Podcasts about rfcs

PHP Podcast – June 11, 2026 Guest Hosts: Sara Golemon, Elizabeth Barron & Holly Schilling Eric and John are out this week — Sara, Elizabeth, and Holly take over. Here’s what they covered: PHPVerse Recap PHPVerse just wrapped up, and Elizabeth was there in Amsterdam. The format is unusual — all speakers are flown to one location, but the audience is entirely virtual. It was a class act: professional TV crew, studio lighting, and a makeup and hair team on site. Around 2,500–3,000 people watched the live stream. Everything was broadcast as one long block; individual talk segments and possibly the documentary trailer will be cut and released separately. The full stream is available now — the PHP documentary trailer (produced by Jet Breeze, covering 30+ years of PHP history) appears around the 2:24:30 mark. PHP Foundation 2026 Strategy Document Elizabeth and the PHP Foundation released their 2026 strategy document the same day as this recording. The foundation gathered community input across numerous conversations and conferences, synthesized it into findings, and has now published a plan for the rest of the year. Key themes: repositioning PHP’s public perception (which Elizabeth calls a solvable problem), creating six special interest groups, and launching an Onboarding Initiative to build a real on-ramp for new PHP developers. Elizabeth’s view is that the two things giving her the most hope for PHP’s future are the passion and expertise of the community, and how good the language itself has gotten. Visit thephp.foundation to read the full document. The Onboarding Initiative One of the six special interest groups the foundation is launching is specifically focused on bringing new developers into PHP. Goals include creating a true learning path (not just a reference manual that assumes existing knowledge), improving educational resources, and potentially working with the php.net website to improve the first-time experience. Holly made the point that PHP’s barrier to entry is genuinely lower than almost any other language — the Hello World program is 11 characters — but that story isn’t being told outside the PHP bubble. New developers are turning to JavaScript as a first language and running into minified spaghetti instead of something approachable. AI Writing PHP — And PHP as a Second Language Holly built the entire PHP Tek conference app backend in Laravel without writing a single line of code herself — AI-generated throughout, which she reviewed and approved. The code held up to peer review at the conference with only minor style nits. She ran it on PHP 8.3 and used modern standards throughout (one piece of feedback: stop using empty()). The consensus: AI models write good modern PHP because of the vast amount of open source PHP they were trained on. The caveat Sara raised is worth thinking about — how much of that training data is PHP 4-era code and WordPress 3 repositories? Either way, Holly’s case for PHP as a second language is strong: low ceremony, low boilerplate, readable syntax, and it’s a language where you can do something useful in minutes. PHP’s Reputation Problem (and Why It’s Fixable) The group dug into PHP’s perception gap — the mismatch between how good the language actually is and how it’s perceived outside the community. Holly’s experience as a mobile developer who recommends PHP to others: the pushback is immediate (“isn’t that slow?”, “isn’t that dead?”). The benchmarks don’t support that reputation — PHP outperforms Python on most comparable workloads — but data alone doesn’t shift perception. Elizabeth’s point is that this is primarily a storytelling and coordination problem, not a language problem, and that the foundation’s repositioning work is exactly aimed at closing that gap. The community has the passion. It just needs to tell the story outside its own bubble. PHP Polling API RFC Sara walked through the RFC for a new Polling API in PHP (wiki.php.net/rfc/poll_API). The short version: PHP currently has five or six different ways to do I/O multiplexing (watching multiple streams and acting on whichever one is ready first), and which one works depends on the OS, available extensions, and PHP version. The Polling API proposal creates a single, unified interface that abstracts all of that. The immediate beneficiaries are async frameworks like Amp PHP, ReactPHP, and Revolt, which currently have to maintain multiple backend implementations to cover different environments. The bigger picture: this is a building block on the path toward true async PHP, likely contributing to something more complete in PHP 9.0. Most app developers won’t use it directly — but the libraries they depend on will. RFCs are all listed at wiki.php.net/rfc. PHP.net: Do As We Say, Not As We Do Sara, who has contributed to php.net, copped to the state of the codebase: some of it dates to the PHP 3 era, there are functions.inc files, and it is very much “do as we say, not as we do.” The historical reason is that php.net used to rely on community-administered mirrors (r-synced servers running everything from PHP 5.1 to 5.6 simultaneously), so modernizing the code was impossible without controlling the runtime. That’s changed with CDN-based load balancing — they can now control what PHP version runs on php.net — and the code has been getting better. But it’s a slow process. PHP Podcasts Past, Present, and Future Holly asked about the PHP Town Hall podcast (Ben Edmonds and Phil Sturgeon), and the group did a quick tour of PHP podcast history. The PHP Roundtable — originally started by Sammy, taken over by Eric — has produced about three episodes. Sara and producer Joe are planning to take it off Eric’s hands and actually do it properly. And Elizabeth announced that the PHP Foundation is launching a new podcast: tentatively called PHP at Scale, hosted by Ben Marx, focused on telling the stories of organizations pushing PHP to its limits. No launch date yet, but there’s already a queue of interested guests. Next Week’s Show — Moved to Wednesday Sara will be on a boat off the coast of Galicia on Thursday, so next week’s episode is moving to Wednesday. Guests will include Paul Reinheimer and (hopefully) Sean Coase — two veterans from PHP’s podcasting past. Elizabeth is going to try to make it work around the Canadian Grand Prix. Mac Mini M4 for Local LLMs Holly picked up a refurbished Mac Mini M4 (16GB RAM, 512GB storage) specifically to run LLM models locally via Ollama. Apple Silicon is a solid choice for this because the unified memory architecture gives the neural cores access to far more RAM than a discrete GPU setup. Sara is waiting for the M5, which is reportedly not coming until fall — and is already resigned to spending too much on it when it lands. Links from the show: PHP Foundation — 2026 Strategy Document PHP RFC: Polling API PHP RFC Wiki — All RFCs Under Discussion Amp PHP — Async framework ReactPHP — Event-driven async PHP Revolt — Event loop for PHP php.net website source code (github.com/php/web-php) PHP Architect Discord Guest Hosts: Sara Golemon Based in Lisbon, Portugal PHP core contributor; code contributor via the Curl project (which means she technically has code on Mars) Elizabeth Barron Executive Director, PHP Foundation Based in Germany Holly Schilling Primary mobile developer; built the PHP Tek 2026 conference app Based near Chicago, IL Streams: Youtube Channel Twitch Connect & Hire PHP Architect Website Twitter/X Mastodon Hire PHP Developers Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review. Partner This podcast is made a little better thanks to our partners Displace Infrastructure Management, Simplified Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease. https://displace.tech/ PHPScore Put Your Technical Debt on Autopay with PHPScore Music Provided by Epidemic Sound https://www.epidemicsound.com/ Join Us Live Next Week Note: Next week’s show is on Wednesday (not Thursday) with guests Paul Reinheimer and Sean Coase. Youtube Channel Got feedback? Join us on Discord at discord.phparch.com The post The PHP Podcast 2026.06.11 appeared first on PHP Architect.

