{"version":"https://jsonfeed.org/version/1","title":"The Manifest","home_page_url":"http://manifest.fm","feed_url":"http://manifest.fm/json","description":"Welcome to The Manifest, a podcast all about package management. Your hosts are Alex Pounds and Andrew Nesbitt. Together they explore the technical details of package management, the stories and the history of various projects, and the communities around them too. Every so often there will be a brand new interview with a package manager maintainer.","_fireside":{"subtitle":"A podcast all about package management","pubdate":"2021-08-16T05:00:00.000+01:00","explicit":false,"copyright":"CC Attribution + Noncommercial + ShareAlike (BY-NC-SA) by Andrew Nesbitt and Alex Pounds","owner":"Andrew Nesbitt and Alex Pounds","image":"https://media24.fireside.fm/file/fireside-images-2024/podcasts/images/0/09b1672e-d238-4955-847b-084d98d93e95/cover.jpg?v=1"},"items":[{"id":"443bf144-2788-4c18-b5b4-39e8408c6ca9","title":"Episode 16: Conda Forge, Mamba, and Packaging Con with Wolf Vollprecht","url":"https://manifest.fm/16","content_text":"Wherein we talk with Wolf Vollprecht about his work on Conda Forge and Mamba and the upcoming Packaging-Con event that he's organizing.\n\nThe Packaging Con 2021: Call for Presentations is open until 1st September 2021,14:00 (UTC) if you'd like to speak: https://pretalx.com/packagingcon-2021/cfpSpecial Guest: Wolf Vollprecht.Links:conda-forgeconda-forge on GitHubAnaconda.orgPackagingCon 2021PackagingCon 2021: Call for PresentationsPackage Management devroom FOSDEM 2018Wolf Vollprecht on GitHubWolf VollprechtWolf Vollprecht on TwitterQuantStackQuantStack on GitHub","content_html":"\u003cp\u003eWherein we talk with Wolf Vollprecht about his work on Conda Forge and Mamba and the upcoming \u003ca href=\"https://packaging-con.org/\" rel=\"nofollow\"\u003ePackaging-Con\u003c/a\u003e event that he\u0026#39;s organizing.\u003c/p\u003e\n\n\u003cp\u003eThe Packaging Con 2021: Call for Presentations is open until 1st September 2021,14:00 (UTC) if you\u0026#39;d like to speak: \u003ca href=\"https://pretalx.com/packagingcon-2021/cfp\" rel=\"nofollow\"\u003ehttps://pretalx.com/packagingcon-2021/cfp\u003c/a\u003e\u003c/p\u003e\u003cp\u003eSpecial Guest: Wolf Vollprecht.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"conda-forge\" rel=\"nofollow\" href=\"https://conda-forge.org/\"\u003econda-forge\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"conda-forge on GitHub\" rel=\"nofollow\" href=\"https://github.com/conda-forge\"\u003econda-forge on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Anaconda.org\" rel=\"nofollow\" href=\"https://anaconda.org/\"\u003eAnaconda.org\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"PackagingCon 2021\" rel=\"nofollow\" href=\"https://packaging-con.org/\"\u003ePackagingCon 2021\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"PackagingCon 2021: Call for Presentations\" rel=\"nofollow\" href=\"https://pretalx.com/packagingcon-2021/cfp\"\u003ePackagingCon 2021: Call for Presentations\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Package Management devroom FOSDEM 2018\" rel=\"nofollow\" href=\"https://archive.fosdem.org/2018/schedule/track/package_management/\"\u003ePackage Management devroom FOSDEM 2018\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Wolf Vollprecht on GitHub\" rel=\"nofollow\" href=\"https://github.com/wolfv\"\u003eWolf Vollprecht on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Wolf Vollprecht\" rel=\"nofollow\" href=\"https://www.wolfvollprecht.de/\"\u003eWolf Vollprecht\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Wolf Vollprecht on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/wuoulf\"\u003eWolf Vollprecht on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"QuantStack\" rel=\"nofollow\" href=\"https://quantstack.net/\"\u003eQuantStack\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"QuantStack on GitHub\" rel=\"nofollow\" href=\"https://github.com/QuantStack/\"\u003eQuantStack on GitHub\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Wherein we talk with Wolf Vollprecht about his work on Conda Forge and Mamba and the upcoming Packaging-Con event that he's organizing.","date_published":"2021-08-16T05:00:00.000+01:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/09b1672e-d238-4955-847b-084d98d93e95/443bf144-2788-4c18-b5b4-39e8408c6ca9.mp3","mime_type":"audio/mpeg","size_in_bytes":19638691,"duration_in_seconds":2145}]},{"id":"43fcac1c-6d92-45e5-a5dc-81a2bd8e3f2d","title":"Episode 15: Packagist with Nils Adermann","url":"https://manifest.fm/15","content_text":"Wherein Alex talks with Nils Adermann, the co-founder of Packagist and co-creator of Composer, about package management in PHP.Special Guest: Nils Adermann.","content_html":"\u003cp\u003eWherein Alex talks with Nils Adermann, the co-founder of Packagist and co-creator of Composer, about package management in PHP.\u003c/p\u003e\u003cp\u003eSpecial Guest: Nils Adermann.\u003c/p\u003e","summary":"Wherein Alex talks with Nils Adermann, the co-founder of Packagist and co-creator of Composer, about package management in PHP.","date_published":"2019-11-10T20:00:00.000+00:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/09b1672e-d238-4955-847b-084d98d93e95/43fcac1c-6d92-45e5-a5dc-81a2bd8e3f2d.mp3","mime_type":"audio/mpeg","size_in_bytes":31513211,"duration_in_seconds":3373}]},{"id":"55c46095-ca16-45a7-895c-1e30503a07d8","title":"Episode 14: Debian and Reproducible Builds with Chris Lamb","url":"https://manifest.fm/14","content_text":"Wherein we discuss how package management works in Debian and the Reproducible Builds project with Chris Lamb, a director of both the Open Source Initiative and of Software in the Public Interest, previously the Debian Project Leader and a core developer on the Reproducible Builds project.Special Guest: Chris Lamb.","content_html":"\u003cp\u003eWherein we discuss how package management works in Debian and the Reproducible Builds project with Chris Lamb, a director of both the Open Source Initiative and of Software in the Public Interest, previously the Debian Project Leader and a core developer on the Reproducible Builds project.\u003c/p\u003e\u003cp\u003eSpecial Guest: Chris Lamb.\u003c/p\u003e","summary":"Wherein we discuss how package management works in Debian and the Reproducible Builds project with Chris Lamb, a director of both the Open Source Initiative and of Software in the Public Interest, previously the Debian Project Leader and a core developer on the Reproducible Builds project.","date_published":"2019-11-04T12:00:00.000+00:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/09b1672e-d238-4955-847b-084d98d93e95/55c46095-ca16-45a7-895c-1e30503a07d8.mp3","mime_type":"audio/mpeg","size_in_bytes":30230233,"duration_in_seconds":3397}]},{"id":"2f64bd30-43f1-47af-9fb0-e2fa73ce8a23","title":"Episode 13: Conan with Diego Rodriguez-Losada","url":"https://manifest.fm/13","content_text":"Wherein we discuss Conan, the C and C++ package manager with Diego Rodriguez-Losada as it reaches 1.0. We talk about what inspired the development of Conan, package management problems specific to C/C++ package management and the plans for the future.