Software’s best weekly news brief, deep technical interviews & talk show.
…
continue reading
Treść dostarczona przez Changelog Media. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Changelog Media lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Podobny do JS Party: JavaScript, CSS, Web Development
This podcast talks about how to program in Java; not your tipical system.out.println("Hello world"), but more like real issues, such as O/R setups, threading, getting certain components on the screen or troubleshooting tips and tricks in general. The format is as a podcast so that you can subscribe to it, and then take it with you and listen to it on your way to work (or on your way home), and learn a little bit more (or reinforce what you knew) from it.
…
continue reading
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
A podcast about web design and development.
…
continue reading
Stay current on JavaScript, Node, and Front-End development. Learn from experts in programming, careers, and technology every week. Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Join our weekly discussion about how to build top end Angular applications and become an Angular expert. Become a supporter of this podcast: https://www.spreaker.com/podcast/adventures-in-angular--6102018/support.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
…
continue reading
Player FM - aplikacja do podcastów
Przejdź do trybu offline z Player FM !
Przejdź do trybu offline z Player FM !
))
What's in your package.json?
Manage episode 318915993 series 1391411
Treść dostarczona przez Changelog Media. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Changelog Media lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Tobie Langel, Open source strategist and Principal at UnlockOpen, joins Chris, Feross, and Amal to discuss recent widespread incidents affecting the JavaScript community (and breaking CI builds) around the globe. Two widely used npm libraries were self-sabotaged by their single maintainer, yet again, highlighting the many gaps in our OSS supply chain security, sustainability and overall practices. We explore all these topics and solution on what our ecosystem needs to be more resilient to these types of attacks in the future.
Changelog++ members save 3 minutes on this episode because they made the ads disappear. Join today!
Sponsors:
- Sentry – Working code means happy customers. That’s exactly why teams choose Sentry. From error tracking to performance monitoring, Sentry helps teams see what actually matters, resolve problems quicker, and learn continuously about their applications - from the frontend to the backend. Use the code
CHANGELOGand get the team plan free for three months. - Changelog++ – You love our content and you want to take it to the next level by showing your support. We’ll take you closer to the metal with no ads, extended episodes, outtakes, bonus content, a deep discount in our merch store (soon), and more to come. Let’s do this!
- Fastly – Our bandwidth partner. Fastly powers fast, secure, and scalable digital experiences. Move beyond your content delivery network to their powerful edge cloud platform. Learn more at fastly.com
Featuring:
- Tobie Langel – Twitter, GitHub, Website
- Amal Hussein – Twitter, GitHub
- Feross Aboukhadijeh – Twitter, GitHub, Website
- Christopher Hiller – Mastodon, Twitter, GitHub, Website
Show Notes:
- Open source developer corrupts widely-used libraries, affecting tons of projects - The Verge
- Tobie’s tweet thread on this self-sabotage
- Tobie’s talk on OSS Sustainability
- Working in Public | A book by Nadia Eghbal
- Four types of OSS projects mentioned in Nadia’s book
- Renovate | A Dependency Management Bot
- Dependabot | Another OSS Dependency Bot
- Sustain OSS | A space for conversations about sustaining open source
- Tidelift
- SBOM - Software Bill of Materials (official US Government Site & Docs)
- Software Bill of Materials’ — Not just good for security, good for business | The Hill
- Executive Order on Improving the Nation’s Cybersecurity
- Tidelift’s SBOM generation service
- Popular NPM package UA-Parser-JS poisoned with cryptomining, password-stealing malware | The Daily Swig
- Roads and Bridges: The Unseen Labor Behind Our Digital Infrastructure / Ford Foundation
- Socket (Security project that Feross is working on)
- Does open source need its own Priority of Constituencies?
- Unlock Open
- who accused me of co-founding npm
Something missing or broken? PRs welcome!