I'm excited to work with Microsoft once again as the presenting sponsors of the AI Engineer World's Fair! We'll streaming live from MS Build today for a special crossover pod with our friends at No Priors and the one and only Satya Nadella. However we did not hold back with this interview - we asked all the burning questions about uptime and Copilot that we know you have in your minds. Lets go!For almost two decades, GitHub has been the home of software, where both open source and closed flow, through commits, pull requests, reviews, actions, etc.This ecosystem flourished as open-source maintainers and contributors would continue shipping code for the benefit of the community. However as coding agents began to ship mass quantities of code - growing 1400% in 2026, it marked a new era that was both extremely exciting and challenging for GitHub.While these agents help more people ship more projects, they also significantly increase the floor of how much code is shipped, how often it is shipped, how many people commit code, and basically orders of magnitude multiples in every dimension of GitHub infrastructure:Now GitHub inevitably experiences more pressure on their infrastructure which was originally designed around human developers moving at human speed. This has resulted in a very publicly notable uptime story:So it begs the question of whether current systems around code can absorb what AI produces. Can CI/CD keep up when every idea becomes a build? Can open source maintainers survive floods of AI-generated slop contributions? Can GitHub preserve the human social contract of software while becoming the operating layer for agents?Which brings us to the perfect person to answer these questions: GitHub COO Kyle Daigle. In this episode, he joins swyx to unpack what happens when AI doesn't just autocomplete code, but starts changing how companies operate, how open source works, how pull requests get reviewed, and how GitHub itself has to scale. We go deep on GitHub's internal AI workflows: micro-skills, WorkIQ, MCP, Slack, Teams, email, Copilot workflows, the new Copilot desktop app, CLI, cloud agents, and how Kyle uses agents to look backwards across company context before deciding what to do next. Kyle also reflects on GitHub's history building webhooks, APIs, Actions, npm, Dependabot, and Semmle, why the AI era is breaking GitHub in new ways, how Actions became a general-purpose compute layer, and what Copilot becomes after code completion.Full Video PodWe discuss:* Kyle's expanded role across GitHub* How AI got Kyle coding again after years in leadership* Why GitHub rolls out AI through existing workflows instead of forcing new tools* WorkIQ, MCP, Slack, Teams, email, and GitHub as company context* Why massive “mega-skills” are giving way to small, atomic micro-skills* How AI changes summarization, communications, marketing, and analyst work* Why former developers in leadership may have a unique advantage in the AI era* Kyle's “15 agents on Saturday” workflow* How Kyle built an AI-generated executive presentation for CRO/CFO teams* Why AI changes the chief of staff role without removing the human work* GitHub Actions, webhooks, arbitrary code execution, and secure agent compute* The npm acquisition, supply-chain security, 2FA, and token invalidation* Slop forks, vendoring, and whether AI agents change dependency management* What pull requests become when most PRs come from agents* Prompt requests, vouching, AI review, and trust in open source* What counts as a “developer” when AI lowers the barrier to building* GitHub Spark, low-code, and why GitHub refuses to hide the code* 14x commit growth, Actions load, databases, monorepos, and availability* Copilot's evolution from completion to CLI, desktop app, cloud agents, and SDK* Context, memory, rules, and making GitHub “act like Kyle wants it to act”* Ambient AI, OpenClaw, enterprise security, and the new operating system for agents* What swyx should ask Satya Nadella about Microsoft's AI futureKyle Daigle* LinkedIn: https://www.linkedin.com/in/kyledaigle* X: https://x.com/kdaigleTimestamps00:00:00 Introduction00:03:36 Why AI Got Kyle Coding Again00:07:04 Running GitHub with AI: WorkIQ, MCP, Slack, Teams, and Skills00:15:39 The Golden Age for Former Developers in Leadership00:17:31 15 Agents on Saturday and AI-Generated Executive Work00:20:20 How AI Changes the Chief of Staff Role00:21:45 GitHub's History: Actions, npm, Webhooks, and Open Source00:28:45 Slop Forks, Vendoring, and AI Dependency Management00:33:57 Pull Requests, Prompt Requests, and Trust in Agent-Generated Code00:41:21 GitHub Stars, 200M+ Developers, and the New AI Builder Wave00:45:15 GitHub Spark, Low-Code, and Why GitHub Still Shows the Code00:47:38 GitHub's Hardest Era: 14x Growth, Reliability, and Scale00:59:21 Actions as the Compute Layer for CI/CD and Automation01:02:04 The State and Future of GitHub Copilot01:08:24 Ambient AI, Background Agents, and the Future of the SDLC01:13:09 OpenClaw, Enterprise Security, and the New OS for Agents01:18:03 Build Announcements, WorkIQ, FoundryIQ, and Microsoft Context01:21:41 What Should swyx Ask Satya?TranscriptIntroduction: Kyle Daigle's Expanded Role at GitHub and MicrosoftSwyx [00:00:00]: We're here with Kyle Daigle, COO of GitHub. Welcome.Kyle [00:00:07]: Hey, thanks for having me.Swyx [00:00:08]: You're not just CEO of GitHub. People know you as that. You have a new role.Kyle [00:00:11]: So I have an expanded role now. I've been working at GitHub for thirteen years and doing all things developer. Joined as a developer myself. And now, I'm also responsible as the CMO of Developer for Microsoft. And so all the kind of learnings and passion for developers and how we work with them and how we communicate and how we bring our products to market, we're also bringing that expertise to the broader Microsoft ecosystem and helping every developer that uses a Microsoft product or would like to have a sort of similar experience that they've had with GitHub over the years. So it's a different role in some ways, but it's also just building on the experience that I've had at GitHub of just sort of tell the truth, be authentic, show people how to use it and then let the products speak for themselves. Now just doing that with, all of Microsoft.Swyx [00:01:09]: We'll be releasing this in conjunction with Build. You got lots of stuff planned, and we can sort of touch on that whenever it's appropriate. I think one of the interesting things is I rarely meet a COO who's also a CMO. I think you're a very outward facing and you're very confident publicly. That's rare. Do you actually view yourself as COO? What's What is your thing?From GitHub Developer to COO/CMO: Building the Platform and Operating GitHubKyle [00:01:33]: I think for me, it's been funny. The titles have always been, a— have always felt a little strange to me. I joined GitHub as a developer? I wrote so much of theSwyx [00:01:46]: Let's bring that up. You wrote the back ends?Kyle [00:01:48]: I was going through, I was going through, some old photos, when folks were talking about how things were being built or how there was a build GitHub. I built, webhooks and worked with teams building the API, built the platform layer. Anything that integrated with GitHub, up until really twenty eighteen, I built or ran the engineering teams. And that's kind of where my the beginning of my passion always was helping people build things, deliver them to, their customers. And so being a developer, building for developers was always super unique. In a— I think as my role expanded, it became my ability to talk to not just developers, but also enterprise customers or business leaders and have this translation layer. And then through all those years, GitHub has always operated pretty uniquely. Post-pandemic, working remotely was not as novel as it was when GitHub started in two thousand and eight. But all that expertise of running remote teams, doing it well, became this sort of bigger role, ultimately turning into the COO role of how do we operate GitHub in the way that GitHub's always operated after the Microsoft acquisition. And kind of so on from there. So like for me, I think the— I've, I still code. I love coding but the problem has always been, people. It's a much harder problem to both support our own employees, a harder problem to communicate to developers and enterprise buyers what we're building why it matters, ‘cause those are two very different messages. And so getting to work in the mix of COO, CMO, also just being a dev, I think is what's kept me at GitHub for so long.AI Workflows for Leadership: Commits, Retrospectives, and ContextSwyx [00:03:40]: Apparently, you have— your commits have gone up. What's this? What's going on?Kyle [00:03:45]: Rui's called me out pretty aggressively. So I think— as you can imagine, right, you can see my normal era of being a dev In the twenty thirteen, twenty fourteen era, and then moving into management, and then ultimately the COO role. I think what you see there is me, really getting back to coding thanks to AI. I— similar to, attaching problems between how to market and how to operate a business and how to code, I find, building agents and workflows that are connecting very disparate problems to be what's driving this. So that's, some of it's writing software. A lot of it is, connecting a ton of a different data sources to, help me out. But that is completely me really diving in on the AI side in trying out our tools, trying out everyone's tools, But building for me, building for the non-technical leader, though I'm technical and how we're, able to use these tools more than just the simple, call and response that I think a lot of the non-technical, your employers, you have to get— you have to use AI, and so everyone uses, ChatGPT or Copilot or Claude or whatever. To really get into, how is this going to help me out, it— I find that it's not the I need to write a blog post, I need to those simple examples. Helping people find the workflows of, “Okay, I need you to go through all the PRs today. I need you to go through everything that we've posted online. I need you to go through what we did the last three months. Go through all of my Obsidian notes for any mentions of this then go through my transcripts at work.” We use, Teams, so, using WorkIQ, go call that MCP server, grab all the transcripts, go through all the Slack, and then build me out the plan of, what this week's messaging actually was. That's something that was, impossible because for me, I find AI in a what most of this launch here is actually, less building forward. It's actually, a recursive loop backwards. I'm always looking at what had happened first. Go back through the week and tell me what we did, what worked, what didn't work? And then tell me in the next three or four days-What would you tweak based on this sort of like looking backwards and then looking ahead a little bit? I find that to be so much more valuable, especially for like non-technical, because that retrospection is actually LLMs are very good at that. Like finding all the patterns, pulling them out, and then applying that retrospection to just a couple of days or just like a short period of time. Is all a bunch of apps that I've built and launched a bunch of, internal tools. I use the new, GitHub Copilot app, the desktop app with workflows. Every time I crack open my laptop, it's running workflows for me. It's just a ton of different stuff and of course, it all ends up on, it all ends up on GitHub.Swyx [00:06:47]: Of course. That's where, that's where, stuff is hosted. Man, there's so much to ask you. I was going to leave the how do you run a company with AI thing at the end. I have to ask one— double click one thing. You said, you are looking back at the week. You're, you're understanding what happens. When you say we That's three thousand people. How?Rolling Out AI Internally: Skills, CLIs, and Company ContextKyle [00:07:09]: I think when we started rolling out AI internally beyond engineering, right? One of the things that I was really, passionate about is like we have to do this in a way where no one has to change how they work. I don't want to have to teach you a tool. I don't want to have to teach you something new. And so for us, we tried out a few tools. Most of them don't work because I got to get you on board? I got to teach you how to use it. What we've actually ended up doing is we've built like a set of skills internally. We have we each have our set of skills, and we've just been distributing even to the non-technical folks, the CLI. And then effectively, we're just giving it access to like read about everything that we're writing. So that's for us, that's usually GitHub, Teams, Email, and Slack. So Teams for, video chat, generally speaking.Swyx [00:08:03]: Teams and Slack?Kyle [00:08:04]: so we use Teams for video communication, but we don't use it for chat. W-we— GitHub for a long history, right? We're alwaysSwyx [00:08:13]: Also SlackKyle [00:08:14]: Talking about ChatOps and like everything is built into Slack. Like every command, every flow.Swyx [00:08:18]: So even though you have been acquired for I don't know, eight years nowKyle [00:08:22]: we stillSwyx [00:08:23]: You still use Slack?Kyle [00:08:23]: it's a purpose-built tool for us, and I think the reality is that moving off of it would be so bluntly expensive? Simply because all the tooling is, baked in with that paradigm. And they both have their pros and cons but they don't work the same way at all. We still use a bunch of different tools Because it's the purpose-built tools that We need. And thenSwyx [00:08:47]: Well, the same doesn't go for the rest of Microsoft, presumably.Kyle [00:08:50]: like the like various teams like operateSwyx [00:08:53]: They make their own decisionsKyle [00:08:54]: Various ways. I think it just matters what you're trying to what you're trying to do. But we do we do work across kind of every tool that we use, and then by giving everyone access to all of that context and the new WorkIQ MCP server, which is quite cool if you do live in the M365 like world. I can ask it all these backwards-facing questions, and it's incredibly important for our teams that are working remotely. There's a lot of stuff you miss when you're not in an office, and we are spread out all over the world. So most of that is looking back. And then we post, we post either auto-automatically into GitHub issues or discussions, these sorts of like findings or like our industry reports. Like what's happening this morning, today, yesterday. A little automation gets run. We'll use the app. We might use GitHub Actions like with, our agentic workflows just to go do that run, and then we push it into GitHub, and w-we keep having a conversation. So usually for us, it's about that sort of like looking back, looking forward on the non-technical side. And then of course for a lot of those folks, it's also building an app, pushing it to GitHub pages or pushing it somewhere to host it et cetera. But it's just like enabling everyone with that power of it's going to take me a week to figure this out. Instead, we're going “Okay I built a skill. Let's put it into a repo. We'll all share that skill together, and then we'll use the CLI or now the app-” “just to run it.”Micro Skills vs. Mega Skills: How GitHub Uses AI at WorkSwyx [00:10:26]: All right. I think, I think we're going straight into like the team management and productivity thing. I think a lot of people are getting various levels of LLM psychosis. How do you manage the bloat of skills? Like everyone Has their thing, and they're Like trying to promote it to the rest of their peers in their org, right? And obviously, whoever becomes a skill influencer internally becomes like an AI leader, right? Of sorts. I assume you have those.Kyle [00:10:50]: like I think we haveSwyx [00:10:52]: And I assume it's a mess a Yeah.Kyle [00:10:54]: there's like I— like I think the reality is there's two pieces. Like first is I think that we're ending the era of these like massive, beautiful, perfect skills that are just like not any of those things. ‘cause for a while, right every tweet every day is like go download the skills, the perfectly managed thing to do this entire workflow. And I think that like what we've found and what— I was just with my team, this week, and we were talking about the skill side, and we're really talking about these like incredibly micro skills that are just doing one thing for us very well Versus a skill that's going to do I said, that full report. That doesn't really exist on our side anymore. It's usually how do— like a single skill that's going to identify the most important marketing information given any MCP server. Like this is the most important thing. Less about stitch a bunch of tools together and have it produce this mega output because then weeks go by, months go by, things change, and you want to tweakSwyx [00:11:58]: It's brittleKyle [00:11:58]: Your mega skill and you're screwed? You can't do that. And so now we're really just talking about the Legos we're using and just letting the instruction book be something we're all putting together. Whereas I think a lot of AI skills for a while have been that mega instruction book style.Swyx [00:12:15]: I've, thought a lot about Postel's law. I don't know if that's a term that is, means things to folks. It's the idea that you should be liberal in what you accept and strict in what you output, right? And I think that's like a good framing principle for skills. This is my skills, obviously on GitHub. I feel like everyone should have like how like some repos In GitHub are special repos? I feel like we should sort of reify the slash skills and everyone like give it some kind of special presentation. Anyway, so, yeah, this is one of those like download Download anything, transcribe anything, and then you can string together the atomic skills that do one thing well Into like some kind of orchestration skill that calls other skills. I assume, does that match?Kyle [00:12:56]: I like I think so. I think that theSwyx [00:13:00]: Summarize anything.Kyle [00:13:01]: Like I think the- For me, summarizing something for I do communications and PR and analyst relations and marketing and customer activities, and so my summarize everything is very different for each one of those like Contexts. What ‘Cause if I'm summarizing something for an analyst, that's a very different thing than, probably how I'm going to summarize something for like a customer meeting or an engagement. So that's I think like the difference when we're talking about the like the tools I might use on Saturday or the skills I might use on a Saturday when it's just for Kyle. Yeah, those are kind of like they have an atomic actual tool underneath or maybe skill, and then Kyle cares about X. But I think when we're talking about work and enabling the the marketers, communicators there, it's the atomic, this is what good summarization is, and then this is what I care about as for marketing for communications For whatever. And that I think is like the interesting matrix problem when we go from like a developer set of concerns to all kinds of different professions, is that what that word means to me is different than it means to you is different than it means to the analyst or the salesperson, and that's where I think the matrix mess is that we're starting to like still starting to find. It's about these mega skills but they're all just slight permutations, but those permutations are really important. It's the difference between someone reading this and going “Did AI make this?” what Or “This makes total sense, and I would expect this when I'm giving a briefing to Gartner,” or like whatever else.Swyx [00:14:37]: I think the beauty of it maybe is that you don't have to be that careful about what goes in there. It doesn't have to exactly fit as long as it like roughly is contained in there. I used to complain about plugin hell, basically. Like when you have a framework and then you have a hundred things that you need to integrate, everyone does like the GitHub used to be bloated full of these things. And now we don't need them anymore ‘cause now you just use skills.Former Developers in Leadership: AI as a Creation MultiplierKyle [00:15:00]: And like I think the most magical thing is the just that like I can just also crack it open. Like Like yes, I could go like change the how the plugin is coded, or like I could go do that now with AI, but I think there's just something more magical about getting a response back and being “That's not right,” and then you just crack the skill open, you just type English words and it's different. That building block is just, I think very unique. Once I get everyone to kind of understand how to best how to best make those changes to get the most power out of them.Swyx [00:15:36]: Is there a— you have a your peer group that Of people like you. Is there a common framing for Something I'm feeling is, which is true, is that is this a golden age for former developers who are now in leadership? Because you can wield the tools, you would know the right words, you're maybe not too close to the details. Doesn't matter. But like you're more effective than someone who doesn't come from that background.Kyle [00:15:59]: I think that like the secret has always been your ability to identify patterns and solve problems, and I think that for folks that like myself that don't code day to day anymore, that has made me successful as a developer, made me successful as a COO and now CMO. And so now that I have access to get and write code, I'm now applying that sort of like pattern finding and problem solving, and I know enough still about how to then go and say, “Oh, I want to make an app, but I don't want to break into jail or create something that's not going to be able to work or to be deployed scale or whatever.” that ability to apply all that additional business knowledge and still code I think is what makes that so interesting to me. Slightly different than I think some of the other like technical leaders that became business leaders and now are going back to their apps and updating them. Good for them? But I think the more, much more interesting thing is, well, now I have this whole new set of expertise over ten plus years. Why not take that and use that as a developer with these AI tools? So I definitely think that makes me more powerful, but I think that's true for like every dev as well. Most of the dev friends I still have also have some other underlying skill and passion. There's really talented, very kind of linear computer science software devs, absolutely. I just find that the folks that came from a different career, went to school for something else, went off and did this random thing, and then became a software dev, or were a dev, did a random thing, came back. Learning that extra set of information, learning those extra skills, and now having the power of an AI where I can crank up fifteen agents on Saturday while my kids are doing lacrosse, That's like really powerful. And I think it gets me back to that feeling of like creation, and it's very hard to replicate that in most other senses? That first time you build an app and you click it and you show someone that's magical. And so being able to do that not just in code, but across all kinds of different assets that's, that's huge. We were doing we're doing our every year we do our revenue planning. We talk about okay, what is it going to look like for next year? And of course as you imagine, there's, slideshows everywhere talking about what are we going to talk about, what's the narrative, et cetera. And so as you said I'm “Okay, well, I could probably just like build something to build this and then that way I don't have to go build the whole spreadsheet or I have to pass it to my team.” So we went through this process, and I got all the information and used the skills I mentioned. I built like a little app just to make it so I could look at some of the information in a SQLite database, more easily. And I ultimately built this entire presentation without touching any of it and I was “Okay, I'm just going to present this to our CRO, the CFO, their teams,” without mentioning I'd built it with AI. I like built a skill to make it look very much not AI driven. Just not pretty.AI-Generated Presentations, Human Taste, and the Changing Chief of Staff RoleSwyx [00:19:03]: Like a design. Yeah.Kyle [00:19:03]: Not pretty. But just like very clearly not AI. Kind of like don't do anything interesting.Swyx [00:19:08]: That's, yeah, that is valuable.Kyle [00:19:08]: Just go Exactly. We did the whole thing through. It used my notes from Obsidian, it used all the context I mentioned before, the plans, and Never came up once that it was AI generated.Swyx [00:19:20]: It didn't matter.Kyle [00:19:20]: Never once. D It didn't matter. And so now I takeSwyx [00:19:23]: This is a toolKyle [00:19:23]: I can take that tool and go, “Look, I don't want you to go build slideshows.” They're just helping us share information with each other. If this thing can do it With a little bit of crafting from you and then we can look at it together, awesome. There's no value in all that extra work. I think that the ability to, make it look humanly bad and and build a little app to, manipulate the data I think is part of, that upside for devs that are now in leadership roles. Because, the thing that I feel like I said before, this that's all a people, that's all a people problem. I know if you've used a coworker or not to build a slide deck, unless you spent a bunch of time to not do it.Swyx [00:20:07]: I know, but like it was so, I think there's a certain charm to just being blatantly AI. ‘Cause I think that you're well, you're just honest about There may be mistakes here that I cannot vouch for. So how much value is there? But anyway I think, actually the real question I want to ask is, there's a— You were a chief of staff To Thomas. And in the pre-AI world, the that job would've been a chief of staff job of like Can you prep me these slides and all that? And now you do it yourself.Kyle [00:20:35]: I still, I still have a chief of staff. Because, the difference is it's sort of the discussion every time we have some sort of technology evolution is it's not that the jobs the roles don't all go away, they just change? And so yeah, I don't have someone spending all their time building out slides for me and presentations ‘cause I don't need that anymore. But now I need that person that is able to go and find all the different connections between humans in those discussions to help me find out, okay, I should be meeting with this group and this team, and they have an opportunity, and I'm going to be in San Francisco today, I'm going to be in Seattle tomorrow. Those sorts of human connection aspects are still incredibly valuable and has always been a big part of that chief of staff role. But now just like chiefs of staff are not opening up, letters to process, they're doing emails. What It's the same thing. And now they're, they're not building out as many of these presentations because they have the the ability to have a AI take it on for, and share that with me and great. Let's keep moving ‘cause it's allowing us to go faster and make better decisions more quickly.Swyx [00:21:45]: Awesome. Well, so we can dive into more sort of, Productivity insights as you go. I did want to do a little bit of a brief history of colleague and hub. Because, we started here. And then you also involved the NPM acquisition. I did, I do want to touch upon that. And then more recently, I just want to bring up to present day where we're having uptime issues Which transparently we've already Addressed publicly, but we'll, we'll discuss in the pod. Did I miss anything? Like what, any other major highlights? Obviously, it's, it's a lot of years to cover.A Brief History of GitHub: Webhooks, Actions, Acquisitions, and Platform EvolutionKyle [00:22:15]: No the I think one of one highlight was right before the acquisition closed in twenty eighteen, I got to launch the first version of ActionsSwyx [00:22:27]: OhKyle [00:22:27]: At GitHub Universe. So it was OSwyx [00:22:29]: They're that young?Kyle [00:22:30]: It was October of twenty eighteen, I think. Yeah. Yeah.Swyx [00:22:33]: Gee, Jesus.Kyle [00:22:34]: I got to I was the engineering leader on that project and got to launch that. And then, yeah, we did acquisitions of NPM you said, Semmle, Dependabot Pul Panda a whole bunch of things. That was a bigSwyx [00:22:47]: Pul Panda.Kyle [00:22:48]: Abi is doing well.Swyx [00:22:51]: DX. Holy crap.Kyle [00:22:52]: Did well on DX. I and like that was a that was the big shift, after the acquisition. I had to join the sort of business side.Swyx [00:23:00]: So I need to hit you on some of these things ‘cause you were there. Right? And how often do I get to talk to someone who was there? But yeah, Actions. Is that the number one source of security issues on GitHub?Kyle [00:23:11]: Oh, sh I think that the number one source of, security issues is probably like all, the literal code in everyone's like underlying repositories. I would say back further than that is, if you remember I had to show in this graph was this is, I'm, didn't say this before, this is ultimately webhooks.Swyx [00:23:30]: You yeah.Kyle [00:23:31]: Like circa whatever it was.Swyx [00:23:32]: It says Hookshot in there.Kyle [00:23:32]: I forget. Yeah. Yeah, Hookshot's in there. And so like back then, it says GitHub Services. Do you see, it says Hookshot FE for front end, and then it says GitHub Services. GitHub Services back in the old days, right? You we had a repository that was Ruby code, and you could write any Ruby code in there, and then we would execute that On your behalf As a service, and then that way if an if you were trying to integrate with something, it didn't we would run it for you.Swyx [00:23:57]: And of course no containers ‘causeKyle [00:23:58]: No, ‘cause it wasSwyx [00:23:59]: Well, no containersKyle [00:24:00]: Twenty fourteen. And so there was some isolation obviously, but it was mostly the separations on the server level. That's like an example as long as the very old version of Pages, which ran on its own containerization infrastructure, not on Actions.Swyx [00:24:15]: Which like all-time great product.Kyle [00:24:16]: Pages powers the internet at this point to some degree. Those were places where like clearly there were no like issues like to my knowledge. But it was those things where I'm looking at and going “Okay, well we can't be running arbitrary Ruby code,” like on everyone's behalf. Then containerizing all of that up intoUh into actions now where yeah the containerization, is r-really good. The pinning most folks aren't pinning it the like to a particularSwyx [00:24:48]: ImagesKyle [00:24:48]: Sha, et cetera like their workflows, and so that's a big that's a big place Of pain for folks if they're just doing similar to any dependency management, just V1 or newest or latest, I think. But, that journey from that day to “Okay, we're just going to run all this arbitrary code, and, it'll basically be okay,” to now, no, we have, really good containerization. We have a new, underlying, ag-agent, containerization, service. It's like we're using it under the hood. It's through Azure. They recently announced it. The Azure, Dev Compute, but it's, very fast, very fast compute to be able to, spin up your own cloud agents, or whatnot. We're using it under the hood for some parts of the new,Swyx [00:25:36]: Microsoft Dev Box?Kyle [00:25:37]: No. Dev Compute, yeah.Swyx [00:25:41]: Hmm. Not finding it just yet.Kyle [00:25:44]: Oh, it's, it's in there somewhere.Swyx [00:25:46]: All right. Well, we'll cut that out.Kyle [00:25:47]: Sorry. But with, Dev Compute, you can, run, really fast, spin up really, small VMs really quickly, so you're doing a tool callSwyx [00:25:58]: Same conceptKyle [00:25:58]: Just do it containerize exact-exactly. So we're using that so definitely moving that direction to protect us from every every piece of code that we're ultimately running.Swyx [00:26:07]: look, that grows into the full SDLC? Code hosting was just the start and and then it's grown beyond that. Let's talk about NPM may-maybe ‘cause I think that's also, a very major point in the industry. I do think, it was looking for a home. It was, kind of struggling as a business, right? I don't know, I don't know how you would characterize that whole acquisition and how itNPM, Package Security, and Keeping the Internet RunningKyle [00:26:33]: like when we were talking to the team, I think the big thing for the both of us was to find a way to keep NPM, which was basically powering the internet then and way more so now to some degree running. Keep it going keep continuing to scale. It was having scaling problems, if I recall, back at that time. They were doing some rewrites. ItSwyx [00:27:00]: that's cute compared to now.Kyle [00:27:01]: Well, that's the thing is like when I'm talking to folks now, there's there's so many more underlying uses of NPM than there were back when we had them join in with GitHub. But that was ultimately the goal. It was really okay, we used to have pages. We have, the world's code. Let's make sure that we can keep NPM running well for the world. And we put a bunch of time and investment into fixing some of the underlying backend, changes, some of which we talked about some of the manifest work, et cetera. And then now, really trying to bring the the security posture of NPM up to speed. But, it is a unique challenge in that every move that we make to make it more secure will break a lot of people. And security is paramount. And also, we take it very seriously. We're, the any time that we have a problem with GitHub or we make a change that makes us more secure but hurts, there's, a snow day for developers or a really bad fire that they have to go put out. And so we've, have changed the 2FA policies. We've changed the way the tokens work. When we find tokens that have been exposed or potentially, exposed, we invalidate them, andSwyx [00:28:22]: I love that feature in GitHub. Yeah, it's greatKyle [00:28:23]: That creates issues, but, the but that's the thing is we're trying to push the community, forward without necessarily, doing something that is going to break the contract that's been for 15 years or close to it or some amount of years on NPM.Slop Forks, Vendoring, and the Future of Open Source Supply ChainsSwyx [00:28:43]: I think the— So now we're talking about, open source and publishing. And I think there's something here with what people are calling slop forks, which, I think Malta from Vercel is doing. And, part of me thinks, well, the way to get past any vulnerabilities, we just, let's just get rid of the concept of NPM. And we only publish source code. And anytime you want to import it you have your coding agent look at it and then adapt whatever subset you're going to use into your vendor it. But, the AI vendor it. Is that realistic? I don't know. Is it— Will that solve all our security issues? I don't know.Kyle [00:29:24]: I don't think it'll solve I so Mitchell was just talking Mitchell Hashimoto Was just talking about this today, and I think that I-in some ways, it's all all things, old or new again? Yeah, absolutely vendoring everything. Like I do I do remember twenty thirteen, twenty fourteen.Swyx [00:29:42]: This is Yeah. Let's, we must return toKyle [00:29:43]: That's what is We were vendoring everything. We were having actual discussions around, or at least I remember we were “Should we take this full thing?” “Why is this so big? We only need this one file.” And so I do think there's something true there where having either taking only what you need or the dependencies just getting incredibly small over time, I think will help to some degree, but it's not going to solve the fundamental problem, I don't think, because the vulnerabilities in an agent looking at them, there's time and time again, there's a million different ways in which we can convince an agent that this thing is, secure or not and pull it in. Or we can do static code analysis or runtime testing to say whether the code works or not. That is, I think, the step that needs to continue to be, invested in. The question is just on, how much scope. Should it be this enormous project that I'm pulling down, or should it be this piece? Either most companies are running some amount of security checking on the on the packages that they're bringing in or vendoring. That I think won't change. That's like what advanced security does to some degree, Socket does some degree. Like everyone is doing a piece of that. How we each do that like especially when we're talking to enterprise customers, is just like very different. No there's no one wants one single way to do it. And I think that's always been GitHub's, unique position in the world. I talk a lot to maintainers, I talk a lot to folks about this. It's we're— we rarely start like a process and a practice and like push it onto the community. We usually wait for the sort of like RFC process socially or literally, everyone agreeing, and then we'll cement something in. Because otherwise we'reMaintainers, RFCs, Vouching, and the Social Layer of TrustSwyx [00:31:35]: That fits your role in the ecosystem, yeahKyle [00:31:36]: We're GitHub. Yeah, we don't want to shape the whole thing. We want it to be figured out. But like how do you balance that like sort of Role in the industry to keep everything as secure as is possible and make sure that you're you're not going to be compromised as a human, ‘cause that's usually how it all happens. And Not not create a process or lock us into a flow that you're not going to or like Mitchell's not going to or other open source projects aren't going to like. That's always been a tricky balance for us, and I think that's something that we haven't talked about enough is we're not going to be able to fix everything for everyone in a way that everyone is going to like. So tell, help us, tell us what is working. When Mitchell was talking about, the Upvote, the upSwyx [00:32:22]: I was going to bring up his thing. Yeah.Kyle [00:32:23]: I forget what it Yeah. When he's talking to us, I was chatting with him and talking to him about this and I put it on Twitter and we talked to, also over DM, was “We're going to keep working.” but I think the important thing is I do actually want to hear what isn't working for you. And as, be as specific and clear for your project as is possible. And to every piece of credit over the many years that we've known each other through the industry, he's always done that and I appreciate that ‘cause there are places that we need to fix up, and we hear from him, and we'll fix up just like we do all other kinds of maintainers. But that that process between making those types of improvements and being more secure and like creating, I forget what he calls it's not the proof process, not the claims process. Do what I'm talking about? He has that he his projects have a way for you to kind of like,Swyx [00:33:13]: VouchKyle [00:33:13]: Vouch. Thank you. Yeah. He has like the vouch system for saying, “Hey, you should accept my PRs.” That's beenSwyx [00:33:20]: I just built this into GitHub. I don't know.Kyle [00:33:22]: Well, see, but that's the thing is that you say that and like he and his community really likes this and then I'll go talk to other maintainers and other maintainers, globally, and they're “No, this doesn't work for me.” And that is the tension, but also the kind of beauty of GitHub, depending on which way you look at it is we want to help maintainers, so we create all these tools to let you have more control over how much you take in from AI and PRs. But you can also use this. What You can go use this project, and if it takes off and becomes the kind of mostly standard, then yeah, we probably wouldn't enforce it but we would add it in because that's the flow that we tend to do?Swyx [00:34:02]: I hear a lot of people don't know the history of the pull request. And like like that's how, that's something that GitHub standardized basically.Kyle [00:34:08]: Yeah. It was a very messy process Like beforehand, and now the we have the benefit of it being the process? And now we have to go and Figure out the next best process or what adaptations change, or what does a pull request look like when eighty percent of your PRs are just coming from your agents and not From other devs?Swyx [00:34:31]: Do you like the prompt request idea from Peter?Kyle [00:34:34]: like I think that for each like each idea I think has its merits. I'm not, I'm not avoiding saying anything good or bad, but I feel like I've seen a version of we have that we have entire Thomas' store. Take all the assets of what you've built and put that in. I think that's got great ideas. There's all these various permutations of the PR flow, but I think the reason why there's not a single answer is ultimately we're trying to codify trust. We're trying to say “Okay, if Sean reviews this I'm going to trust it because you're Sean or you're the senior dev or you're the whatever.” And right now, when we are working in a flow where an agent writes code and another agent reviews code and then Kyle goes and looks at it the trust is kind of diffuse. And most of the tools that we're talking about are talking more about verification flows. We have more assets to look at, so I can probably say whether this is a good PR or not. But that still doesn't solve, I think, the human problem of I'm looking at a PR and I want to know if I can trust it. And we're still, we still tend to use human signals for that? Mitchell approving it or Kyle approving it or whatever. And so I think that's, I think that's why most of these options haven't really solved it is because, it's a social problem ultimately. It's a it's a human problem to review it and agree. Or you fully trust the tool and you're imbuing that tool with full trust Which I think in some cases that absolutely exists.AI-Generated PRs, Trust, and the Waymo AnalogySwyx [00:36:08]: And so like in the same way that there will be a tipping point in society when we don't allow humans to drive anymore Because machines are measurably better than Than humans. I'm looking for that tipping point, right? Like Mythos is ridiculously expensive. Someday we'll have Mythos on a desktop. I don't know. Will, does that change the equation?Kyle [00:36:30]: I think it's more I took a Waymo here, and I was on my phone and not looking around at all. There are other, self-driving, vehicles that I would not trust while, staring at the road. And I think that trust is something that isSwyx [00:36:48]: Is this a Zoox thing? What is itKyle [00:36:50]: I think that is both. I think that is both. LikeSwyx [00:36:53]: There's Zoox in this robo taxi. That's it. It'sKyle [00:36:56]: Well, depending on what level Of self-driving. But, my point is sort of that I think part of that is I strongly believe that's, a mixture of verifiable proof. Like how many accidents, how much data, and so on, and the human aspect of how I feel when I'm in this car, what it tells me, et cetera. And so that's why I think some of the like Some of these some of our AI tools tend to, imbue me with more of that feeling of trust, even if the data says this is 100% accurate. I feel like it takes more time for us to go, “Should I trust this or not?” And that's in the soft sense of, startups with high agency, weekend projects, and open source. And then there's enterprises and regulated industries and everything else, and that is an even harder problem to go solve because even when it is fully verified, not only do you have to have trust from the humans on the team, you probably have to have trust from multinational,Swyx [00:37:55]: Oh my GodKyle [00:37:55]: Multi governments around the world and regulating agencies. And so that's where I feel like until we tip over to your point on the sort of like human EQ side of it. I feel okay this feels okay I've been proven enough. Then the ball will start to roll a lot faster, where we'll end up getting to the “Okay, we can trust this,” and feel good about it in the Most difficult of cases.Reputation, Sponsors, Stars, and Bot Activity on GitHubSwyx [00:38:18]: If human trust is the thing that matters, I feel like GitHub as the developer social network could maybe do more there. Like vouchers are one system But, we have star counts, and then we have Contributor rights, and that's it. And I feel like there should be more in that space. I don't know if there's any other design decisions there.Kyle [00:38:37]: I think that one of the places that we don't really expose right now in this sort of way is, some degree of like hard trust and support, which would like for me is like sponsors is a good example of that.Swyx [00:38:49]: Ah.Kyle [00:38:49]: It like costs you something. To prove that I believe in your project and I trust you To some degree or I want to support you at the very least.Swyx [00:38:56]: Solve payments for open source. Why not?Kyle [00:38:58]: I think that I think that like as we keep moving forward, right, there's more and more projects where I'm, adding more and more dollars into sponsors personally because I want to like support them, but I also like know of I've probably never met them in person, but, I know of enough of their work that I want to support them. I think the thing that I don't love about stars or commit counts or anything else is ultimately, even with all of the various, abuse and de-spamming and deduplication work that we do or anti-abuse work that we do, these are all, not active social signals. They're passive ones that are ultimately gamifiable. And you may trust me, but another open source maintainer may not. And on what heuristic should you be, trusting me? That I think, is kind of where some of our thinking is right now. What signal from me is most important to you? You— If you can define that potentially, honestly in an agentic workflow that's what we see some of these open source projects do, where you have GitHub actions, and then you have like an agentic workflow that's calling AI, and you're setting these rules. Like if Kyle has submitted and gotten accepted PRs across any given project and has a social handle tied to his account in GitHub, and that social account's older than a certain amount. Really complex measures that matter to you ‘cause most open source projects have that heuristic built into their heads, if not written down in the contributing guidelines. You could take that and then go apply that and then just say, “Oh, we're not going to accept this PR.” Building something that is, I think, malleable to everyone's needs, is a little bit better, rather than going “Hmm, this account's too young.” Because what happens? The attackers just go and go and create a multitude of accounts, and they wait Until it ages up. Needs to have a certain amount of stars. That's how star inflation happens. Need to have a certain amount of reposSwyx [00:40:46]: Oh my God. YeahKyle [00:40:47]: With PRs. They all just create repos and submit PRs to each other, and then they come in and do something nefarious. And so, it's hard. It's hard to find the measure. So I think we're, we're looking more at how can we provide you tools so you can kind of choose what's best for you. And of course, we'll give you some standards. But the trust vector, gets down to I don't know, some version of like human digital ID like everyone's been talking about. Like how do I prove that it's meSwyx [00:41:13]: Give me your eyeballsKyle [00:41:14]: On the internet. Give me your eyeballs. Exactly.Swyx [00:41:18]: The I got to keep moving on Topics, but obviously I can go all day on this stuff because, I've been involved in GitHub and open source My entire professional career. Stars. Very superficial. Everyone knows it. But I think time to one hundred thousand stars is the fastest I've ever seen. Like people just reached that in I don't know, months. And then like at the same time I don't trust it right? Like how many of these are real or bot or like whatever. I don't know how to ask this but like what can we do about it? LikeKyle [00:41:49]: JustSwyx [00:41:49]: Is stars broken? Is stars fine?Kyle [00:41:51]: I think that there's kind of two, there's like two pieces. Obviously we're constantly like trying to find ways in which like your users are producing spam, which would, I would include like be like only doing star gamification. When we find them, we pluck ‘em out and we,Swyx [00:42:08]: But it's like a Whac-A-MoleKyle [00:42:10]: It's a hundred percent like a Whac-A-MoleSwyx [00:42:11]: There's no wayKyle [00:42:11]: Now, powered by AI to be helpful. But I think more so what I'm seeing is, a lot of the like fastest time to X tends to be because we're now inviting so many more people into like software development on GitHub That like the zeitgeist is just swarming? And it'sSwyx [00:42:32]: It's not just developers anymoreKyle [00:42:33]: And it's not you and I. Like like however you want to say like what a developer is it's not just folks who have been coding for a very long time. It's folks that have maybe started coding or only joined in since the AI era. And nowSwyx [00:42:44]: what's the latest Octoverse number? I know eighty million was my lastRem- member that a number of developers on GitHubKyle [00:42:50]: Oh, we're over 200 million now.Swyx [00:42:53]: Okay. Well, so you see?Kyle [00:42:55]: Like over 200 million developers now.Swyx [00:42:56]: But it's not developers, right? It's, it's people with a GitHub account.What Counts as a Developer in the AI Era?Kyle [00:43:00]: So, so this is, this is the biggest debate that I would say, everyone loves to have at GitHub at this point. From my perspective, right, I think that there's, there's clearly a difference between, professional enterprise developer and then developers. But I think that I think that the idea that we should be I don't know, splitting hairs or segmenting developers in the early era of software development is, not worth our not worth the time. SoSwyx [00:43:29]: When you get into gatekeepingKyle [00:43:31]: 100%Swyx [00:43:31]: What is a developer?Kyle [00:43:31]: 100%. ‘Cause I wasn't a developer when I started writing code? I was going toSwyx [00:43:36]: Oh, no. I made— I cloned a thing, seven years before I learned to code. And then I and then I wrote about my learning to code journey, and people Just called me a fraud ‘cause I had a GitHub account. And I'm “Well, no, I just use GitHub, but I don't know-” “I didn't know what I was doing.”Kyle [00:43:49]: I I remember that. I remember those sets of posts, and like that's, that's b******t. So I fight very clearly on the line of, if you create code, if you have an idea and you create it into some way of, I'm, I'm going to run it and use the app right now, you may still use AI in that moment, but that's okay. At some point you're going to do the next thing. You're going to create a big— You're going to have to learn about this database. You're going to fix a bug, whatever. We're all on some same journey, and those people are also hearing about the great new agent skill package or a new CLI tool or a new whatever. And those projects are going up because you want to be a part of this moment, just like I wanted to be a part of the Ruby community when Ruby was popping off when I started becoming a developer, and now I can just click the star button. And so I think that yes, there's clearly some amount of like spamming and game gamification that we're working against, but I really think we're just seeing this whole new cohort of folks that are moving from technology to technology because they're not working on a 20-year-old software application. They're working on a side app that they built on the weekend for their friends or for their new idea or whatever. And that's how you see these enormous charts going up and to the right with With stars.Swyx [00:44:59]: I think something that's remarkable is the persistence or, that GitHub extends to those folks. Usually when I see platforms go into a new audience, they usually have to, have like a second platform with a different name that wraps the main platform. But somehow GitHub has been able to sort of persist and extend, and it's friendly and whatever? So it's, it's nice.Spark, Low-Code, and Always Showing the CodeKyle [00:45:19]: I that's partially why I think as we've tried to move into I don't know, more like low-code-y things. We so we started working on Spark as like a way to, build an app and run it. I think that the reality is that we anytime we try to, kind of put even a veneer on top of it without when we put a veneer on top of something, we still always show you the code. That's kind of like a tenant. We're never going to, hide the code from you ever, because whatSwyx [00:45:52]: Why would you?Kyle [00:45:52]: That's, yeah, that's the whole point? However, I think that what we learned with things like Spark is that really the value of Spark for most devs is, easy runtime. And you may have a runtime or a host that you're going to use for that or you just build something and run it but, the package of making that even more simple isn't really needed for folks that are trying to build software and not just trying to build, an app, which is, slightly different, a slightly different goal. So I want to get you in, I want to get you comfortable. I think the best thing for me as, someone that did not traditionally come into software dev way back, I want anyone to be able to breach that chasm and not be in the I don't know, I feel like we're, we're still in an era of, STEM. I've got a 12-year-old and an eight-year-old, and it's “We got to get ‘em into STEM,”? Over and over. And I like I do, I do the things that good parents do. I was “Oh, you want to do coding?” “Yes, I want to do coding.” Do coding classes. But now they're just not afraid of doing software. And that's, I think, the thing that's honestly kept me at GitHub for so long. Anyone should be able to go and build a thing, just like I can go change a light switch in my house. I'm not going to go into the breaker box ‘cause I'll probably kill myself? But, I can go change that light switch. Everyone should be able to go and say, “This fricking app doesn't do what I want. I want it to work like this.” And that I think, is what's kind of kept us all connected with GitHub through the years and some and during the easiest of times or in the hard times because of that opportunity of, we're the home for all developers, and we want everyone to be able to have that feeling that we've had of, had an idea, I created it and holy s**t here it is.Swyx [00:47:37]: Here it is. All right, I'm going to try to do more spicy questions.GitHub's Hardest Scaling Moment: Growth, Agents, and UptimeKyle [00:47:42]: Great.Swyx [00:47:42]: Is it an easy time now or a hard time?Kyle [00:47:45]: Oh at GitHub? It's a hard time. Like, it's a hard time and also, I was just with my team and I said, “This is also, the best and most exciting time that I think I can remember at GitHub.” BecauseSwyx [00:47:57]: Best of times, worst of times. It's never oneKyle [00:47:59]: ‘cause we've we were talking about Octoverse reports and, usually we do an Octoverse report once a year, and we look at the numbers, and we say, “Oh my goodness.” I was at Universe in October saying, “This was the fastest year of growth that we've ever had,” right? And now we're doing more in a month than we did in a year last year.Swyx [00:48:20]: You're talking about PRs.Kyle [00:48:21]: Commits.Swyx [00:48:21]: Commits, yeah.Kyle [00:48:22]: PRs. Kind of like you name it by roughly every measure that we're looking at, there's some amount of sort of growth that is much bigger, and that is breaking our system in new ways, not old ways. Like webhooks were always notoriously, unreliable over the years?Swyx [00:48:38]: Whose fault is that?Kyle [00:48:39]: not anymore mine, but for a period of time, I'm sure you could pull up a tweet that was “It was me. I'm sorry.” but, now, that got rewritten at a scale level that is still working and is not having problems today. Now what we're finding isn't just the isn't the-The simple stuff that folks are on the sometimes on Twitter or on the internet are “Hey, why is this like this?” Sure. There's absolutely silly problems that we shouldn't exist. But now we're talking about, unique, novel permission problems that happen only at a scale across all different objects or whatever, that now we have to go rewrite this underlying system. And so it's, there are problems that yeah, caught us off guard, which I think I said. Like the growth is astronomical, but also we're making such material progress in that I'm excited once we're once we've kind of like reimagined the underlying foundation layer, or pieces of it at least, what's going to be possible when it's not just all of us and all the new people that are being developers and all of their agents and all the tools like working together. Because that'll still happen in that in that GitHub tool, that GitHub community. But it's a it's a hard day anytime we can't give you what you're looking for. We have the same problem internally. We operate through github. Com. Of course, we have backups when things go down and whatnot for our own operations but we feel it too. If it's not working it's not working for us, and that's kind of like the promise of dogfooding for GitHub. It's always been true. We're using the same tool you're using. We're not using a super secret version. We and so we also need it to be great for us for our customers of course for open source. And now an exponential growth of agents, Doing it too.Swyx [00:50:32]: I wanted to load for audio listeners who maybe haven't seen your tweets, whatever. So one billion commits in twenty-five. Now it's two hundred and seventy-five million per week on pace for fourteen billion this year, if growth remains linear. Is that still the pace? I don't know. It's been aKyle [00:50:48]: it's, it's speedingSwyx [00:50:50]: Roughly.Kyle [00:50:50]: It's still speeding up.Swyx [00:50:51]: It's, it's April, so yeah.Kyle [00:50:51]: Exactly. This was in April.Swyx [00:50:53]: All right. So basically you have fourteen x growth, right? Year on year on year. And I think that's a scaling issue. I think, I'm going to like try to really steel man this thing. People have experienced fourteen x growth. They haven't had your downtime. And that's like— C-can we go dig into that? Why? Like what's the— what broke? What are we doing to fix it? Like just anything for the community to reassure them.Why GitHub Reliability Is Breaking in New WaysKyle [00:51:18]: so there's a Like I was saying, there's a couple different places that we've seen the growth issues. Some of the growth issues, which is why we're t— I was talking about pushing hard on more CPUs is in actions in particular. More tools, more agents, more PRs mean more builds, more builds mean more CPUs. And so we are expanding through not just our data center, but obviously we were talking about moving to Azure and moving to, adding an additional cloud compute because we simply need more CPUs. Not as much GPUs. We definitely need GPUs too, but now CPUs are becoming a factor.Swyx [00:51:53]: It's very CPU heavy.Kyle [00:51:54]: Underneath the hood when it comes to some of the underlying services, we've been breaking up over the years our database infrastructure, so that way we have, more cognitive separation between our the various services. The place that we continue to have pain is in, permissioning. And so right now m-many of our permissioning layers sit into a database that we like internally call MySQL One, and old Hubbers will know what I'm talking about. And so we've been pulling things out of MySQL One for many years, because like and we use we use Vitess and we use other technologies to shard and we do it as one bigSwyx [00:52:31]: Famous thing, PlanetScale was born from this andKyle [00:52:32]: A hundred percent. Sam Old Hubber and friend. And so finding these opportunities to like break this out and then do that globally. The other thing that I think is interesting and both a unique opportunity and tricky is we also run everything I just talked about in a black box container with GitHub Enterprise Server for people that work on-prem. So we take everything I just said, and we also do it on-prem, and we also do all of that and we do it in a data residence setup for customers that need to have their data in a single location. Each of these has the unique characteristic around how we're sort of storing that data in MySQL or in a permissioning setup. That's where some of these outages have oc-occurred, where you're seeing it more like across the board rather than just like the one pieceSwyx [00:53:17]: Filling the databaseKyle [00:53:17]: Isn't quite working. Exactly. And so part of it is that. I think there's been some other places where agents are much more or more projects appear to be moving towards monorepo versus we were going the other direction for many years in the industry. Repos were smaller, but there were more of them, and now we're seeing the opposite. Repos are bigger, and there's, not fewer of them per se ‘cause there's new growth, but, we're just seeing many more big repos. Big repos, big monorepos have always had, a unique performance problem. Because each one, is slightly different if, particularly if the underlying blobs are incredibly big Inside the repos. And so we've done a ton of work that you pro— like most people haven't probably experienced, unless you're in this case of the monorepo. But that Git, infrastructure layer improvement does help the overall, system because, many of the improvements that make monorepos work better make all repo infrastructure work better. And so, I could kind of keep going down the line where it's another thing where we're moving out of, We're changing how we do j I'll just say job queuing for lack of a better, explanation changing the underlying technologies there.Swyx [00:54:32]: I spent two years being a job queuing guy, so.Kyle [00:54:34]: And so it's kind of a little bit of a little bit of piece by piece, and it's mostly because as we were— as it was built, we built everything in a way that assumed, I guess in some ways that the size of the pipe of work was going to remain the same. There's just going to be more people coming through each of those pipes. But instead now in places whereA git push was, generally a certain size for example, is now, no longer true.Swyx [00:55:03]: Oh, yeah.Kyle [00:55:03]: OrSwyx [00:55:05]: I push a thousandKyle [00:55:06]: On the average. 100%Swyx [00:55:06]: A thousand line commits like dailyKyle [00:55:07]: Same thing with PRs. Like PRs same thing. And like we've talked about optimizing that and making changes where, and there were technology choices that did not work there? And it got slow, and it didn't It was not fast. It did not do what the users wanted. And so we've been reeling that all out and going “Okay, that's just not right. Let's stop putting good money after bad and do it the do it the right way or the right way now.” So there's It's a it's a lot of things, not quite when I've experienced scale at GitHub historically, it's almost always two options that we've used. We go vertical scaling, particularly with databases, right? And we go horizontal scaling. Oh, we just have more people using this service. Great. We're going to add more servers, and we rack them in our data center, or we use it in a cloud. And now we're sort of in a like diagonal, where like vertical doesn't really work anymore. Horizontal isn't work either because we're all We all have some CPU or GPU constraints in the world now, and now we have to go in and like crack open services that have been running for 10 or 15 years and go, “Okay, the rules of this service have legitimately changed, and now we have to rewrite them.” None of this is an excuse. This is like we're We have to do the work. We have to make it better.Swyx [00:56:22]: actually as an infra guy, I'm “This is like one of the most fascinating scaling challenges I've ever seen.”Kyle [00:56:26]: That's that's, that's the thing that's the thing that it's hard for Like when we weren't talking about it publicly, and I was like I came out, and I was “Hey, I just want to explain what's going on.” Part of it comes from a very old GitHub ethos, which is it's our it's our uptime. It's down. W What I know you're a developer, so you're, you're inclined to want to understand more what's going on. But at the same time us going “Hey, this service didn't, perform the way we expected, and now we have to go change it,” we weren't We're not trying to hide anything from you i