\n\nNote: This episode was recorded 9 months before it was published, so some details may be out of date.Special Guest: Diego Rodriguez-Losada.Links:ConanConan on GitHubBintrayBincraftersbiicodeJFrog XrayConan hits 1.0Cpplang SlackDiego's websiteDiego on TwitterDiego on GitHubSwampUP","content_html":"\u003cp\u003eWherein we discuss Conan, the C and C++ package manager with Diego Rodriguez-Losada as it reaches 1.0. We talk about what inspired the development of Conan, package management problems specific to C/C++ package management and the plans for the future.\u003c/p\u003e\n\n\u003cp\u003eNote: This episode was recorded 9 months before it was published, so some details may be out of date.\u003c/p\u003e\u003cp\u003eSpecial Guest: Diego Rodriguez-Losada.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Conan\" rel=\"nofollow\" href=\"https://conan.io/\"\u003eConan\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Conan on GitHub\" rel=\"nofollow\" href=\"https://github.com/conan-io/conan\"\u003eConan on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Bintray\" rel=\"nofollow\" href=\"https://bintray.com/\"\u003eBintray\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Bincrafters\" rel=\"nofollow\" href=\"https://bincrafters.github.io/\"\u003eBincrafters\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"biicode\" rel=\"nofollow\" href=\"https://github.com/biicode\"\u003ebiicode\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"JFrog Xray\" rel=\"nofollow\" href=\"https://jfrog.com/xray/\"\u003eJFrog Xray\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Conan hits 1.0\" rel=\"nofollow\" href=\"https://blog.conan.io/2018/01/10/Conan-C-C++-Package-Manager-Hits-1.0.html\"\u003eConan hits 1.0\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cpplang Slack\" rel=\"nofollow\" href=\"https://cpplang.now.sh/\"\u003eCpplang Slack\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Diego\u0026#39;s website\" rel=\"nofollow\" href=\"https://sites.google.com/site/diegorlosada/\"\u003eDiego\u0026#39;s website\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Diego on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/diegorlosada\"\u003eDiego on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Diego on GitHub\" rel=\"nofollow\" href=\"https://github.com/drodri\"\u003eDiego on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"SwampUP\" rel=\"nofollow\" href=\"https://swampup.jfrog.com/\"\u003eSwampUP\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Wherein we discuss Conan, the C and C++ package manager with Diego Rodriguez-Losada as it reaches 1.0. We talk about what inspired the development of Conan, package management problems specific to C/C++ package management and the plans for the future.\r\n\r\nNote: This episode was recorded 9 months before it was published, so some details may be out of date.\r\n","date_published":"2019-02-25T02:00:00.000+00:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/09b1672e-d238-4955-847b-084d98d93e95/2f64bd30-43f1-47af-9fb0-e2fa73ce8a23.mp3","mime_type":"audio/mpeg","size_in_bytes":38071476,"duration_in_seconds":4160}]},{"id":"a2ca6fc4-86ea-4b09-a408-0d6d4c26a7c8","title":"Episode 12: Clojars with Daniel Compton","url":"https://manifest.fm/12","content_text":"Wherein we discuss Clojars, the clojure package manager registry and it's relationship to Maven with Daniel Compton. Special Guest: Daniel Compton.Links:ClojarsDatomicClojureMicrosoft Dynamics NAVC/AL programming languageMavenThe Manifest Episode 6: Maven with Brian FoxLeiningenBoot: build tooling for ClojurecljdocMaven Artifact ResolverOpenJDKGraalClojureScriptGoogle Closure CompilervgoGit Deps for ClojureDeps - Private Maven Repository HostingDaniel Compton's websiteDaniel Compton on GitHubDaniel Compton on TwitterClojars on GitHub","content_html":"\u003cp\u003eWherein we discuss Clojars, the clojure package manager registry and it\u0026#39;s relationship to Maven with Daniel Compton. \u003c/p\u003e\u003cp\u003eSpecial Guest: Daniel Compton.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Clojars\" rel=\"nofollow\" href=\"https://clojars.org/\"\u003eClojars\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Datomic\" rel=\"nofollow\" href=\"https://www.datomic.com/\"\u003eDatomic\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Clojure\" rel=\"nofollow\" href=\"https://clojure.org/\"\u003eClojure\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Microsoft Dynamics NAV\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Microsoft_Dynamics_NAV\"\u003eMicrosoft Dynamics NAV\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"C/AL programming language\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/C/AL\"\u003eC/AL programming language\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Maven\" rel=\"nofollow\" href=\"https://maven.apache.org/\"\u003eMaven\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Manifest Episode 6: Maven with Brian Fox\" rel=\"nofollow\" href=\"https://manifest.fm/6\"\u003eThe Manifest Episode 6: Maven with Brian Fox\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Leiningen\" rel=\"nofollow\" href=\"https://leiningen.org/\"\u003eLeiningen\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Boot: build tooling for Clojure\" rel=\"nofollow\" href=\"https://boot-clj.com/\"\u003eBoot: build tooling for Clojure\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"cljdoc\" rel=\"nofollow\" href=\"https://cljdoc.org/\"\u003ecljdoc\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Maven Artifact Resolver\" rel=\"nofollow\" href=\"https://maven.apache.org/resolver/index.html\"\u003eMaven Artifact Resolver\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"OpenJDK\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/OpenJDK\"\u003eOpenJDK\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Graal\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/GraalVM\"\u003eGraal\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"ClojureScript\" rel=\"nofollow\" href=\"https://clojurescript.org/\"\u003eClojureScript\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Google Closure Compiler\" rel=\"nofollow\" href=\"https://developers.google.com/closure/compiler/\"\u003eGoogle Closure Compiler\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"vgo\" rel=\"nofollow\" href=\"https://research.swtch.com/vgo\"\u003evgo\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Git