:30] Building a Unified Design System Across 10+ Legacy Products[00:03:30] Creating Component Requirements Before Design or Code[00:05:00] Designing with Accessibility Defaults—and Providing Bridges for Legacy[00:07:00] How Ember's Conventions Help Scale Front-End Systems[00:09:30] Who Uses Ember—and Why It's a Fit for Teams with Big Requirements[00:13:30] Technical Debt in Design Systems and the Cost of Rushing[00:16:30] How They Future-Proof Components and Avoid Over-Engineering[00:19:00] What “Continuous Accessibility” Means in Practice[00:21:00] Accessibility Testing and the Limits of Automation[00:23:00] Common Accessibility Mistakes: Nested Interactives and Misused DIVs[00:24:30] Keyboard Navigation as a Litmus Test[00:26:00] Text Adventure Games and Accessibility as a Playable Experience[00:28:30] The Origin of Her Accessibility Journey at UNC Chapel Hill[00:31:00] Why She Avoids Framing Accessibility in Emotional Terms[00:32:45] Compliance as a Business Driver for Accessibility[00:35:00] Open Source Work on Testing Rules Across Frameworks[00:38:00] The Navigation API and Fixing Single-Page App Accessibility[00:40:30] HTML's Forgiveness and the Illusion of “Good Enough”[00:43:00] Advice for Engineers Advocating for Accessibility Without Authority[00:46:45] Book Recommendation: Cradle Series by Will Wight[00:48:30] Where to Follow Melanie: melanie.codesLinks and ResourcesMelanie's WebsiteHelios Design System at HashiCorpCradle Series by Will WightEmber Community SurveyA11y Automation GitHub ProjectAxe-coreFollow Melanie:GitHubLinkedInThanks to Our Sponsor!Turn hours of debugging into just minutes! AppSignal is a performance monitoring and error-tracking tool designed for Ruby, Elixir, Python, Node.js, Javascript, and other frameworks.It offers six powerful features with one simple interface, providing developers with real-time insights into the performance and health of web applications.Keep your coding cool and error-free, one line at a time! Use the code maintainable to get a 10% discount for your first year. Check them out! Subscribe to Maintainable on:Apple PodcastsSpotifyOr search "Maintainable" wherever you stream your podcasts.Keep up to date with the Maintainable Podcast by joining the newsletter.

Julián Duque from Heroku joins me to explain and demo their new AI platform.Check out the video podcast version here https://youtu.be/BGqlLZHdRDsCreators & Guests Cristi Cotovan - Editor Bret Fisher - Host Beth Fisher - Producer Julián Duque - Guest You can also support my content by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com (00:00) - Introduction (05:12) - Deep Dive into Heroku's AI Capabilities (14:23) - Heroku MCP server (28:27) - Describing MCP Tool Interactions (30:48) - DevOps Automation with Heroku MCP server (37:02) - Heroku AI and Future Prospects

Launching our new Podcast: https://agenticdevops.fmBret and Nirmal are at KubeCon London and record their ideas about how AI Agents will change DevOps, platform engineering, SRE, automation, troubleshooting, and more.Creators & Guests Cristi Cotovan - Editor Bret Fisher - Host Beth Fisher - Producer Nirmal Mehta - Host You can also support my content by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

At KubeCon EU 2025 in London, Nirmal and I discussed the important (and not-so-important) things you might have missed. There's also a video version of this show on YouTube.Creators & Guests Cristi Cotovan - Editor Beth Fisher - Producer Bret Fisher - Host Nirmal Mehta - Host (00:00) - DDT Audio Podcast Edited (00:04) - Intro (01:24) - KubeCon 2025 EU Overview (03:24) - Platform Engineering and AI Trends (07:03) - AI and Machine Learning in Kubernetes (15:38) - Project Pavilions at KubeCon (17:05) - FinOps and Cost Optimization (20:39) - HAProxy and AI Gateways (24:00) - Proxy Intelligence and Network Layer Optimization (26:52) - Developer Experience and Organizational Challenges (29:23) - Platform Engineering and Cognitive Load (35:54) - End of Life for CNCF Projects You can also support my free material by subscribing to my YouTube channel and my weekly newsletter at bret.news!Grab the best coupons for my Docker and Kubernetes courses.Join my cloud native DevOps community on Discord.Grab some merch at Bret's Loot BoxHomepage bretfisher.com

Mitchell Hashimoto, founder of HashiCorp, joins us to talk about his latest project, Ghostty—a terminal that's fast, feature-rich, and truly cross-platform. Mitchell shares the vision behind Ghostty, its architecture built around the libghosty core, how it's tackling long-standing limitations in terminal emulation, and why features like quake-style dropdowns matter more than you'd think. We also explore how the community can get involved and the future potential of Ghosty as a platform for modern text-based applications. Tune in to explore the innovative features that make Ghosty a standout cross-platform terminal! Links https://mitchellh.com https://x.com/mitchellh https://hachyderm.io/@mitchellh https://github.com/mitchellh https://www.linkedin.com/in/mitchellh https://ghostty.org/docs/about We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Let us know by sending an email to our producer, Emily, at emily.kochanekketner@logrocket.com (mailto:emily.kochanekketner@logrocket.com), or tweet at us at PodRocketPod (https://twitter.com/PodRocketpod). Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form (https://podrocket.logrocket.com/get-podrocket-stickers), and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understand where your users are struggling by trying it for free at [LogRocket.com]. Try LogRocket for free today.(https://logrocket.com/signup/?pdr) Special Guest: Mitchell Hashimoto.

Plus, Nvidia closes its acquisition of Israeli software startup Run:ai. And Nasdaq leads indexes lower in tech pullback. Cordilia James hosts. TNB Tech Minute will release its next episode on Thursday, January 2. Learn more about your ad choices. Visit megaphone.fm/adchoices