PHP Podcast – May 7, 2026 Hosts: Eric Van Johnson & John Congdon Another fun episode of the PHP Podcast! Here’s what we covered: PHP Tek Is 11 Days Away — And Everyone Is Stressed The conference countdown is real: 11 days, 10 hours, and a handful of seconds on the clock. John’s travel plans hinge entirely on little league baseball — if his team wins their Tuesday playoff game, he coaches the Saturday game, then bolts for the airport. If they lose Tuesday, he’s sad but gets to Chicago earlier. Meanwhile, Eric is grinding through the PHP Tek TV redesign, trying to wire up the SessionIze API for schedule imports instead of doing it all manually from a CSV, and sending the design team a novel’s worth of badge and signage requests. Holly’s conference app now has notifications working: select a talk, and if Eric or John move it around, you’ll get pinged. Keynote and lunch notifications are also on the table for attendees who can never find the room. Conference Stress Dreams: The Motorcycle Gunman Edition John woke up mid-dream to his wife opening the blinds for the school run — and the dream he was pulled from was genuinely unhinged. He was in an Uber waiting for Uber Eats to arrive at an intersection when a motorcyclist pulled up behind them, got off, shot out the tire, then came to John’s door and started shooting at the lock to get in. The Uber app had briefly flashed the word “threat” on the map. John laid the seat back as far as it would go. The driver just stood there. Then the blinds opened and it was just a Thursday morning. John’s verdict: it’s conference stress. Hard to argue with that. JS Tek — An Honest Conversation John decided to say the quiet part out loud: JS Tek hasn’t brought in the JavaScript community the way they hoped. The PHP world is unusual in paying for speaker travel and hotel rooms; Joe in Discord confirmed this barely happens outside PHP, and somebody speaking at a Ruby/Rails conference once told Eric they not only weren’t reimbursed for travel — they had to buy their own conference ticket. Eric’s takeaway: the JS track itself is a great idea for PHP developers, but trying to recruit an entirely new community into the fold didn’t work out. Next year’s structure will probably look different. The PHP 7-to-8 Upgrade That Failed Three Times Eric’s consulting team has been struggling with a client upgrade from PHP 7 to 8 — unusual, because they’ve done this many times and know the pitfalls. After three failed attempts, a deep dive revealed the culprit: an abandoned Laravel Shift branch left behind by a previous developer who had started an upgrade and walked away, with missing config files baked right into the inherited codebase. The fix wasn’t just another attempt — it was getting the management team to produce a proper testing playbook, and more importantly, actually getting trained on the application. The team had been fixing bugs in code they’d never seen working correctly. Today they finally got that training session, and Eric says the excitement and “ah-ha” moments from his developers made it clear this should have happened much sooner. The Database on the Same Server Problem A related discovery from the same client: the database lives on the same machine as the application. Every upgrade means shutting the app down, exporting the database, migrating it somewhere else, and starting over. Eric’s head doesn’t compute why this is still the case in 2026. Even a second machine designated as a database server would be a massive improvement. In a moment of uncomfortable honesty, Eric also admitted that PHP Architect’s own conference site has the same setup — Forge makes it so easy to throw a database on the same box that you just don’t think about it, until you do. Laravel Shift, Laravel Cloud, and the Pre-Check Tool The conversation circled back to Laravel Shift — JMAC’s automated upgrade tool — which Eric notes has become less essential as Laravel’s upgrade paths have smoothed out considerably compared to the wild west of early Laravel development. But Shift is still out there and still useful. More interestingly, JMAC has a new free Shift specifically for Laravel Cloud readiness: run it against your app and it’ll tell you whether your application is compatible with Laravel Cloud’s serverless model, flag any system commands that won’t be available, and help you understand what services you’d need. Laravel Cloud itself is Taylor’s “don’t worry about servers” deployment platform, and if you’re not a sysops person, having a Shift that holds your hand through the setup could be the difference between trying it and not. PHP Internals Made Readable — Externals and PHP RFC Watch Eric plugged two tools for following what’s happening in PHP core. The first is externals.io — a much more readable front-end for the PHP internals mailing list, with search, read-tracking, and threaded discussions. The second is a newer discovery: php-rfc.watch, which focuses purely on RFCs, showing what’s active, what’s been voted on, and how the votes broke down. It’s more of a quick-glance dashboard than a full discussion forum. Eric also highlighted a specific RFC from Ben Ramsey: a proposal to update the PHP license, accompanied by a detailed blog post called “PHP License Simplified” that walks through the history and rationale. If you’ve ever been curious about why license choice matters (especially at the enterprise level where legal teams block open source based on license type), Ben’s post is worth the read. NeoVim’s Flash Plugin — Used Wrong for Years Eric has been using Flash.nvim, a NeoVim navigation plugin, for years. He recently discovered he had been using it completely incorrectly the entire time. He thought he understood what it did. He did not. A YouTube video explaining the plugin properly (titled something like “How to Jump Anywhere Instantly in NeoVim”) revealed that what he’d been doing was essentially pressing the wrong keybinding and stumbling through a fraction of the plugin’s actual functionality. This sent the conversation into a longer Vim origin story: Eric learned Vim because he was flying around the country installing Cyborg firewalls on remote servers and Vi was just there. John picked it up at an enterprise job and never thought about alternatives until he saw a developer using MacVim to write Rails and had his mind blown. The core message: you can use a tool for decades and still be using it wrong, and that’s okay — but watch the tutorial. Eric Doesn’t Know How Old He Is Eric has been confidently telling people for a full year that he’s 55. His wife Bek has known for some time that this is not correct. The moment of reckoning came when Eric asked Alexa: “If I was born in 1969, how old would I be now?” Alexa hedged on the birthday thing but confirmed the range. Bek stepped in. Alexa, a full 30-60 seconds later, stepped back in and confirmed: “Your birthday’s May 8th, you’re turning 57.” Eric is apparently going directly from 55 to 57, having skipped 56 entirely. He also noted at the Padres game with his wife that their Costco membership is older than a 13-year-old kid they saw on the Jumbotron, and that it could legally babysit him. John is turning 50 this year. Everyone is fine. Links from the show: externals.io — PHP Internals Discussion Reader PHP RFC Watch — Track Active PHP RFCs Ben Ramsey: PHP License Simplified Laravel Shift — Automated Laravel Upgrade Tool Laravel Cloud How to Jump Anywhere Instantly in NeoVim (Flash.nvim Tutorial) PHP Tek 2026 — Chicago PHP Architect Store PHP Architect Discord Host: Eric Van Johnson X: @shocm Mastodon: @eric@phparch.social Bluesky: @ericvanjohnson.bsky.social PHPArch.me: @eric John Congdon X: @johncongdon Mastodon: @john@phparch.social Bluesky: @johncongdon.bsky.social PHPArch.me: @john Streams: Youtube Channel Twitch Connect & Hire PHP Architect Website Twitter/X Mastodon Hire PHP Developers Looking to hire PHP developers? Email support@phparch.com – Joe and the team are available for consulting, infrastructure work, Ansible playbooks, and code review. Partner This podcast is made a little better thanks to our partners Displace Infrastructure Management, Simplified Automate Kubernetes deployments across any cloud provider or bare metal with a single command. Deploy, manage, and scale your infrastructure with ease. https://displace.tech/ PHPScore Put Your Technical Debt on Autopay with PHPScore CodeRabbit Cut code review time & bugs in half instantly with CodeRabbit. Music Provided by Epidemic Sound https://www.epidemicsound.com/ Join Us Live Next Week Youtube Channel Got feedback? Join us on Discord at discord.phparch.com The post The PHP Podcast 2026.05.07 appeared first on PHP Architect.