Deps for Clojure\" rel=\"nofollow\" href=\"https://clojure.org/news/2018/01/05/git-deps\"\u003eGit Deps for Clojure\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Deps - Private Maven Repository Hosting\" rel=\"nofollow\" href=\"https://www.deps.co/\"\u003eDeps - Private Maven Repository Hosting\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Daniel Compton\u0026#39;s website\" rel=\"nofollow\" href=\"https://danielcompton.net/\"\u003eDaniel Compton\u0026#39;s website\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Daniel Compton on GitHub\" rel=\"nofollow\" href=\"https://github.com/danielcompton\"\u003eDaniel Compton on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Daniel Compton on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/danielwithmusic\"\u003eDaniel Compton on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Clojars on GitHub\" rel=\"nofollow\" href=\"https://github.com/clojars\"\u003eClojars on GitHub\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Wherein we discuss Clojars, the clojure package manager registry and it's relationship to Maven with Daniel Compton. ","date_published":"2019-02-04T02:00:00.000+00:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/09b1672e-d238-4955-847b-084d98d93e95/a2ca6fc4-86ea-4b09-a408-0d6d4c26a7c8.mp3","mime_type":"audio/mpeg","size_in_bytes":41436323,"duration_in_seconds":3896}]},{"id":"65e17f68-f4e9-48f7-aa35-7f88a13ce8a3","title":"Episode 11: Spack with Todd Gamblin","url":"https://manifest.fm/11","content_text":"Wherein we chat with Todd Gamblin about Spack, the package manager for supercomputers. We talk the unique challenges that packaging for High-performance computing platforms bring to package management, whether you should mine bitcoins on super computers and what's planned for the future of spack.Special Guest: Todd Gamblin.Links:SpackSpack on GitHubSpack documentationLawrence Livermore National LaboratoryHigh-performance computering on WikipediaEasyBuildSpack white paperHow To Make Package Managers CryPubGrub: Next-Generation Version Solving – Natalie WeizenbaumTodd Gamblin on GitHubTodd Gamblin on TwitterTodd Gamblin on The Changelog","content_html":"\u003cp\u003eWherein we chat with Todd Gamblin about Spack, the package manager for supercomputers. We talk the unique challenges that packaging for High-performance computing platforms bring to package management, whether you should mine bitcoins on super computers and what\u0026#39;s planned for the future of spack.\u003c/p\u003e\u003cp\u003eSpecial Guest: Todd Gamblin.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Spack\" rel=\"nofollow\" href=\"https://spack.io/\"\u003eSpack\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Spack on GitHub\" rel=\"nofollow\" href=\"https://github.com/spack/spack\"\u003eSpack on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Spack documentation\" rel=\"nofollow\" href=\"https://spack.readthedocs.io/en/latest/index.html\"\u003eSpack documentation\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Lawrence Livermore National Laboratory\" rel=\"nofollow\" href=\"https://www.llnl.gov/\"\u003eLawrence Livermore National Laboratory\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"High-performance computering on Wikipedia\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Supercomputer\"\u003eHigh-performance computering on Wikipedia\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"EasyBuild\" rel=\"nofollow\" href=\"http://easybuilders.github.io/easybuild/\"\u003eEasyBuild\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Spack white paper\" rel=\"nofollow\" href=\"https://tgamblin.github.io/pubs/spack-sc15.pdf\"\u003eSpack white paper\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"How To Make Package Managers Cry\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=NSemlYagjIU\"\u003eHow To Make Package Managers Cry\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"PubGrub: Next-Generation Version Solving – Natalie Weizenbaum\" rel=\"nofollow\" href=\"https://medium.com/@nex3/pubgrub-2fb6470504f\"\u003ePubGrub: Next-Generation Version Solving – Natalie Weizenbaum\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Todd Gamblin on GitHub\" rel=\"nofollow\" href=\"https://github.com/tgamblin\"\u003eTodd Gamblin on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Todd Gamblin on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/tgamblin\"\u003eTodd Gamblin on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Todd Gamblin on The Changelog\" rel=\"nofollow\" href=\"https://changelog.com/podcast/284\"\u003eTodd Gamblin on The Changelog\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Wherein we chat with Todd Gamblin about Spack, the package manager for supercomputers. We talk the unique challenges that packaging for High-performance computing platforms bring to package management, whether you should mine bitcoins on super computers and what's planned for the future of spack.","date_published":"2019-01-21T02:00:00.000+00:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/09b1672e-d238-4955-847b-084d98d93e95/65e17f68-f4e9-48f7-aa35-7f88a13ce8a3.mp3","mime_type":"audio/mpeg","size_in_bytes":32440528,"duration_in_seconds":3397}]},{"id":"ad18a924-e692-4b2c-9751-3df5df5da6fa","title":"Episode 10: Licensing with Kate Stewart","url":"https://manifest.fm/10","content_text":"Wherein we discuss open source licensing and how that relates to software packaging with Kate Stewart, of Linux Foundation and SPDX.Special Guest: Kate Stewart.Links:Board support packageLTIBSoftware Package Data Exchange (SPDX)DEP5FreshmeatFOSSologyBlack DuckCompliance Basics for DevelopersChoose a LicenseFreeRTOSThe `React Patent License’ ControversySPDX on GitHublibrariesio/spdx: A SPDX license normalizerlibrariesio/license-compatibility: Check compatibility between different SPDX licensesFree Software FoundationFOSDEM 2018 - Legal and Policy Issues devroomHeather MeekerKyle MitchellLuis VillaOracle America, Inc. v. Google, Inc.Spdx-tech mailing listSpdx-legal mailing listKate Stewart on Twitter","content_html":"\u003cp\u003eWherein we discuss open source licensing and how that relates to software packaging with Kate Stewart, of Linux Foundation and SPDX.\u003c/p\u003e\u003cp\u003eSpecial Guest: Kate Stewart.