330 odcinków
Udostępnij
Manage episode 318915993 series 1391411
Treść dostarczona przez Changelog Media. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Changelog Media lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Tobie Langel, Open source strategist and Principal at UnlockOpen, joins Chris, Feross, and Amal to discuss recent widespread incidents affecting the JavaScript community (and breaking CI builds) around the globe. Two widely used npm libraries were self-sabotaged by their single maintainer, yet again, highlighting the many gaps in our OSS supply chain security, sustainability and overall practices. We explore all these topics and solution on what our ecosystem needs to be more resilient to these types of attacks in the future.
Changelog++ members save 3 minutes on this episode because they made the ads disappear. Join today!
Sponsors:
- Sentry – Working code means happy customers. That’s exactly why teams choose Sentry. From error tracking to performance monitoring, Sentry helps teams see what actually matters, resolve problems quicker, and learn continuously about their applications - from the frontend to the backend. Use the code
CHANGELOGand get the team plan free for three months. - Changelog++ – You love our content and you want to take it to the next level by showing your support. We’ll take you closer to the metal with no ads, extended episodes, outtakes, bonus content, a deep discount in our merch store (soon), and more to come. Let’s do this!
- Fastly – Our bandwidth partner. Fastly powers fast, secure, and scalable digital experiences. Move beyond your content delivery network to their powerful edge cloud platform. Learn more at fastly.com
Featuring:
- Tobie Langel – Twitter, GitHub, Website
- Amal Hussein – Twitter, GitHub
- Feross Aboukhadijeh – Twitter, GitHub, Website
- Christopher Hiller – Mastodon, Twitter, GitHub, Website
Show Notes:
- Open source developer corrupts widely-used libraries, affecting tons of projects - The Verge
- Tobie’s tweet thread on this self-sabotage
- Tobie’s talk on OSS Sustainability
- Working in Public | A book by Nadia Eghbal
- Four types of OSS projects mentioned in Nadia’s book
- Renovate | A Dependency Management Bot
- Dependabot | Another OSS Dependency Bot
- Sustain OSS | A space for conversations about sustaining open source
- Tidelift
- SBOM - Software Bill of Materials (official US Government Site & Docs)
- Software Bill of Materials’ — Not just good for security, good for business | The Hill
- Executive Order on Improving the Nation’s Cybersecurity
- Tidelift’s SBOM generation service
- Popular NPM package UA-Parser-JS poisoned with cryptomining, password-stealing malware | The Daily Swig
- Roads and Bridges: The Unseen Labor Behind Our Digital Infrastructure / Ford Foundation
- Socket (Security project that Feross is working on)
- Does open source need its own Priority of Constituencies?
- Unlock Open
- who accused me of co-founding npm
Something missing or broken? PRs welcome!
330 odcinków
Wszystkie odcinki
×
Zapraszamy w Player FM
Odtwarzacz FM skanuje sieć w poszukiwaniu wysokiej jakości podcastów, abyś mógł się nią cieszyć już teraz. To najlepsza aplikacja do podcastów, działająca na Androidzie, iPhonie i Internecie. Zarejestruj się, aby zsynchronizować subskrypcje na różnych urządzeniach.
Podobny do JS Party: JavaScript, CSS, Web Development
Software’s best weekly news brief, deep technical interviews & talk show.
…
continue reading
This podcast talks about how to program in Java; not your tipical system.out.println("Hello world"), but more like real issues, such as O/R setups, threading, getting certain components on the screen or troubleshooting tips and tricks in general. The format is as a podcast so that you can subscribe to it, and then take it with you and listen to it on your way to work (or on your way home), and learn a little bit more (or reinforce what you knew) from it.
…
continue reading
The award-winning WIRED UK Podcast with James Temperton and the rest of the team. Listen every week for the an informed and entertaining rundown of latest technology, science, business and culture news. New episodes every Friday.
…
continue reading
A podcast about web design and development.
…
continue reading
Stay current on JavaScript, Node, and Front-End development. Learn from experts in programming, careers, and technology every week. Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Join our weekly discussion about how to build top end Angular applications and become an Angular expert. Become a supporter of this podcast: https://www.spreaker.com/podcast/adventures-in-angular--6102018/support.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
…
continue reading
Player FM - aplikacja do podcastów
Przejdź do trybu offline z Player FM !
Przejdź do trybu offline z Player FM !