Wusstet ihr, dass neue PHP-Versionen nicht einfach wie ein automatischer Cronjob vom Himmel fallen, sondern von einem Team aus Menschen gebaut, koordiniert und durch Community-Diskussionen gestaltet werden? In diesem Deep Dive holen wir euch genau in diesen Maschinenraum: Wir sprechen über den Release von PHP 8.5 – aber weniger über einzelne Features als darüber, wie sie überhaupt in die Sprache hineinkommen und am Ende sicher bei euch auf dem Server landen.Unser Gast ist niemand Geringeres als Volker Dusch, einer der beiden Release Manager von PHP 8.5. Volker erzählt, wie man überhaupt in diese Rolle rutscht, warum dafür keine „Bewerbung beim PHP Elefanten“ nötig ist, welche Rolle Mailinglisten heute noch spielen und wieso ein Release Manager gleichzeitig Organisator, Gatekeeper, Kommunikator und manchmal auch Feuerwehr ist. Dabei geht es um Alphas, Betas, Release Candidates, Feature Freezes – und darum, wie man zwischen Stabilität, Bugfixes und neuen Ideen balanciert, ohne das halbe Internet kaputt zu machen.Wir schauen außerdem darauf, wie Features ihren Weg in die Sprache finden: von „unspektakulären“ Pull Requests bis hin zu großen RFCs, hitzigen Diskussions-Threads und demokratischen Abstimmungen, bei denen die Core-Contributors entscheiden, was PHP in Zukunft kann – und was bewusst draußen bleibt. Die PHP Foundation spielt dabei eine spannende, aber weniger allmächtige Rolle, als viele vermuten, und sorgt vor allem dafür, dass einige Menschen bezahlt Zeit haben, an der Sprache weiterzuschrauben, ohne dass Abkürzungen beim Qualitätsanspruch gemacht werden.Natürlich reden wir auch über Community: darüber, warum die PHP-Welt deutlich jünger und diverser ist, als ihr Ruf vermuten lässt, was Konferenzen, User Groups und Remote-Tools miteinander zu tun haben und weshalb ausgerechnet eine „alten“ Sprache wie PHP so viele Leute anzieht, die Bock auf Sprachdesign, Performance und Internals haben.Und weil es sonst nicht die programmier.bar wäre, streifen wir am Ende auch noch die Klassiker-Fragen rund um Generics, Async, Hacklang und die große „Kehren Firmen wie Meta irgendwann zurück zu Vanilla-PHP?“–Spekulation.Schreibt uns! Schickt uns eure Themenwünsche und euer Feedback: podcast@programmier.barFolgt uns! Bleibt auf dem Laufenden über zukünftige Folgen und virtuelle Meetups und beteiligt euch an Community-Diskussionen. BlueskyInstagramLinkedInMeetupYouTubeMusik: Hanimo