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Board support package\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Board_support_package\"\u003eBoard support package\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"LTIB\" rel=\"nofollow\" href=\"http://ltib.org/\"\u003eLTIB\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Software Package Data Exchange (SPDX)\" rel=\"nofollow\" href=\"https://spdx.org/\"\u003eSoftware Package Data Exchange (SPDX)\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"DEP5\" rel=\"nofollow\" href=\"https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/\"\u003eDEP5\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Freshmeat\" rel=\"nofollow\" href=\"http://freshmeat.sourceforge.net/\"\u003eFreshmeat\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"FOSSology\" rel=\"nofollow\" href=\"https://www.fossology.org/\"\u003eFOSSology\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Black Duck\" rel=\"nofollow\" href=\"https://www.blackducksoftware.com/\"\u003eBlack Duck\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Compliance Basics for Developers\" rel=\"nofollow\" href=\"https://training.linuxfoundation.org/training/compliance-basics-for-developers/\"\u003eCompliance Basics for Developers\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Choose a License\" rel=\"nofollow\" href=\"https://choosealicense.com/\"\u003eChoose a License\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"FreeRTOS\" rel=\"nofollow\" href=\"https://www.freertos.org/\"\u003eFreeRTOS\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The `React Patent License’ Controversy\" rel=\"nofollow\" href=\"https://hackernoon.com/4-lessons-from-the-react-patent-license-controversy-3da3c4baf3a4\"\u003eThe `React Patent License’ Controversy\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"SPDX on GitHub\" rel=\"nofollow\" href=\"https://github.com/spdx\"\u003eSPDX on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"librariesio/spdx: A SPDX license normalizer\" rel=\"nofollow\" href=\"https://github.com/librariesio/spdx\"\u003elibrariesio/spdx: A SPDX license normalizer\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"librariesio/license-compatibility: Check compatibility between different SPDX licenses\" rel=\"nofollow\" href=\"https://github.com/librariesio/license-compatibility\"\u003elibrariesio/license-compatibility: Check compatibility between different SPDX licenses\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Free Software Foundation\" rel=\"nofollow\" href=\"https://www.fsf.org/\"\u003eFree Software Foundation\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"FOSDEM 2018 - Legal and Policy Issues devroom\" rel=\"nofollow\" href=\"https://archive.fosdem.org/2018/schedule/track/legal_and_policy_issues/\"\u003eFOSDEM 2018 - Legal and Policy Issues devroom\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Heather Meeker\" rel=\"nofollow\" href=\"https://heathermeeker.com/\"\u003eHeather Meeker\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Kyle Mitchell\" rel=\"nofollow\" href=\"https://kemitchell.com/\"\u003eKyle Mitchell\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Luis Villa\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Luis_Villa\"\u003eLuis Villa\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Oracle America, Inc. v. Google, Inc.\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Oracle_America,_Inc._v._Google,_Inc.\"\u003eOracle America, Inc. v. Google, Inc.\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Spdx-tech mailing list\" rel=\"nofollow\" href=\"https://lists.spdx.org/g/spdx-tech\"\u003eSpdx-tech mailing list\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Spdx-legal mailing list\" rel=\"nofollow\" href=\"https://lists.spdx.org/g/spdx-legal\"\u003eSpdx-legal mailing list\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Kate Stewart on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/_kate_stewart\"\u003eKate Stewart on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Wherein we discuss open source licensing and how that relates to software packaging with Kate Stewart, of Linux Foundation and SPDX.","date_published":"2018-08-29T01:00:00.000+01:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/09b1672e-d238-4955-847b-084d98d93e95/ad18a924-e692-4b2c-9751-3df5df5da6fa.mp3","mime_type":"audio/mpeg","size_in_bytes":28474607,"duration_in_seconds":3385}]},{"id":"817f7709-f785-40d9-968e-527d89333095","title":"Episode 9: Typosquatting with Adam Baldwin","url":"https://manifest.fm/9","content_text":"Wherein we discuss typosquatting and other security matters with Adam Baldwin, of Lift security and the Node Security Platform. We cover what kind of exploits people are trying, speculate about how blockchains may well be the answer, and unsuccessfully attempt to start a turf war between various package managers. Special Guest: Adam Baldwin.Links:^Lift Securitynpm registryTypo.js on GitHub52% of All JavaScript npm Packages Could Have Been Hacked via Weak CredentialsHave I been pwned?Protect your npm account with two-factor authenticationTyposquatting programming language package managersShellshockDependency CIThe Update Frameworkpackage.communitycrossenv malware on the npm registryNode Security PlatformYarnAdam Baldwin on TwitterAdam Baldwin on GitHub","content_html":"\u003cp\u003eWherein we discuss typosquatting and other security matters with Adam Baldwin, of Lift security and the Node Security Platform. We cover what kind of exploits people are trying, speculate about how blockchains may well be the answer, and unsuccessfully attempt to start a turf war between various package managers. \u003c/p\u003e\u003cp\u003eSpecial Guest: Adam Baldwin.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"^Lift Security\" rel=\"nofollow\" href=\"https://liftsecurity.io/\"\u003e^Lift Security\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"npm registry\" rel=\"nofollow\" href=\"https://www.npmjs.com/\"\u003enpm registry\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Typo.js on GitHub\" rel=\"nofollow\" href=\"https://github.com/cfinke/Typo.js/\"\u003eTypo.js on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"52% of All JavaScript npm Packages Could Have Been Hacked via Weak Credentials\" rel=\"nofollow\" href=\"https://www.bleepingcomputer.com/news/security/52-percent-of-all-javascript-npm-packages-could-have-been-hacked-via-weak-credentials/\"\u003e52% of All JavaScript npm Packages Could Have Been Hacked via Weak Credentials\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Have I been pwned?\" rel=\"nofollow\" href=\"https://haveibeenpwned.com/\"\u003eHave I been pwned?