Episode Highlights[00:00:48] What Makes Software MaintainableDon explains why unnecessary complexity is the biggest barrier to maintainability, drawing on themes from A Philosophy of Software Design.[00:03:14] The Cost of Clever AbstractionsA real story from a Node.js API shows how an unused abstraction layer around MongoDB made everything harder without delivering value.[00:04:00] Shaping Teams and Developer ToolsDon describes the structure of the Search Craft engineering team and how the product grew out of recurring pain points in client projects.[00:06:36] Reducing Complexity Through SDK and Infra DesignWhy Search Craft intentionally limits configuration to keep setup fast and predictable.[00:08:33] Lessons From ConsultingRobby and Don compare consulting and product work, including how each environment shapes developers differently.[00:15:34] Inherited Software and Abandoned DependenciesDon shares the problems that crop up when community packages fall behind—especially in ecosystems like React Native.[00:18:00] Evaluating Third-Party LibrariesSignals Don looks for before adopting a dependency: adoption, update cadence, issue activity, and whether the library is “done.”[00:19:40] Designing Code That Remains UnderstandableWhy clear project structure and idiomatic naming matter more than cleverness.[00:20:29] RFCs as a Cultural AnchorHow Don's team uses RFCs to align on significant changes and avoid decision churn.[00:23:00] Documentation That Adds ContextDocumentation should explain why, not echo code. Don walks through how his team approaches this.[00:24:11] Type Systems and MaintainabilityHow Don's journey from PHP and JavaScript to TypeScript and Rust changed his approach to structure and communication.[00:27:05] Testing With TypesStable type contracts make tests cleaner and less ambiguous.[00:27:45] Building Trust in AI SystemsDon discusses repeatability, hallucinations, and why tools like MCP matter for grounding LLM behavior.[00:29:28] AI in Developer ToolsSearch Craft's MCP server lets developers talk to the platform conversationally instead of hunting through docs.[00:33:21] Improving Legacy Systems SlowlyThe Strangler pattern as a practical way to replace old systems one endpoint at a time.[00:34:11] Deep Work and Reducing Reactive NoiseDon encourages developers to carve out time for uninterrupted thinking rather than bouncing between notifications.[00:36:09] Measuring ProgressBuild times, test speeds, and coverage provide signals teams can use to track actual improvement.[00:38:24] Changing Opinions Over a CareerWhy Don eventually embraced TypeScript after originally writing it off.[00:39:15] Industry Trends and Repeating CyclesSPAs, server rendering, and the familiar pendulum swing in web architecture.[00:41:26] Experimentation and Team AutonomyHow POCs and side projects surface organically within Don's team.[00:44:42] Growing Skills Through Intentional GoalsSetting learning targets in 1:1s to support long-term developer growth.[00:47:19] Where to Find DonLinkedIn, Blue Sky, and his site: donmckinnon.dev.Resources MentionedA Philosophy of Software Design by John OusterhoutJohn Ousterhout's Maintainable.fm Interview (Episode 131)Search CraftElasticAlgoliaWordPress Plugin DirectoryRequest for Comments (RFC)Strangler Fig PatternC2 WikiModel Context Protocol (MCP)Glam AIAubrey/Maturin Series by Patrick O'BrianMaster and Commanderdonmckinnon.devThanks to Our Sponsor!Turn hours of debugging into just minutes! AppSignal is a performance monitoring and error-tracking tool designed for Ruby, Elixir, Python, Node.js, Javascript, and other frameworks.It offers six powerful features with one simple interface, providing developers with real-time insights into the performance and health of web applications.Keep your coding cool and error-free, one line at a time! Use the code maintainable to get a 10% discount for your first year. Check them out! Subscribe to Maintainable on:Apple PodcastsSpotifyOr search "Maintainable" wherever you stream your podcasts.Keep up to date with the Maintainable Podcast by joining the newsletter.

Today the IPv6 Buzz crew provides updates on the latest in IPv6 standards, RFCs, and best practices. They break down the recent discussions around RFC 6052, explore the options for RFC 8215, and share Nick's spin on the now defunct testipv6.com site. Episode Links: RFC 6052 RFC 8215 RFC 6598 IPv6.army

Today the IPv6 Buzz crew provides updates on the latest in IPv6 standards, RFCs, and best practices. They break down the recent discussions around RFC 6052, explore the options for RFC 8215, and share Nick’s spin on the now defunct testipv6.com site. Episode Links: RFC 6052 RFC 8215 RFC 6598 IPv6.army

In this conversation, Jack Cresswell and Bob Musgrave discuss the evolving landscape of agriculture, focusing on the importance of financial strategies, the role of Rural Financial Counselling Services, and effective drought management. They explore how farmers can improve their financial performance, the significance of business planning, and the future of agriculture in the context of succession planning and market dynamics.RFCS Northern RegionFollow to keep the conversation flowingFollow Jack on Instagram https://www.instagram.com/cressy__/ and Twitter https://x.com/jcressw3 YouTube https://www.youtube.com/@farmsadvice Follow Farms Advice - https://instagram.com/farmsadvice Join the Farmers Only Group - https://www.facebook.com/groups/farmsadvice For more like this go to https://farmsadvice.com.au Hosted on Acast. See acast.com/privacy for more information.

Send us a textRecorded live at the Next‑Gen Ag Forum 2025, held at the Quayside Terminal in Townsville. In this practical and motivating session, Alison Larard from Rural Financial Counselling Service (RFCS) shares her top tips and tricks for the next generation of primary producers looking to build a successful and sustainable future.Recording Credit A huge thank-you to Robbie Bolton at Dryland Co. for capturing this session! Check them out on Instagram: @drylandcoSupport the show

Her early inspiration while growing up in Goa with limited exposure to career options. Her Father's intellectual influence despite personal hardships and shift in focus to technology.Personal tragedy sparked a resolve to become financially independent and learn deeply.Inspirational quote that shaped her mindset: “Even if your dreams haven't come true, be grateful that so haven't your nightmares.”Her first role at a startup with Hands-on work with networking protocols (LDAP, VPN, DNS). Learning using only RFCs and O'Reilly books—no StackOverflow! Importance of building deep expertise for long-term success.Experiences with Troubleshooting and System Thinking; Transitioned from reactive fixes to logical, structured problem-solving. Her depth of understanding helped in debugging and system optimization.Career move to Yahoo where she led Service Engineering for mobile and ads across global data centers got early exposure to big data and machine learning through ad recommendation systems and built "performance and scale muscle" through working at massive scale.Challenges of Scale and Performance Then vs. Now: Problems remain the same, but data volumes and complexity have exploded. How modern tools (like AI/ML) can help identify relevance and anomalies in large data sets.Design with Scale in Mind - Importance of flipping the design approach: think scale-first, not POC-first. Encourage starting with a big-picture view, even when building a small prototype. Highlights multiple scaling dimensions—data, compute, network, security.Getting Into ML and Data Science with early spark from MOOCs, TensorFlow experiments, and statistics; Transition into data science role at Infoblox, a cybersecurity firm with focus areas on DNS security, anomaly detection, threat intelligence.Building real-world ML model applications like supervised models for threat detection and storage forecasting; developing graph models to analyze DNS traffic patterns for anomalies and key challenges of managing and processing massive volumes of security data.Data stack and what it takes to build data lakes that support ML with emphasis on understanding the end-to-end AI pipelineShifts from “under the hood” ML to front-and-center GenAI & Barriers: Data readiness, ROI, explainability, regulatory compliance.Explainability in AI and importance of interpreting model decisions, especially in regulated industries.How Explainability Works -Trade-offs between interpretable models (e.g., decision trees) and complex ones (e.g., deep learning); Techniques for local and global model understanding.Aruna's Book on Interpretability and Explainability in AI Using Python (by Aruna C).The world of GenAI & Transformers - Explainability in LLMs and GenAI: From attention weights to neuron activation.Challenges of scale: billions of parameters make models harder to interpret. Exciting research areas: Concept tracing, gradient analysis, neuron behavior.GenAI Agents in Action - Transition from task-specific GenAI to multi-step agents. Agents as orchestrators of business workflows using tools + reasoning.Real-world impact of agents and AI for everyday lifeAruna Chakkirala is a seasoned leader with expertise in AI, Data and Cloud. She is an AI Solutions Architect at Microsoft where she was instrumental in the early adoption of Generative AI. In prior roles as a Data Scientist she has built models in cybersecurity and holds a patent in community detection for DNS querying. Through her two-decade career, she has developed expertise in scale, security, and strategy at various organizations such as Infoblox, Yahoo, Nokia, EFI, and Verisign. Aruna has led highly successful teams and thrives on working with cutting-edge technologies. She is a frequent technical and keynote speaker, panelist, author and an active blogger. She contributes to community open groups and serves as a guest faculty member at premier academic institutes. Her book titled "Interpretability and Explainability in AI using Python" covers the taxonomy and techniques for model explanations in AI including the latest research in LLMs. She believes that the success of real-world AI applications increasingly depends on well- defined architectures across all encompassing domains. Her current interests include Generative AI, applications of LLMs and SLMs, Causality, Mechanistic Interpretability, and Explainability tools.Her recently published book linkInterpretability and Explainability in AI Using Python: Decrypt AI Decision-Making Using Interpretability and Explainability with Python to Build Reliable Machine Learning Systems  https://amzn.in/d/00dSOwAOutside of work, she is an avid reader and enjoys creative writing. A passionate advocate for diversity and inclusion, she is actively involved in GHCI, LeanIn communities.

On today’s show, we’re going to dig deeper into tunnels and explore some of the quirks and features of tunnels. This week we’ll discuss maximum transmission units (MTUs), maximum segment size, IP fragmentation and more.  Today’s bonus material is more RFCs – RFC 4821 and RFC 8899. Episode Links: What Is a Tunnel? – N... Read more »

On today’s show, we’re going to dig deeper into tunnels and explore some of the quirks and features of tunnels. This week we’ll discuss maximum transmission units (MTUs), maximum segment size, IP fragmentation and more.  Today’s bonus material is more RFCs – RFC 4821 and RFC 8899. Episode Links: What Is a Tunnel? – N... Read more »

Mercedes Bernard, Staff Software Engineer at Kit, joins Robby to talk about what it really means to write code that lasts—and who it should be written for.In this episode of Maintainable, Mercedes shares a thoughtful and practical perspective on working with legacy codebases, managing technical debt, and creating a team culture that values maintainability without fear or shame. Her guiding principle? Well-maintained software is friendly software—code that is understandable and approachable, especially for early-career developers.Together, they discuss how to audit and stabilize older systems, avoid full rewrites, and create consistent developer experiences in large applications. Mercedes reflects on her decade in consulting and how that shaped her approach to navigating incomplete documentation, missing historical context, and multiple competing patterns in a codebase. She breaks down different types of technical debt, explains why not all of it is inherently bad, and offers strategies for advocating for maintenance work across engineering and product teams.The conversation also touches on architecture patterns like job fan-out, measuring performance regressions, reducing infrastructure load, and building momentum for improvements even when leadership isn't actively prioritizing them.If you've ever felt overwhelmed by a messy project or struggled to justify maintenance work, this episode will leave you with a fresh mindset—and a few practical tactics—for making code more sustainable and inclusive.Episode Highlights[00:01:08] Defining Well-Maintained SoftwareMercedes explains her top metric: software that feels friendly, especially to early-career developers navigating the codebase for the first time.[00:03:00] What Friendly Code Actually Looks LikeShe shares why consistency, discoverability, and light documentation (like class comments or UML snippets) can make a huge difference.[00:05:00] Assessing Code Like a House TourMercedes introduces her metaphor of giving a house tour to evaluate code: does everything feel like it's in the right place—or is the stove in the cabinet?[00:06:53] Consulting Mindset: Being a Guest in the CodebaseWith a decade of consulting experience, Mercedes shares how she navigates legacy systems when historical context is long gone.[00:10:40] Stabilizing a Startup's Tangled ArchitectureShe walks through an in-depth case study where she helped a client with multiple abandoned services get back to stability—without a rewrite.[00:17:00] The Power of a One-Line FixMercedes shares how a missing check caused a job to fan out 30 million no-op background jobs a day—and how one line of code reduced that by 75%.[00:23:40] Why State Checks Belong EverywhereShe explains how defense-in-depth patterns help avoid job queue flooding and protect system resources early in the fan-out process.[00:24:59] Reframing Technical DebtNot all debt is bad. Mercedes outlines three types—intentional, evolutionary, and time-based—and how to approach each one differently.[00:28:00] Why Teams Fall Behind Without Realizing ItMercedes and Robby talk about communication gaps between engineers and product stakeholders—and why it's not always clear when tech debt starts piling up.[00:34:00] Quantifying Developer FrictionMercedes recommends expressing technical debt in terms of lost time, slow features, and increased cost rather than vague frustrations.[00:42:00] Getting Momentum Without PermissionHer advice to individual contributors: start small. Break down your frustrations into bite-sized RFCs or tickets and show the impact.[00:45:40] Letting the Team Drive StandardsMercedes encourages team-led conventions over top-down declarations, and explains why having any decision is better than indecision.[00:47:54] Recommended ReadingShe shares a surprising favorite: The Secret Life of Groceries, a systems-thinking deep dive into the grocery industry by Benjamin Lorr.Resources & Links

Drop 1: BRL1https://br.cointelegraph.com/news/stablecoin-from-mercado-bitcoin-bitso-foxbit-and-cainvest-debuts-on-the-markethttps://brl1.io/Drop 2: Circle CCTPv2 https://www.circle.com/blog/cctp-v2-the-future-of-cross-chainDrop 3: Telegram Wallet https://techcrunch.com/2025/03/13/telegram-introduces-trading-and-yield-features-for-its-self-custodial-crypto-wallet/More: Circle's response to Brazilian Central Bank's RFCs 109 and 111 to regulate VASPs activityhttps://www.circle.com/blog/circles-response-to-brazilian-central-banks-rfcs-109-and-111-aimed-at-regulating-country-wide-virtual-assets-service-providers-vasps-activityCantor Fitzgerald partners with digital asset custodians Anchorage Digital and Copper to support Bitcoin financing businesshttps://www.cantor.com/cantor-fitzgerald-partners-with-digital-asset-custodians-anchorage-digital-and-copper-co-to-support-bitcoin-financing-business/Correios querem usar blockchain e inteligência artificial para agilizar suas entregashttps://www.moneytimes.com.br/correios-quer-usar-blockchain-e-inteligencia-artificial-para-agilizar-suas-entregas-rens/New Bretton Woods report: Unlocking Stablecoins: Exploring Opportunities and Riskshttps://www.brettonwoods.org/sites/default/files/documents/UnlockingStablecoinsExploringOpportunitiesandRisks.pdfMoonPay announces strategic acquisition of Iron, an API-first stablecoin infrastructure platformhttps://www.linkedin.com/pulse/breaking-news-moonpay-acquires-iron-moonpay-mcbze/Merkle Science releases new UK regulatory guidehttps://info.merklescience.com/uk-regulatory-guide-2025. Redes sociais / comms.. Instagram.com/blockdropspodcast.. Twitter.com/blockdropspod.. Blockdrops.lens .. https://warpcast.com/mauriciomagaldi.. youtube.com/@BlockDropsPodcast.. Meu conteúdo em inglês twitter.com/0xmauricio.. Newsletter do linkedin https://www.linkedin.com/build-relation/newsletter-follow?entityUrn=7056680685142454272.. blockdropspodcast@gmail.com

Drop 1: BRL1⁠https://br.cointelegraph.com/news/stablecoin-from-mercado-bitcoin-bitso-foxbit-and-cainvest-debuts-on-the-market⁠⁠https://brl1.io/⁠Drop 2: Circle CCTPv2 ⁠https://www.circle.com/blog/cctp-v2-the-future-of-cross-chain⁠Drop 3: Telegram Wallet ⁠https://techcrunch.com/2025/03/13/telegram-introduces-trading-and-yield-features-for-its-self-custodial-crypto-wallet/⁠More: Circle's response to Brazilian Central Bank's RFCs 109 and 111 to regulate VASPs activity⁠https://www.circle.com/blog/circles-response-to-brazilian-central-banks-rfcs-109-and-111-aimed-at-regulating-country-wide-virtual-assets-service-providers-vasps-activity⁠Cantor Fitzgerald partners with digital asset custodians Anchorage Digital and Copper to support Bitcoin financing business⁠https://www.cantor.com/cantor-fitzgerald-partners-with-digital-asset-custodians-anchorage-digital-and-copper-co-to-support-bitcoin-financing-business/⁠Correios querem usar blockchain e inteligência artificial para agilizar suas entregas⁠https://www.moneytimes.com.br/correios-quer-usar-blockchain-e-inteligencia-artificial-para-agilizar-suas-entregas-rens/⁠New Bretton Woods report: Unlocking Stablecoins: Exploring Opportunities and Risks⁠https://www.brettonwoods.org/sites/default/files/documents/UnlockingStablecoinsExploringOpportunitiesandRisks.pdf⁠MoonPay announces strategic acquisition of Iron, an API-first stablecoin infrastructure platform⁠https://www.linkedin.com/pulse/breaking-news-moonpay-acquires-iron-moonpay-mcbze/⁠Merkle Science releases new UK regulatory guide⁠https://info.merklescience.com/uk-regulatory-guide-2025⁠. Redes sociais / comms.. ⁠Instagram.com/blockdropspodcast⁠.. ⁠Twitter.com/blockdropspod⁠.. Blockdrops.lens .. ⁠https://warpcast.com/mauriciomagaldi⁠.. ⁠youtube.com/@BlockDropsPodcast⁠.. Meu conteúdo em inglês ⁠twitter.com/0xmauricio⁠.. Newsletter do linkedin ⁠https://www.linkedin.com/build-relation/newsletter-follow?entityUrn=7056680685142454272⁠.. ⁠blockdropspodcast@gmail.com

In this episode of the IPv6 Buzz, we dive into two RFCs for discovering IPv6 prefixes: 7050 and 8781. Why these two? First, 8781 is being proposed as preferential to 7050. Second, co-host Nick Buraglio is an author on 8781 and has insights to share. We start with some background on RFC 7050, including the... Read more »

In this episode of the IPv6 Buzz, we dive into two RFCs for discovering IPv6 prefixes: 7050 and 8781. Why these two? First, 8781 is being proposed as preferential to 7050. Second, co-host Nick Buraglio is an author on 8781 and has insights to share. We start with some background on RFC 7050, including the... Read more »

Send us a textEnglish Edition: In this last episode of 2024 I want to remember David Mills and his work on the Network Time Protocol (NTP). The tool that keeps our machines in sync. David Mills worked closely with Harlan Stenn from the Network Time Foundation on NTP and I was very fortunate to grab some of Harlan's time to talk to him about NTP and David Mills' contribution. Some links (by far not an exhaustive list):https://www.eecis.udel.edu/~mills/ David Mills homepage at the Uni. of Delaware (which still exists). There are a lot of links to his work on NTPhttps://eecs.engin.umich.edu/stories/remembering-alum-david-mills-who-brought-the-internet-into-perfect-timehttps://www.ntp.org/ The Network Time Protocol homepage with tons of details and specifications on how it all workshttps://www.nwtime.org The Network Time Foundationhttps://www.eecis.udel.edu/~mills/database/brief/arch/arch.pdf a presentation on how NTP workshttps://www.nwtime.org/bio/harlan-stenn/ Harlan Stenn's Biohttps://datatracker.ietf.org/doc/html/rfc778 I think this is the first RFC of the early version of NTP https://www.ntp.org/reflib/rfc/ This contains a list of all RFCs related to NTPThe sounds you're hearing are from Phill Niblock, musician, composer, artist and his recording you can get on the internet archive https://archive.org/details/phill-niblock-music-by-phill-niblock Support the showThank you for listening! Merci de votre écoute! Vielen Dank für´s Zuhören! Contact Details/ Coordonnées / Kontakt: Email mailto:peter@code4thought.org UK RSE Slack (ukrse.slack.com): @code4thought or @piddie US RSE Slack (usrse.slack.com): @Peter Schmidt Mastodon: https://fosstodon.org/@code4thought or @code4thought@fosstodon.org Bluesky: https://bsky.app/profile/code4thought.bsky.social LinkedIn: https://www.linkedin.com/in/pweschmidt/ (personal Profile)LinkedIn: https://www.linkedin.com/company/codeforthought/ (Code for Thought Profile) This podcast is licensed under the Creative Commons Licence: https://creativecommons.org/licenses/by-sa/4.0/

The White House recently announced plans to boost Internet routing security in the US through better RPKI coverage. So how does RPKI help secure BGP? How easy is it to boost coverage on a national level? And what's the future potential of the infrastructure? Our guest Tim Bruijnzeels shares his views.Tim is Principal Software Engineer for RPKI at the RIPE NCC and has worked in standards development and software implementation around RPKI for well over a decade. He talked to us about where RPKI is at today, how governments can and have aided its adoption, and how work being done on ASPA and BGPsec promise a more secure future for the Internet.Show notes:02:40 - The Dublin IETF meeting back in 2008.03:17 - Tim has contributed to a number of RFCs over the years.03:40 - NLnet Labs develops free, liberally licensed, open-source software for DNS and BGP routing.03:50 - Krill is a free, open source RPKI Certificate Authority developed by NLnet Labs that lets you run delegated RPKI under one or multiple RIRs.07:24 - You can read more on how the Internet routes around damage on RIPE Labs.10:47 - Get more information on how to manage ROAs through the RPKI Dashboard.11:36 - Check out the RIPE NCC's Routing Information Service (RIS).12:17 - Alex Band's article on the launch of the RIPE NCC Resource Certification Service back in 2011.13:51 - There are a number of RPKI validators to choose from, including Routinator from NLnet Labs.17:32 - Here's a nice explainer article on ASPA.22:07 - Plans to support ASPA and BGPsec router certificates in RIPE NCC Quarterly Planning.24:42 - Press Release: White House Office of the National Cyber Director Releases Roadmap to Enhance Internet Routing Security.26:47 - More on Dutch government measures for ensuring RPKI coverage. Hosted on Acast. See acast.com/privacy for more information.

IPv6 Buzz welcomes back Nick Buraglio, a frequent guest, to discuss RFC 9637. We get into the details of RFC 9637, which describes the new documentation prefix space for IPv6. We also explore the process of how RFCs go from idea to standard in the IETF. (Cue the “I’m Just a Bill” song from Schoolhouse... Read more »

IPv6 Buzz welcomes back Nick Buraglio, a frequent guest, to discuss RFC 9637. We get into the details of RFC 9637, which describes the new documentation prefix space for IPv6. We also explore the process of how RFCs go from idea to standard in the IETF. (Cue the “I’m Just a Bill” song from Schoolhouse... Read more »

Design Documents und Request for Comments (RFCs): Die Engineering Art der PlanungsphaseWir alle haben schon mal von einer Planungsphase gehört, um ein neues Projekt zu starten, und denken dabei an aufgeblasene Prozesse und lange Wasserfall-Diagramme. Und das Engineering-Team fragt sich oft: Wann kommen wir endlich mal zu den Details?Da kommen die Begriffe Design Documents und Request for Comments (RFCs) ins Spiel.Das doofe nur … Jemand muss diese Dokumente auch schreiben.Und da sind wir bei gleich zwei von Andy's Lieblingsthemen: Schreiben und Design Docs.Wir klären, wozu Design Documents eigentlich gut sind, worauf es ankommt, wo der Unterschied zu RFCs ist, ob das ganze nicht ein riesiger Wasserkopf ist, um einfach Dinge auf die Straße zu bringen und welche Kultur das ganze benötigt.Viel Spaß.Bonus: Wer schreibt, der bleibt.Das schnelle Feedback zur Episode:

Send me a Text Message hereFULL SHOW NOTES https://podcast.nz365guy.com/555 Unlock the potential of a powerful tech alliance as we sit down with James Wood, the SAP virtuoso and CEO of Bowdark Consulting, who takes us through his personal voyage from the world of SAP to the innovative horizon of Microsoft Power Platform. Prepare to be enlightened by James's seasoned perspective on the strategic embrace of cloud-based systems, the significance of OData as a lingua franca for data exchange, and the transformative concept of a "clean core" in enhancing business agility. This episode isn't merely a discussion; it's a map to guide decision-makers and IT professionals through the intricacies of marrying the robustness of SAP with the flexibility of Power Platform.Navigating the complexities of integration is no mean feat, but with James's guidance, we confront the often intimidating landscape of SAP licensing audits and dispel common myths. This candid conversation peels back the layers of integration challenges, highlighting the criticality of SAP and Microsoft administrators working in concert to achieve seamless synergy. We'll also scrutinize the effects of multiplexing rules within an API-centric world and consider the evolving nature of SAP connectors. Insightful for SAP architects and IT experts alike, this chapter is your compass to balancing protocols and capitalizing on the fruits of integration.Our final exploration with James offers a deep dive into the pragmatic solutions for integrating SAP with Power Platform—where RFCs, BAPIs, and security protocols all come into play. The comparison between Microsoft's On-Premises Data Gateway and SAP's Cloud Connector serves as a beacon for IT veterans to navigate this new terrain. We also spotlight the bespoke connection framework tailored to fuse the best of Power Platform with SAP. For business leaders and IT teams facing the S4 HANA migration or seeking to mitigate IT backlogs through low-code platforms, this segment is a wellspring of invaluable insights and strategies.AgileXRM AgileXRm - The integrated BPM for Microsoft Power PlatformSupport the Show.If you want to get in touch with me, you can message me here on Linkedin.Thanks for listening

iykykTranscript: https://securitycryptographywhatever.com/2024/05/25/ekr/Links:- https://hovav.net/ucsd/dist/draft-shacham-tls-fasttrack-00.txt- https://crypto.stanford.edu/~dabo/pubs/papers/fasttrack.pdf- https://datatracker.ietf.org/doc/html/rfc8446- SoK: SCT Auditing in Certificate Transparency: https://arxiv.org/pdf/2203.01661- A hard look at Certificate Transparency, Part I: Transparency Systems: https://educatedguesswork.org/posts/transparency-part-1/- A hard look at Certificate Transparency: CT in Reality: https://educatedguesswork.org/posts/transparency-part-2/- E2EE on the web: is the web really that bad? https://emilymstark.com/2024/02/09/e2ee-on-the-web-is-the-web-really-that-bad.html- Launching Default End-to-End Encryption on Messenger: https://about.fb.com/news/2023/12/default-end-to-end-encryption-on-messenger/- ekr's newsletter: https://educatedguesswork.org- Over 25 years of ekr RFCs: https://www.rfc-editor.org/search/rfc_search_detail.php?sortkey=Date&sorting=DESC&page=All&author=rescorla&pubstatus[]=Any&pub_date_type=anySubscribe to his newsletter at https://educatedguesswork.org/"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)

Join Phil Zito in Episode 454 of the Smart Buildings Academy Podcast as we delve into the intricacies of Building Automation System (BAS) Project Management. Unlike traditional construction project management, BAS project management brings its own set of challenges and skills. This episode not only highlights the differences but also categorizes BAS project management into four distinct buckets: new construction under a subcontractor, new construction owner-direct, and retrofit owner-direct, each with its unique demands. Episode Highlights: Phil outlines the essential qualities of a BAS project manager and emphasizes the importance of treating each project as its own profit and loss center to ensure financial success. Discover the pivotal stages of the BAS project management process, including the sales to operations handoff, project kickoff meetings, subcontractor agreements, labor assignments, and the critical role of submittal creation and submission. Gain insights into the importance of a well-orchestrated project kickoff process for setting the stage for project success, including ensuring clear communication between sales and operations to avoid costly misunderstandings. Learn about the vital process of scope management, including the use of scope matrices, RFIs, and RFCs to ensure all project aspects are clearly defined and agreed upon. Phil discusses the nuances of labor, material, and subcontractor management within the BAS industry, offering strategies for effectively managing these key resources to maintain project timelines and budgets. Financial management is explored in depth, with Phil advocating for proactive billing and cash management practices to keep projects financially viable. The episode concludes with a discussion on the importance of meticulous project closeout procedures, including point-to-point checkouts, functional testing, and thorough training for the building operators to ensure a smooth handover and long-term project success. Whether you're a seasoned BAS project manager or looking to break into the field, this episode offers valuable insights and practical advice for managing BAS projects efficiently and profitably.