\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Protect your npm account with two-factor authentication\" rel=\"nofollow\" href=\"http://blog.npmjs.org/post/166039777883/protect-your-npm-account-with-two-factor\"\u003eProtect your npm account with two-factor authentication\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Typosquatting programming language package managers\" rel=\"nofollow\" href=\"http://incolumitas.com/2016/06/08/typosquatting-package-managers/\"\u003eTyposquatting programming language package managers\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Shellshock\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Shellshock_(software_bug)\"\u003eShellshock\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dependency CI\" rel=\"nofollow\" href=\"https://dependencyci.com/\"\u003eDependency CI\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Update Framework\" rel=\"nofollow\" href=\"https://theupdateframework.github.io/\"\u003eThe Update Framework\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"package.community\" rel=\"nofollow\" href=\"http://package.community/\"\u003epackage.community\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"crossenv malware on the npm registry\" rel=\"nofollow\" href=\"http://blog.npmjs.org/post/163723642530/crossenv-malware-on-the-npm-registry\"\u003ecrossenv malware on the npm registry\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Node Security Platform\" rel=\"nofollow\" href=\"https://nodesecurity.io/\"\u003eNode Security Platform\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Yarn\" rel=\"nofollow\" href=\"https://yarnpkg.com/\"\u003eYarn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Adam Baldwin on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/adam_baldwin\"\u003eAdam Baldwin on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Adam Baldwin on GitHub\" rel=\"nofollow\" href=\"https://github.com/evilpacket\"\u003eAdam Baldwin on GitHub\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Wherein we discuss typosquatting and other security matters with Adam Baldwin, of Lift security and the Node Security Platform.","date_published":"2017-12-11T06:00:00.000+00:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/09b1672e-d238-4955-847b-084d98d93e95/817f7709-f785-40d9-968e-527d89333095.mp3","mime_type":"audio/mpeg","size_in_bytes":27109626,"duration_in_seconds":3030}]},{"id":"11524904-bffa-4ed8-b2b5-4d73c3ae1206","title":"Episode 8: Cargo and Crates.io with Carol (Nichols || Goulding)","url":"https://manifest.fm/8","content_text":"Wherein we discuss Cargo (the Rust package manager) and Crates.io (the Rust package registry) with Carol (Nichols || Goulding). We talk about the Rust language, the history of the project, the features that make Cargo the envy of all the other package managers, and the sustainability of the project.Special Guest: Carol (Nichols || Goulding).Links:FOSDEM Package Management Devroom CFPCrates.ioCargo on GitHub","content_html":"\u003cp\u003eWherein we discuss Cargo (the Rust package manager) and Crates.io (the Rust package registry) with Carol (Nichols || Goulding). We talk about the Rust language, the history of the project, the features that make Cargo the envy of all the other package managers, and the sustainability of the project.\u003c/p\u003e\u003cp\u003eSpecial Guest: Carol (Nichols || Goulding).\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"FOSDEM Package Management Devroom CFP\" rel=\"nofollow\" href=\"https://gist.github.com/BenJam/b73b5fa684fc05cc3db8a9f8d6e4f701\"\u003eFOSDEM Package Management Devroom CFP\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Crates.io\" rel=\"nofollow\" href=\"https://crates.io/\"\u003eCrates.io\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Cargo on GitHub\" rel=\"nofollow\" href=\"https://github.com/rust-lang/cargo\"\u003eCargo on GitHub\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Wherein we discuss Cargo (the Rust package manager) and Crates.io (the Rust package registry) with Carol (Nichols || Goulding).","date_published":"2017-11-27T06:00:00.000+00:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/09b1672e-d238-4955-847b-084d98d93e95/11524904-bffa-4ed8-b2b5-4d73c3ae1206.mp3","mime_type":"audio/mpeg","size_in_bytes":32147171,"duration_in_seconds":3508}]},{"id":"302d2c5f-ac64-4a48-8280-f732e26e49b6","title":"Episode 7: The Update Framework with Trishank Karthik Kuppusamy","url":"https://manifest.fm/7","content_text":"Wherein we chat with Trishank Karthik Kuppusamy about The Update Framework, a security layer that lets package managers assure the veracity and integrity of their packages. We talk about how it grew out of the TOR Project, how it works, how Uptane is used for package management in cars (!), and what package maintainers can do to help their own security.Special Guest: Trishank Karthik Kuppusamy.Links:FOSDEM Package Management Devroom CFPThe Update FrameworkThe Update Framework on GitHub","content_html":"\u003cp\u003eWherein we chat with Trishank Karthik Kuppusamy about The Update Framework, a security layer that lets package managers assure the veracity and integrity of their packages. We talk about how it grew out of the TOR Project, how it works, how Uptane is used for package management in cars (!), and what package maintainers can do to help their own security.\u003c/p\u003e\u003cp\u003eSpecial Guest: Trishank Karthik Kuppusamy.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"FOSDEM Package Management Devroom CFP\" rel=\"nofollow\" href=\"https://gist.github.com/BenJam/b73b5fa684fc05cc3db8a9f8d6e4f701\"\u003eFOSDEM Package Management Devroom CFP\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Update Framework\" rel=\"nofollow\" href=\"https://theupdateframework.github.io/\"\u003eThe Update Framework\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Update Framework on GitHub\" rel=\"nofollow\" href=\"https://github.com/theupdateframework/tuf\"\u003eThe Update Framework on GitHub\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Wherein we chat with Trishank Karthik Kuppusamy about The Update Framework, a security layer that lets package managers assure the veracity and integrity of their packages.","date_published":"2017-11-13T06:00:00.000+00:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/09b1672e-d238-4955-847b-084d98d93e95/302d2c5f-ac64-4a48-8280-f732e26e49b6.mp3","mime_type":"audio/mpeg","size_in_bytes":29793286,"duration_in_seconds":3425}]},{"id":"0e77a4c8-dc17-47f5-be68-178dfb45ed31","title":"Episode 6: Maven with Brian Fox","url":"https://manifest.fm/6","content_text":"Wherein we chat with Brian Fox about all things Maven. We hear the history of Maven Central, war stories, how Minecraft DDoSed the service, and discuss planning for the future of Maven and Java 9.Special Guest: Brian Fox.Links:MavenMaven Central SearchMaven Central RepositorySonatypeBrian on TwitterBrian in GitHubFOSDEM Package Management Devroom CFP","content_html":"\u003cp\u003eWherein we chat with Brian Fox about all things Maven. We hear the history of Maven Central, war stories, how Minecraft DDoSed the service, and discuss planning for the future of Maven and Java 9.\u003c/p\u003e\u003cp\u003eSpecial Guest: Brian Fox.