The Internet is hardly foolproof in its design, and whether by accident or on purpose, the people who use and operate it sometimes don't do things they should or do do things they shouldn't. Qasim Lone talks about strange goings on he's investigated and how RIPE Atlas can help researchers in the field.01:00 - RIPE Atlas01:53 - SLAC02:59 - Read Qasim on Why SAV is Still a Problem04:37 - Other research from Qasim and colleagues on SAV06:02 - RFCs 2827 and 3704 describe SAV implementation06:35 - IPv4 lease time article07:48 - The DNS Root Manipulation article09:10 - Manu Bretelle's email to DNS-operations mailing list18:17 - Qasim on 240/423:15 - RFC 3330 describes specialised IPv4 address blocks assigned by IANA29:00 - Listen to our episode on bias in Internet measurements36:30 - SEE 12 takes place in Athens this April37:45 - ...and CAPIF 3 is coming up this September! Hosted on Acast. See acast.com/privacy for more information.

In this episode of PING, Leslie Daigle from the Global Cyber Alliance (GCA) discusses their honeynet project, measuring bad traffic internet-wide. This was originally focussed on IoT devices with the AIDE project but is clearly more generally informative. Leslie also discusses the quad-nine DNS service, GCA's domain trust work and the MANRS project. Launched in 2014 with support from ISOC, MANRS now has a continuing relationship with GCA and may represent a model for the routing community regarding the ‘bad traffic' problem which the AIDE project explores. Leslie has a long history of work in the public interest, as Chief Internet Technology Officer of the Internet Society, and with the IETF. She is currently the chair of the MOPS working group, has co-authored 22 RFCs and was chair of the IAB for five years.

What's with the current discourse around React and RFCs? Adam's worried about his consumerism, and the possible significance of rituals in everyday life. Dax has started reading actual books again, and wonders about the productivity boost of maintaining a clean working environment.Want to carry on the conversation? Join us in Discord.00:43 Two Twitch Things04:34 The Lamborghini SUV is a scam06:38 Does Adam have a problem with consumerism?14:12 Do you have any spiritual or meditation in life?20:23 Reacting about React31:22 Musk's macadamia nut beef32:55 Brian Johnson study34:32 Will Adam ever eat a steak again?41:18 Manifesting a productivity boost42:42 Dax is reading actual books again

In this episode, Dave and Jamison answer these questions: The Sleepy Engineer says, Hey SSE, how do you deal with drowsiness? I notice that sometimes when I am very tired at my desk and end up eyes closed head drooped down as I work which I imagine is a bad look for anyone passing by. During this time, I would either get coffee or stand up and walk somewhere which is a temporary fix but ultimately I am still very tired. I know in very few really big company HQs there might be a sleeping quarters if you plan to stay the night but my company is certainly ain't one of them. Any advice on how to get through the day? Thanks for the great show. After seeing a hyper growth in 2021-2022, our company has become a bureaucratic hell hole. RFCs, PRDs, ADRs, reports. My manager (director of engineering) would request these documents but never read them. When someone doesn't like the solution proposed, they have the option to say no and the project is blocked. But nobody (including the manager of the team) have the autonomy to say yes and move forward. How do you deal with this? Or is it time to give up and listened to the patented advice to quit my job? Show Notes https://www.youtube.com/watch?v=f84n5oFoZBc - hammock-driven-development

HTTP RFCs have evolved: A Cloudflare view of HTTP usage trends, Career Advice and Professional Development, Active Exploitation of Confluence CVE-2022-26134 Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/vault-asw-7

HTTP RFCs have evolved: A Cloudflare view of HTTP usage trends, Career Advice and Professional Development, Active Exploitation of Confluence CVE-2022-26134 Show Notes: https://securityweekly.com/vault-asw-7

HTTP RFCs have evolved: A Cloudflare view of HTTP usage trends, Career Advice and Professional Development, Active Exploitation of Confluence CVE-2022-26134 Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/vault-asw-7

HTTP RFCs have evolved: A Cloudflare view of HTTP usage trends, Career Advice and Professional Development, Active Exploitation of Confluence CVE-2022-26134 Show Notes: https://securityweekly.com/vault-asw-7

We have a lot of questions about standards. How do standards emerge? How do standards encourage adoption? How do they stay relevant as development patterns change and security threats evolve? We have standards for web appsec (HTML, HTTP), all sorts of protocols, and all sorts of authentication (OAuth, OpenID). Learning how these standards come about can also inform how your own org documents designs and decisions. Segment resources https://datatracker.ietf.org/doc/html/rfc3552 https://identiverse.com/video/the-butterfly-effect-of-standards-development/ https://sphericalcowconsulting.com https://datatracker.ietf.org/doc/html/rfc6919 In the news, benchmarking prompt injection scanners, using generative AI to jailbreak generative AI, Meta's benchmark for LLM risks, tapping a protocol to hack Magic the Gathering, and more!   Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw-266

We have a lot of questions about standards. How do standards emerge? How do standards encourage adoption? How do they stay relevant as development patterns change and security threats evolve? We have standards for web appsec (HTML, HTTP), all sorts of protocols, and all sorts of authentication (OAuth, OpenID). Learning how these standards come about can also inform how your own org documents designs and decisions. Segment resources https://datatracker.ietf.org/doc/html/rfc3552 https://identiverse.com/video/the-butterfly-effect-of-standards-development/ https://sphericalcowconsulting.com https://datatracker.ietf.org/doc/html/rfc6919 Show Notes: https://securityweekly.com/asw-266

We have a lot of questions about standards. How do standards emerge? How do standards encourage adoption? How do they stay relevant as development patterns change and security threats evolve? We have standards for web appsec (HTML, HTTP), all sorts of protocols, and all sorts of authentication (OAuth, OpenID). Learning how these standards come about can also inform how your own org documents designs and decisions. Segment resources https://datatracker.ietf.org/doc/html/rfc3552 https://identiverse.com/video/the-butterfly-effect-of-standards-development/ https://sphericalcowconsulting.com https://datatracker.ietf.org/doc/html/rfc6919 In the news, benchmarking prompt injection scanners, using generative AI to jailbreak generative AI, Meta's benchmark for LLM risks, tapping a protocol to hack Magic the Gathering, and more!   Visit https://securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/asw-266

We have a lot of questions about standards. How do standards emerge? How do standards encourage adoption? How do they stay relevant as development patterns change and security threats evolve? We have standards for web appsec (HTML, HTTP), all sorts of protocols, and all sorts of authentication (OAuth, OpenID). Learning how these standards come about can also inform how your own org documents designs and decisions. Segment resources https://datatracker.ietf.org/doc/html/rfc3552 https://identiverse.com/video/the-butterfly-effect-of-standards-development/ https://sphericalcowconsulting.com https://datatracker.ietf.org/doc/html/rfc6919 Show Notes: https://securityweekly.com/asw-266

In this episode of Syntax, Wes and Scott talk through new and proposed JavaScript APIs including ones related to regex, sourcemaps, structured clone, temporal, JSON modules, and more! Show Notes 00:10 Welcome 01:26 Syntax Brought to you by Sentry 02:55 RegExp Escaping Proposal tc39/proposal-regex-escaping: Proposal for investigating RegExp escaping for the ECMAScript standard 05:25 Intl.DurationFormat tc39/proposal-intl-duration-format 07:55 Standardized Sourcemaps tc39/source-map-rfc: RFCs for the source map debug format. 10:43 Structured Clone structuredClone() global function - Web APIs | MDN 12:54 Temporal Hasty Treat - Temporal Date Objects in JavaScript Tracking issue for syncing with IETF standardization work (req'd before implementers can ship unflagged) · Issue #1450 · tc39/proposal-temporal 20:59 FindLast and findLastIndex tc39/proposal-array-find-from-last: Proposal for Array.prototype.findLast and Array.prototype.findLastIndex. 22:27 JSON modules tc39/proposal-json-modules: Proposal to import JSON files as modules 24:46 Regex Modifiers RegExp Modifiers - June 2022.pptx - Microsoft PowerPoint Online 26:50 Array Grouping tc39/proposal-array-grouping: A proposal to make grouping of array items easier 30:48 Array Methods tc39/proposal-change-array-by-copy: Provides additional methods on Array.prototype and TypedArray.prototype to enable changes on the array by returning a new copy of it with the change. 6 or so New Approved and Proposed JavaScript APIs 32:12 Promise.withResolvers 35:08 Function.prototype.memo tc39/proposal-function-memo: A TC39 proposal for function memoization in the JavaScript language. 37:48 Node has a Proposed ESM Detection flag 39:54 Node has navigator.userAgent 41:29 Built in .env support 42:52 Permissions model & test runner continues to be worked on 44:06 HTML Web charts Proposal: Web Charts · Issue #9295 · whatwg/html 45:39 autopause Add autopause attribute to media elements to allow automatic pausing of media · Issue #9793 · whatwg/html 46:30 Meta Tag for AI generated content Proposal: Meta Tag for AI Generated Content · Issue #9479 · whatwg/html Schema.org - Schema.org Syntax × Sentry Swag Store – Syntax × Sentry Shop Syntax - A Tasty Treats Podcast for Web Developers. 50:13 Poster frame HTML Video Element: Proposal for adding [srcset] + [posterset] + [sizes] on video element as well [posterset] on source elements · Issue #9812 · whatwg/html 50:57 Popover invoker Popover does not know what triggered it · Issue #9111 · whatwg/html 51:25 Autocomplete on ‘contenteditable' Elements Autocomplete on ‘contenteditable' Elements · Issue #9065 · whatwg/html 52:17 Sick Picks Sick Picks Scott: Escaping Twin Flames cult documentary Wes: Lao Gan Ma spicy Chili Oil Shameless Plugs Scott: Sentry Wes: Wes Bos Courses Hit us up on Socials! Syntax: X Instagram Tiktok LinkedIn Threads Wes: X Instagram Tiktok LinkedIn Threads Scott: X Instagram Tiktok LinkedIn Threads

Back in 2018, CDT's own, Mallory Knodel, teamed up with Niels ten Oever from the critical infrastructure lab at the University of Amsterdam to present a draft document at the internet standards governing body called the Internet Engineering Task Force, or IETF. This draft outlined a proposal that urged the community to officially reject the use of discriminatory and exclusive language in Internet Drafts and RFCs. As we persistently uncover and confront systemic racial inequality across society, it becomes equally vital to guarantee that the fundamental design comprising one of our most critical and democratic technologies– the internet– is devoid of any historically racist or prejudiced terms.

Internetprotokolle werden über sogenannte RFCs geschaffen. Wenn die am 1. April herauskommen sind sie nicht ganz ernstgemeint, manchmal aber trotzdem visionär.

Nonprofit RFPs vs RFCs   [00:00:00] . Following on with our favorite guest of the moment right now, Heather Yandow, of course, founder of nonprofit.ist, nonprofit ist, and consultant at third Space. We are talking about whether or not, because this has been coming up a lot, will G p t destroy RFPs? And I know you are the, like captain of the team, of folks that think RFCs request for conversations are superior and many ways to RFPs request for proposals. [00:00:54] So we're gonna throw a lot of acronyms out here. Where and how do you think our conversation since the last time we had it with regard to R F P? Versus R F C is in the landscape now of G P T. So I think it's just gotten more complicated, more muddy, and I lean even more towards requests for conversations now. [00:01:17] You know, one of the things that I have already started seeing is chat, G P t AI generated cover letters. So I just hired for a position. Hmm. And one of the cover letters was clearly generated by ai. It used exactly the same language, and it didn't mention that the person who was applying had a personal connection to me. [00:01:39] So to those, those were red flags. Didn't even have to use any tool, just read it and thought, this is not right. So we're already starting to see it. I suspect that if I was a nonprofit putting out a, a request for proposals, I would've already gotten some that were AI generated. So it's becoming, RFPs in my opinion, are becoming increasingly useless, increasingly challenging when the goal is to actually find the right consultant to help you with your challenge. [00:02:10] For sure. I think, you know, we're using G P T synonymously with any generative AI tool that will create an output based on an input. I think there are ways of designing this, but I think there are tiers, right? Mm-hmm. I think, frankly, legally speaking, if you have government funded projects you have to solicit for, and with RFPs, request for proposals is just part of the game. [00:02:35] You need three competitive bids. And that's just how the government cookie crumbles. Yep. There's a lot of white space below that though, however, where, you know, I see small projects, we'll call them projects under 60 K or even under 30 K, where if you put out an R F P, like is disturbingly easy to generate a proposal? [00:02:56] Like I have a proposal generator for for whole whale. I don't use it because it's just not how we go about it. But let's say I was a do anything now shop. Literally, I could just go through, copy a proposal, put it in, see if I get it, and then go forward. And I think there's real risk of having massive you know, signal to noise issues in that process. [00:03:20] Does, how does that land for you? Yeah, I absolutely think so. I mean, you know, putting together proposals. Is super time consuming especially for small shops. You know, there are two and a half of us, so to muster the resources it takes to put together a really good proposal is a heavy lift, and I can absolutely see why using chat G P T or something else, like it would be really attractive, right? [00:03:48] It's certainly going to reduce the amount of time I'm gonna have to spend writing. It can be a, a good jumping off point. I think that what we're likely to see is that those. Organizations who can take advantage of it. So particularly those organizations, those nonprofit consulting firms who have people who write proposals are gonna probably take advantage of it. [00:04:11] And George, they might be, you know, doing it with all of the respect and within the bounds of good AI usage, which I know you think and talk a lot. But I do think it's gonna create more proposals and not necessarily more useful proposals for nonprofits to review. [00:04:28] Yeah, I think all roads lead to conversations, though. They do. I think at some point, you know, you'll vet, you'll go through, there's just a lot more processing that ends up happening on the nonprofit side, albeit ironically, you could also use AI for synthesizing that. And we end up back full circle to just have the conversation front. [00:04:47] Have, have the, you're gonna have to have it anyway. So being like our, you know, like our request for information or intent could lead to a conversation round and. That would maybe filter out a lot of this because the number of proposals you are going to get is simply gonna increase over this threshold because it's so easy. [00:05:06] Literally. Yeah. If you are saying like, oh, he's talking about some advanced technical thing. Here's what I want you to do. If you're a consultant right now or if you're a nonprofit, I just want you to understand how simple this is. You just go on ideally to check GT four or Anthropic. If you have an account there, what you're gonna do is prime the conversation with who you are, what you do, and the role of that ai. [00:05:27] The next thing you're gonna do is here is a sample of the structure of my proposals. Here's a couple case studies now. That you're clear, please write a and respond to the following context of this new proposal. And you're gonna toss that in and you're gonna end up with something that's disturbingly good as a first draft. [00:05:47] And frankly, if you're lazy, just send it as mm-hmm. Whatever your first, your, your final draft. Uh, I do, as you mentioned, talk a lot about keeping human in the loop as soon as you send it out to the world, if it's. If it is all within your control, please, please make it a first not final draft policy of using AI and keep humans in the loop for now when exposing LLMs publicly to individuals especially if you are in I'd say crisis or trauma adjacent conversation. [00:06:19] For, for folks, what is L L M? Large language model. I feel like this is just alphabet soup. Uhhuh, you're a generative AI thingy. It like there's nuance, there's fine. It's what we're talking about. So going back to that, what you're gonna do is create that. Now, if you're on the nonprofit side, here's how you go about it. [00:06:37] You say you are a selection criteria. AI that evaluates proposals for our organization. Here is the proposal we created. Now, evaluate this and break out based on price, competency likelihood to deliver on time elements, and shove it into the spreadsheet for me. And ta-da. You're just gonna go back to having. [00:07:00] A conversation. A conversation. Absolutely. Absolutely. 'cause it's, it's not buying the best digital camera, right? It's not a spreadsheet able thing. Finding a consultant, most of the time you actually wanna know if you're gonna be able to work with this person. You wanna have an understanding of who they are, of what their personality is, of what their style is, and. [00:07:19] Certainly we talk about that in proposals but it comes back to having a conversation and really seeing where that conversation goes. And that's something AI at least currently can't actually do for you. No. And the truth is, you're gonna be working with a person, not an ai. That's right. Uh, one of the things I do and have always loved about non-profit is, is that you can just go shopping for folks and just say, Hey, I wanna have a quick conversation. [00:07:44] One click sends them a message so that you're like, all right, look. I have this fundraising campaign. I could put it on our feet. Lemme just talk to a few folks and see That's right. What they think about the project. What am I missing in here and how do I go about that? Yeah. Yeah, absolutely. And that's, that's, we designed it that way on purpose, right? [00:08:02] It's people's pictures there, not their logos. We know that you're connecting with a person and we wanna make that as frictionless as possible. Call 'em, email 'em, send 'em a message through the site, any way you wanna get in touch with them. And then yeah, have that conversation. What does this look like? [00:08:20] What do you think? What are the questions you have for me? What would the timeline be for this? Yeah. And I, I do think there's some risk as well, which is why I want more foundations to do this. I'm to, to pay attention and to communicate to grantees about the, the risks here, because when you go out there with. [00:08:40] An R F P, you can get a lot of inbound and potentially unethical inbound where folks can just sort of fake it till they make it, but they're using language borrowed mm-hmm. Stolen from other groups or agencies, and they can mimic that style and confidence. And suddenly, you know, you're, you're selecting a an inferior option or someone who has no clue what they're doing, but the jargon lines up just fine. [00:09:04] So you're like, oh yeah. And. Oh, they're half the price isn't that nice? Like Uhhuh. Uhhuh as many times as you need to. You get what you pay for. Yeah. You'll learn that it's an immutable truth. It is. And you know, obviously having conversations is gonna help break through that. And then always checking references. [00:09:22] Who else have you done similar work with? Can I talk to them? Let's have a conversation with those folks about what the experience was like working with these people. Yeah. I don't know if there's any other points in here. I have already just broken the entire system by literally explaining how to build a R F P generator and then R F P proposal evaluator, so that you just have this little disturbing, dystopian mm-hmm. [00:09:47] Cyclical behavior. But you know, to come back on, you know, where this sort of started requests for proposals, RFPs are so anachronistic like they date back because in the industry of the 1880s, they needed to put this stuff in papers. So they needed to put it in a paper to be like, here you go. All come, come find my, you know, my road construction project or train my railroad construction project, Uhhuh. [00:10:13] And it wasn't until the 1960s, thereabouts, where the government really adopted this as a standard practice for large purchasing projects. Yes. Government size stuff. Yes. Not. Tens of thousands of dollars, right? Yes. You're like, oh, it's so much money. It's not, it was created when the government's about to spend, you know, you know, X millions, hundreds of millions of dollars. [00:10:37] That's what it was designed for. The government, as you remind, like I I said, is like, is requirement when you give to a nonprofit and use government dollars, like, oh, no, no, you gotta do that. R F P process. Mm-hmm. But understand that's where that comes from. That's where that comes from. And there's, there's a belief that that's the right way to do it. [00:10:57] That's the professional way to do it. That's the equitable way to do it. And I would argue for all of those, that's, that is not necessarily true. It is not always the best way. It is always not always the most professional way, and it's certainly not the most equitable way to find someone to work with. [00:11:15] Yeah. I don't know. Maybe to play the other, other side here potentially. One of the things that, when you use the word equitable, in my mind it, it means you have to have the capacity and resources and capability to go about the very lengthy process of creating a proposal. Yeah. And that process. And there's many folks in the nonprofits network that like definitely bristle. [00:11:38] They don't even like go after. Yeah. They're like, no, no, no. I won't even bother. Which means you've already precluded a lot of qualified candidates from applying. That said, I just explained how you could create a proposal builder so that you could get to the conversation. May, maybe the, maybe there's a bright side there. [00:12:01] Maybe there's a bright side there. I, you know, I'm one of those folks who I, I, I don't do cold proposals. And that doesn't mean necessarily that I have worked with a nonprofit before, but I need to at least be able to have a conversation. Very rarely. Does a two or four page R f P have all the information I need to know even what to pitch as a first option for how I might be able to support this organization. [00:12:26] I often have lots of questions. I wanna know a little bit more about the history. I wanna know about why now. I want, you know, I wanna understand why the budget is where it is and what the board's buy-in is things that people don't often write down in their request for proposals. So even that first conversation again, Warming it up a little bit, having a sense of who's really there, what the real challenges are is, is super helpful. [00:12:52] I will say for Whole Whale that we do respond to RFPs, but only if there was a conversation first. Yep. There you go. Like everything starts with a conversation just to make sure we're aligned. Yeah. Are we in the ballpark? Is our type of service, meet your type of need and. We do churn out a lot of proposals. [00:13:10] However, they're much more like project plans, like mm-hmm. We literally take that we and move that into a contract parts of it and say, this is what we're gonna execute on. 'cause that's what we talked about. And you know exactly what you get. So you're already doing pragmatic work now? Yes. We, uh, we do lose a number of proposals. [00:13:29] But that's, you know, that's part of the game. Yeah. And I think of them less as proposals, maybe more as like project plans to make it. More tangible. Mm-hmm. Mm-hmm. Yeah, that makes sense. That makes sense. We often put together proposals that are those project plans, and then the very, if we get the work, the very first piece of that is let's actually dig into this project plan and figure out if it makes sense. [00:13:51] We were basing this on an R f P in a 20 minute conversation. Right. Like, we don't, we, we need some more information. Well, I'm excited to put this out there. I think the more we talk about it, it's just like, it's like this quiet secret and you're like, oh. Mm-hmm. Like nobody knows that a hundred million plus people are using G P T tools to like write all manner of thing. [00:14:11] Like we know Yes. We just aren't talking about it. Yes, yes. You know, it's like if the, if the teacher in the classroom accidentally left the entire answer key on the chalkboard while you took the test and everyone was like, Is anyone gonna tell the teacher that it's there? Like, can we just start having this conversation? [00:14:29] We know it's happening, we know it's going on. And by the way, if you're doing it lazily, if you're doing it in a poor way if you're ever curious, you can go to tools like G P T Zero. Put in that text and you're gonna get a what's called perplexity and burness score, which is, uh, was this probably created by, uh, an AI or not a generative ai or not. [00:14:52] Uh, and so if you are bad at prompting, if you're doing this in a lazy way, uh, it's very much detectable. Mm-hmm. But you don't realize that. But people that know, know, mm-hmm. And I, I, you know, The plus side is there's lots of ways that these tools can help us as nonprofit consultants. You're actually doing a webinar on that very soon. [00:15:12] There's lots of ways that these tools can help nonprofit leaders. So there is a positive side. Just, yeah, be careful with the RFPs. Agree to agree. All right, Heather, all, thanks again. Thank you. And folks can find you at nonprofit, do IST nonprofits. That's correct. And thanks for the community you're building. [00:15:30] Thanks, George.

Today we are taking a look at what is new in PHP 8.3 PHP 8.3 will be released on November 23rd 2023 and has some interesting new features and breaking changes that every PHP develop should be aware of. Checkout the features, breaking changes and links to the RFCs at https://stitcher.io/blog/new-in-php-83 Learn web development https://howtocodewell.net

Kathi Vidal returns to the Clause 8 podcast to talk about her first year as the Director of the US Patent and Trademark Office (USPTO).  In an expansive conversation, Director Vidal talks about what she hopes to accomplish, explains and defends the current process for exploring and making changes to the patent system, and responds to criticisms regarding the state of the system.  Even close observers of her time as Director are bound to be surprised by many comments she offers on this episode. On this episode, Director Vidal and Eli discuss: Offer to become Director & preparation for role Big-picture vision & importance of listening to all stakeholders How stakeholder input drove administration's decision regarding standard essential patent (SEP) policy statements Healthy state of America's patent system & need for improvements on the margins Negative impact of information that discourages use of patent system Reliance of American companies on other jurisdictions to enforce their patent rights Efforts to increase diversity of patent applicants, including efforts to expand pro bono programs Weighing stability of patent system v. implementing change USPTO's willingness to pivot, pause, and extend Are requests for comments (RFCs) destabilizing patent system? Correct way to view USPTO's RFCs – why you shouldn't read too much into individual questions Proposal to record examiner interviews Coordination with USPTO labor unions Indispensable role America's patent system played in creation of the COVID-19 vaccines How lack of patent eligibility for diagnostic tests impeded innovation for COVID-19 tests Efforts of drug companies to make sure that those who needed COVID 19 vaccines got them Message to independent inventors (who hear Molly Metz's story) Upcoming plan to solve for problems faced by independent inventors “Patent troll” narrative – are there too many “bad patents”? Reputation of the PTAB & desire of PTAB judges to get it right Has the PTAB worked out as intended? Purpose of new guidance & rulemaking regarding Fintiv discretionary denials Approach to Director review & importance of independence of PTAB judges Plan to solicit input regarding role of 3rd parties in PTAB proceedings Need for more clarity regarding Section 101 Providing examiners with ability to do pattern recognition for Section 101 analysis Selection of Commissioner for Patents Vaishali Udupa Surprising alignment with America's allies on innovation & IP issues Advice on overcoming career setbacks   

In this episode, we chat with Russ White! Russ has made significant contributions to Networking, such as writing some of the very RFCs we use today! Russ hold’s a Ph D., is one of a handful of Cisco Certified Architects, and is the host of the Hedge Podcast, among other things. Please enjoy our conversationContinue reading "Ep 113 – Russ White"

Ed Horley (of IPv6 Buzz podcast fame) listened to the last show about point to point addressing and hit me up to say "Hey! You're doing it wrong!", and since there is never a bad opportunity to learn from the masters and improve, John and I said "great, let's do another show! And this time we'll bring along Jay and Chris! Listen in as we wander through a lot of interesting facts about TCAM, RFCs, and deployment models.

Allen Wyma talks with Nell Shamrell-Harrington, Member Board of Directors at Rust Foundation and Principal Software Engineer at Microsoft about Microsoft's use of Rust, her time being involved with Rust, and also the Rust RFC process.. Contributing to Rustacean Station Rustacean Station is a community project; get in touch with us if you'd like to suggest an idea for an episode or offer your services as a host or audio editor! Twitter: @rustaceanfm Discord: Rustacean Station Github: @rustacean-station Email: hello@rustacean-station.org Timestamps [@1:30] - Nell's Background and Introduction [@5:31] - Rust communities all over the world [@7:10] - Handling opinions, feedback and RFCs when making changes and updating a language [@11:23] - What is a RFC and how does it work? [@17:43] - Nell's experience switching from Ruby to Rust [@19:56] - Nell's career background [@24:18] - How the Rust Foundation operates [@24:20] - Rust Foundation's sponsorship model [@33:08] - What Microsoft is currently working on with Rust [@42:22] - How much Rust is going into Windows [@44:25] - Is there a public long-term plan for Microsoft's involvement with Rust? [@48:02] - Parting thoughts Credits Intro Theme: Aerocity Audio Editing: Plangora Hosting Infrastructure: Jon Gjengset Show Notes: Plangora Hosts: Allen Wyma

Adrian Kennard and Kevin Hones, Founders of FireBrick routers and firewalls, discuss how to design, build, test and support a hardware router and network operating system from scratch, while sharing the lessons learned. You'll also learn that in certain..

It's impossible to go it alone; especially when your organization is lean and your to-do lists are fat! Enter “the consultant.” How do mission-driven organizations find the right one though? Today's guest is the co-founder of Nonprofit.ist an online community that connects consultants with the mission-driven organizations they can help.    Episode Guest(s): Heather Yandow is a collaborative co-conspirator and creative thinker with over 20 years of experience in the nonprofit world.   Inspired by issues that touch her heart and organizations invested in relationships, Heather gets joy out of helping groups move forward from chaos to clarity. Phrases like “adaptive leadership” and “change management” are sure to get her mind churning.   Before Heather joined Third Space in 2010, she was the Director of Development and Communications with the NC Conservation Network, a statewide network of over 100 organizations focused on protecting North Carolina's environment and public health.   With a personal motto of “just do it,” Heather identifies problems and dreams up actionable solutions. This talent has led to many projects: Heather is the founder of Nonprofit.ist, an online resource that helps pair nonprofits with the right consultants; a co-founder of Beehive Collective, a Raleigh-based giving circle; and the creator of the Individual Donor Benchmark Report. Key Takeaways: Reasons for hiring a consultant: (1) you're dealing with a question that's outside your expertise; (2) you have a persistent challenge that won't go away; and (3) even though you may have the skillset on your staff, you want an outside person to come in and help.   A clear understanding of your challenge and a clear understanding and agreement inside the organization of what kind of person you want to work with helps you find the right person.   Types of engagements: (1) an expert to come in and tell you how it should be done; (2) a facilitator who's going to help the organization have good conversations that are going to lead you down a pathway to answer; (3) a very technical person that you can just hand everything off to and not worry about it.   RFPs do NOT give more people access to the work. Only larger-staff consultants typically have time to fill out RFPs. Instead, consider RFCs (request for conversations).    However, the good part of RFPs is that they include (1) a written understanding of what your challenges are, and what your parameters are; (2) a clear description of the problem and a clear description of what success looks like; (3) some thoughts about timing or at least a timeline, and (4) a budget associated with it.   When consultants are pushed on you by a Board member: Inform them that your policy is to at least two or three different organizations about this potential work. Have clarity around your process and framework for making the decision. For example, “We need someone who is a good fit, with X qualifications and Y kind of experience.”    For consultants: Figure out where you really want to be working. How are you going to say no or not right now? Or it's not your work, how will you introduce them to someone else? Useful Links: Nonrofit.ist Six Excuses for Ignoring Your Messaging Strategy

Highlights from This Week in Rust - Issue 443. This week features a new section within the newsletter as well as the hosts Sean, Allen and Tim chatting about compilers, front-end development, extending databases with Rust and more. Contributing to Rustacean Station Rustacean Station is a community project; get in touch with us if you'd like to suggest an idea for an episode or offer your services as a host or audio editor! Twitter: @rustaceanfm Discord: Rustacean Station Github: @rustacean-station Email: hello@rustacean-station.org Timestamps & referenced resources [@00:00] Welcome [@00:10] - Introduction [@00:50] - Agenda [@01:20] - Quote of the week [@02:50] - Crate of the week [@03:30] Highlights [@03:45] - Things are Getting Rusty in Kernel Land Rust for Linux GitHub org Version 6 of the Rust patchset Supporting Linux kernel development in Rust LWN article discussing the Linux Plumbers 2020 session that kicked off the effort Prossimo funding the effort, sponsored by Google [@09:45] - The Rust Borrow Checker - A Deep Dive MIR (Mid-level representation) introduction From MIR to binaries discusses how binaries are generated MIR borrow check section of the rustc dev guide rustc_borrowck crate within the compiler [@14:40] - PixelBox Public Alpha PixelBox source code egui GUI framework for Rust PyTorch, a popular Python wrapper for the Torch machine learning framework ONNX machine learning format [@18:00] - Rust Ergonomics: Default and From std::default::Default trait documentation std::convert::From trait documentation std::convert::Into trait documentation Code Like a Pro in Rust book by Brendan Matthews, published by Manning [@23:30] - Our Experience Porting the YJIT Ruby Compiler to Rust YJIT: Building a New JIT Compiler for CRuby [talk] MoreVMs'21: “YJIT: Building a New JIT Compiler Inside CRuby” – Maxime Chevalier-Boisvert [@30:30] - Asteracea JSX introduction, from the ReactJS project [audio] Carl Lerche on macros (skip to 28:25) How does WebAssembly fit into the web platform?, an article discussing the interacting with the DOM from wasm. [@37:46] - Ferrite: A Judgmental Embedding of Session Types in Rust Haskell Session Types with (Almost) No Class [pdf] Session Types for Rust Session type Affine type, definition from Wikipedia. [Note from Tim: the definition provided by me in the podcast is incorrect. The term “affine type” is derived from affine logic, not affine transformation.] [@40:40] - New newsletter section: Call for testing RFC: Deduplicate cargo workspace information Scoped threads in the standard library crossbeam crate rustc dev guide [@45:45] - [video] Neon - Building a Postgres storage system in Rust pgx crate for extending PostgreSQL in Rust neon database source code [@50:55] - Extending SQLite with Rust Stored procedure English Wikipedia article Other items [@59:30] Final Comment Period for RFCs, PRs [@59:42] What is “yeet”? Credits Intro Theme: Aerocity Audio Editing: Brógan Molloy Hosting Infrastructure: Jon Gjengset Show Notes: Tim McNamara Hosts: Tim McNamara, Sean Chen, and Allen Wyma.

Malspam with Lokibot vs. Outlook and RFCs https://isc.sans.edu/forums/diary/Malspam+with+Lokibot+vs+Outlook+and+RFCs/27282/ SAP Attacks https://us-cert.cisa.gov/ncas/current-activity/2021/04/06/malicious-cyber-activity-targeting-critical-sap-applications QNAP Upates Older EOL Devices https://www.qnap.com/de-de/release-notes/qts/4.3.6.1620/20210322 GIGASET Android Phones Infected by Compromised Update Server https://www.heise.de/news/Gigaset-Malware-Befall-von-Android-Geraeten-des-Herstellers-gibt-Raetsel-auf-6006464.html