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Maven\" rel=\"nofollow\" href=\"https://maven.apache.org/\"\u003eMaven\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Maven Central Search\" rel=\"nofollow\" href=\"https://search.maven.org/\"\u003eMaven Central Search\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Maven Central Repository\" rel=\"nofollow\" href=\"http://central.sonatype.org/\"\u003eMaven Central Repository\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sonatype\" rel=\"nofollow\" href=\"https://www.sonatype.com/\"\u003eSonatype\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Brian on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/brian_fox\"\u003eBrian on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Brian in GitHub\" rel=\"nofollow\" href=\"https://github.com/brianf\"\u003eBrian in GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"FOSDEM Package Management Devroom CFP\" rel=\"nofollow\" href=\"https://gist.github.com/BenJam/b73b5fa684fc05cc3db8a9f8d6e4f701\"\u003eFOSDEM Package Management Devroom CFP\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Wherein we chat with Brian Fox about all things Maven. We hear the history of Maven Central, war stories, and discuss planning for the future of Maven and Java 9.","date_published":"2017-10-30T06:00:00.000+00:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/09b1672e-d238-4955-847b-084d98d93e95/0e77a4c8-dc17-47f5-be68-178dfb45ed31.mp3","mime_type":"audio/mpeg","size_in_bytes":33507227,"duration_in_seconds":4099}]},{"id":"9e61b750-a39b-48ea-8aca-ce26a2882901","title":"Episode 5: Pub with Natalie Weizenbaum","url":"https://manifest.fm/5","content_text":"Wherein we discuss Dart and Pub with Natalie Weizenbaum. We discuss how Dart and Pub are being used and developed within Google and a potential new algorithm for more user friendly dependency resolution error messages.Special Guest: Natalie Weizenbaum.Links:Pub: Dart Package ManagerPub on GitHubDart programming languageAngularDartFlutterBob Nystromgclient — gclientSass: Syntactically Awesome Style SheetsSass EyeglassDPLL algorithm - WikipediaNatalie on GitHubNatalie on Twitter","content_html":"\u003cp\u003eWherein we discuss Dart and Pub with Natalie Weizenbaum. We discuss how Dart and Pub are being used and developed within Google and a potential new algorithm for more user friendly dependency resolution error messages.\u003c/p\u003e\u003cp\u003eSpecial Guest: Natalie Weizenbaum.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Pub: Dart Package Manager\" rel=\"nofollow\" href=\"https://pub.dartlang.org/\"\u003ePub: Dart Package Manager\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Pub on GitHub\" rel=\"nofollow\" href=\"https://github.com/dart-lang/pub\"\u003ePub on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Dart programming language\" rel=\"nofollow\" href=\"https://www.dartlang.org/\"\u003eDart programming language\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"AngularDart\" rel=\"nofollow\" href=\"https://webdev.dartlang.org/angular/\"\u003eAngularDart\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Flutter\" rel=\"nofollow\" href=\"https://flutter.io/\"\u003eFlutter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Bob Nystrom\" rel=\"nofollow\" href=\"https://github.com/munificent\"\u003eBob Nystrom\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"gclient\" rel=\"nofollow\" href=\"https://www.chromium.org/developers/how-tos/depottools\"\u003egclient\u003c/a\u003e \u0026mdash; gclient\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sass: Syntactically Awesome Style Sheets\" rel=\"nofollow\" href=\"http://sass-lang.com/\"\u003eSass: Syntactically Awesome Style Sheets\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sass Eyeglass\" rel=\"nofollow\" href=\"https://github.com/sass-eyeglass\"\u003eSass Eyeglass\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"DPLL algorithm - Wikipedia\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/DPLL_algorithm\"\u003eDPLL algorithm - Wikipedia\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Natalie on GitHub\" rel=\"nofollow\" href=\"https://github.com/nex3\"\u003eNatalie on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Natalie on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/nex3\"\u003eNatalie on Twitter\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Wherein we discuss Dart and Pub with Natalie Weizenbaum. We discuss how Dart and Pub are being used and developed within Google and a potential new algorithm for more user friendly dependency resolution error messages.","date_published":"2017-10-16T01:00:00.000+01:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/09b1672e-d238-4955-847b-084d98d93e95/9e61b750-a39b-48ea-8aca-ce26a2882901.mp3","mime_type":"audio/mpeg","size_in_bytes":20913491,"duration_in_seconds":2888}]},{"id":"c32d55cb-f5f8-4fa7-b1ff-318847b09d6a","title":"Episode 4: Go dep with Sam Boyer","url":"https://manifest.fm/4","content_text":"Wherein we discuss Go and Dep with Sam Boyer. We discuss how he led the improvements to package management for the Go ecosystem and went deep on satisfiability and how it relates to dependency resolution.Special Guest: Sam Boyer.Links:dep on GitHubThe Go Programming Languagegps on GitHubglide on GitHubThe Saga of Go Dependency ManagementGo Package Management ToolsSo you want to write a package managergopkg.inThe New Era of Go Package ManagementSatisfiability - WikipediaMiniSatHorn clausesThe Art of Computer Programming, Volume 4, Fascicle 6: SatisfiabilityConflict-Driven Clause LearningBackjumpingGophers on SlackSam on TwitterSam on GitHub","content_html":"\u003cp\u003eWherein we discuss Go and Dep with Sam Boyer. We discuss how he led the improvements to package management for the Go ecosystem and went deep on satisfiability and how it relates to dependency resolution.\u003c/p\u003e\u003cp\u003eSpecial Guest: Sam Boyer.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"dep on GitHub\" rel=\"nofollow\" href=\"https://github.com/golang/dep\"\u003edep on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Go Programming Language\" rel=\"nofollow\" href=\"https://golang.org/\"\u003eThe Go Programming Language\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"gps on GitHub\" rel=\"nofollow\" href=\"https://github.com/sdboyer/gps\"\u003egps on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"glide on GitHub\" rel=\"nofollow\" href=\"https://github.com/Masterminds/glide\"\u003eglide on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Saga of Go Dependency Management\" rel=\"nofollow\" href=\"https://blog.gopheracademy.com/advent-2016/saga-go-dependency-management/\"\u003eThe Saga of Go Dependency Management\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Go Package Management Tools\" rel=\"nofollow\" href=\"https://github.com/golang/go/wiki/PackageManagementTools\"\u003eGo Package Management Tools\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"So you want to write a package manager\" rel=\"nofollow\" href=\"https://medium.com/@sdboyer/so-you-want-to-write-a-package-manager-4ae9c17d9527\"\u003eSo you want to write a package manager\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"gopkg.in\" rel=\"nofollow\" href=\"http://labix.org/gopkg.in\"\u003egopkg.in\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The New Era of Go Package Management\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=5LtMb090AZI\"\u003eThe New Era of Go Package Management\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Satisfiability - Wikipedia\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Satisfiability\"\u003eSatisfiability - Wikipedia\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"MiniSat\" rel=\"nofollow\" href=\"http://minisat.se/\"\u003eMiniSat\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Horn clauses\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Horn_clause\"\u003eHorn clauses\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"The Art of Computer Programming, Volume 4, Fascicle 6: Satisfiability\" rel=\"nofollow\" href=\"http://amzn.to/2yh7ckY\"\u003eThe Art of Computer Programming, Volume 4, Fascicle 6: Satisfiability\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Conflict-Driven Clause Learning\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Conflict-Driven_Clause_Learning\"\u003eConflict-Driven Clause Learning\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Backjumping\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Backjumping\"\u003eBackjumping\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Gophers on Slack\" rel=\"nofollow\" href=\"https://invite.slack.golangbridge.org/\"\u003eGophers on Slack\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sam on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/sdboyer\"\u003eSam on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Sam on GitHub\" rel=\"nofollow\" href=\"https://github.com/sdboyer\"\u003eSam on GitHub\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Wherein we discuss Go and Dep with Sam Boyer. We discuss how he led the improvements to package management for the Go ecosystem and went deep on satisfiability and how it relates to dependency resolution.","date_published":"2017-10-02T01:00:00.000+01:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/09b1672e-d238-4955-847b-084d98d93e95/c32d55cb-f5f8-4fa7-b1ff-318847b09d6a.mp3","mime_type":"audio/mpeg","size_in_bytes":24463645,"duration_in_seconds":3213}]},{"id":"7fd9da04-9edd-4e08-bbad-1783859940be","title":"Episode 3: Rubygems with André Arko","url":"https://manifest.fm/3","content_text":"Wherein we discuss Rubygems and Bundler with André Arko. We discuss how he became the lead maintainer of Rubygems and Bundler, and what lead him to set up Ruby Together.Special Guest: André Arko.Links:RubyGemsBundlerRubyGems on GitHubBundler on GitHubgeminstallerBundler 2.0 - Breaking ChangesRuby TogetherTrade associationRuby CentralOpenCollectiveUlysses pactContributing to BundlerFrom no OSS experience to the core team in 15 minutes a dayContributing to RubyGemsAndré's WebsiteAndré's TwitterAndré on GitHub","content_html":"\u003cp\u003eWherein we discuss Rubygems and Bundler with André Arko. We discuss how he became the lead maintainer of Rubygems and Bundler, and what lead him to set up Ruby Together.\u003c/p\u003e\u003cp\u003eSpecial Guest: André Arko.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"RubyGems\" rel=\"nofollow\" href=\"https://rubygems.org/\"\u003eRubyGems\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Bundler\" rel=\"nofollow\" href=\"http://bundler.io/\"\u003eBundler\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"RubyGems on GitHub\" rel=\"nofollow\" href=\"https://github.com/rubygems\"\u003eRubyGems on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Bundler on GitHub\" rel=\"nofollow\" href=\"https://github.com/bundler/bundler\"\u003eBundler on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"geminstaller\" rel=\"nofollow\" href=\"https://github.com/thewoolleyman/geminstaller\"\u003egeminstaller\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Bundler 2.0 - Breaking Changes\" rel=\"nofollow\" href=\"https://github.com/bundler/bundler/milestone/13?closed=1\"\u003eBundler 2.0 - Breaking Changes\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ruby Together\" rel=\"nofollow\" href=\"https://rubytogether.org/\"\u003eRuby Together\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Trade association\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Trade_association\"\u003eTrade association\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ruby Central\" rel=\"nofollow\" href=\"http://rubycentral.org/\"\u003eRuby Central\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"OpenCollective\" rel=\"nofollow\" href=\"https://opencollective.com/\"\u003eOpenCollective\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Ulysses pact\" rel=\"nofollow\" href=\"https://en.wikipedia.org/wiki/Ulysses_pact\"\u003eUlysses pact\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Contributing to Bundler\" rel=\"nofollow\" href=\"https://github.com/bundler/bundler/tree/master/doc/contributing\"\u003eContributing to Bundler\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"From no OSS experience to the core team in 15 minutes a day\" rel=\"nofollow\" href=\"https://www.youtube.com/watch?v=6jUe-9Y__KM\"\u003eFrom no OSS experience to the core team in 15 minutes a day\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Contributing to RubyGems\" rel=\"nofollow\" href=\"http://guides.rubygems.org/contributing/\"\u003eContributing to RubyGems\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"André\u0026#39;s Website\" rel=\"nofollow\" href=\"http://arko.net/\"\u003eAndré\u0026#39;s Website\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"André\u0026#39;s Twitter\" rel=\"nofollow\" href=\"https://twitter.com/indirect\"\u003eAndré\u0026#39;s Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"André on GitHub\" rel=\"nofollow\" href=\"https://github.com/indirect\"\u003eAndré on GitHub\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Wherein we discuss Rubygems and Bundler with André Arko. We discuss how he became the lead maintainer of Rubygems and Bundler, and what lead him to set up Ruby Together.","date_published":"2017-09-18T01:00:00.000+01:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/09b1672e-d238-4955-847b-084d98d93e95/7fd9da04-9edd-4e08-bbad-1783859940be.mp3","mime_type":"audio/mpeg","size_in_bytes":22566944,"duration_in_seconds":3296}]},{"id":"315bebdd-2c01-405d-bb81-2f0c7a2cba5e","title":"Episode 2: CocoaPods with Orta Therox","url":"https://manifest.fm/2","content_text":"Wherein we discuss CocoaPods, a package manager for macOS/iOS development, with lead maintainer Orta Therox. We discuss how he got started contributing to Cocoapods, the arrival of Swift Package Manager and Orta's latest project, Danger.Special Guest: Orta Therox.Links:CocoaPodsCocoaPods on GitHubEloy DuránCocoaDocsSwift Package ManagerCocoaPods AppReact NativeYarnDangerPerilDanger JS Contributing to CocoaPodsCocoaPods on TwitterOrta's WebsiteOrta's TwitterOrta on GitHub","content_html":"\u003cp\u003eWherein we discuss CocoaPods, a package manager for macOS/iOS development, with lead maintainer Orta Therox. We discuss how he got started contributing to Cocoapods, the arrival of Swift Package Manager and Orta\u0026#39;s latest project, Danger.\u003c/p\u003e\u003cp\u003eSpecial Guest: Orta Therox.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"CocoaPods\" rel=\"nofollow\" href=\"https://cocoapods.org/\"\u003eCocoaPods\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CocoaPods on GitHub\" rel=\"nofollow\" href=\"https://github.com/CocoaPods/\"\u003eCocoaPods on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Eloy Durán\" rel=\"nofollow\" href=\"https://github.com/alloy\"\u003eEloy Durán\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CocoaDocs\" rel=\"nofollow\" href=\"https://github.com/CocoaPods/cocoadocs.org\"\u003eCocoaDocs\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Swift Package Manager\" rel=\"nofollow\" href=\"https://github.com/apple/swift-package-manager\"\u003eSwift Package Manager\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CocoaPods App\" rel=\"nofollow\" href=\"https://cocoapods.org/app\"\u003eCocoaPods App\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"React Native\" rel=\"nofollow\" href=\"https://facebook.github.io/react-native/\"\u003eReact Native\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Yarn\" rel=\"nofollow\" href=\"https://yarnpkg.com/\"\u003eYarn\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Danger\" rel=\"nofollow\" href=\"http://danger.systems/\"\u003eDanger\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Peril\" rel=\"nofollow\" href=\"https://github.com/danger/peril\"\u003ePeril\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Danger JS \" rel=\"nofollow\" href=\"http://danger.systems/js/\"\u003eDanger JS \u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Contributing to CocoaPods\" rel=\"nofollow\" href=\"https://github.com/CocoaPods/CocoaPods/blob/master/CONTRIBUTING.md\"\u003eContributing to CocoaPods\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"CocoaPods on Twitter\" rel=\"nofollow\" href=\"https://twitter.com/cocoapods\"\u003eCocoaPods on Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Orta\u0026#39;s Website\" rel=\"nofollow\" href=\"http://orta.io/\"\u003eOrta\u0026#39;s Website\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Orta\u0026#39;s Twitter\" rel=\"nofollow\" href=\"https://twitter.com/orta\"\u003eOrta\u0026#39;s Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Orta on GitHub\" rel=\"nofollow\" href=\"https://github.com/orta\"\u003eOrta on GitHub\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Wherein we discuss CocoaPods, a package manager for macOS/iOS development, with lead maintainer Orta Therox. We discuss how he got started contributing to Cocoapods, the arrival of Swift Package Manager and Orta's latest project, Danger.","date_published":"2017-09-04T00:00:00.000+01:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/09b1672e-d238-4955-847b-084d98d93e95/315bebdd-2c01-405d-bb81-2f0c7a2cba5e.mp3","mime_type":"audio/mpeg","size_in_bytes":26844731,"duration_in_seconds":3229}]},{"id":"bbf3e56a-9358-44d8-848e-f69fbc1348a6","title":"Episode 1: Homebrew with Mike McQuaid","url":"https://manifest.fm/1","content_text":"Wherein we chat with Mike McQuaid, the lead maintainer of Homebrew. We discuss how he got started contributing to Homebrew, its differences from Macports, using GitHub as a database, patching upstream, and more.Special Guest: Mike McQuaid.Links:Homebrew websiteHomebrew on GitHubHomebrew Formula DocumentationMacPorts websiteMax HowellHomebrew TapsLinuxbrewilovezfs on GitHubHomebrew AnalyticsHomebrew Code of ConductProbot: StaleReproducible BuildsHomebrew BundleContributing to HomebrewMike's websiteMike's TwitterMike on GitHub","content_html":"\u003cp\u003eWherein we chat with Mike McQuaid, the lead maintainer of Homebrew. We discuss how he got started contributing to Homebrew, its differences from Macports, using GitHub as a database, patching upstream, and more.\u003c/p\u003e\u003cp\u003eSpecial Guest: Mike McQuaid.\u003c/p\u003e\u003cp\u003eLinks:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003ca title=\"Homebrew website\" rel=\"nofollow\" href=\"https://brew.sh/\"\u003eHomebrew website\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Homebrew on GitHub\" rel=\"nofollow\" href=\"https://github.com/Homebrew\"\u003eHomebrew on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Homebrew Formula Documentation\" rel=\"nofollow\" href=\"https://github.com/Homebrew/brew/blob/master/docs/Formula-Cookbook.md\"\u003eHomebrew Formula Documentation\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"MacPorts website\" rel=\"nofollow\" href=\"https://www.macports.org/\"\u003eMacPorts website\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Max Howell\" rel=\"nofollow\" href=\"http://mxcl.github.io/\"\u003eMax Howell\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Homebrew Taps\" rel=\"nofollow\" href=\"https://github.com/Homebrew/brew/blob/master/docs/How-to-Create-and-Maintain-a-Tap.md\"\u003eHomebrew Taps\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Linuxbrew\" rel=\"nofollow\" href=\"http://linuxbrew.sh/\"\u003eLinuxbrew\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"ilovezfs on GitHub\" rel=\"nofollow\" href=\"https://github.com/ilovezfs\"\u003eilovezfs on GitHub\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Homebrew Analytics\" rel=\"nofollow\" href=\"https://github.com/Homebrew/brew/blob/master/docs/Analytics.md\"\u003eHomebrew Analytics\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Homebrew Code of Conduct\" rel=\"nofollow\" href=\"https://github.com/Homebrew/brew/blob/master/CODEOFCONDUCT.md\"\u003eHomebrew Code of Conduct\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Probot: Stale\" rel=\"nofollow\" href=\"https://github.com/probot/stale\"\u003eProbot: Stale\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Reproducible Builds\" rel=\"nofollow\" href=\"https://reproducible-builds.org/\"\u003eReproducible Builds\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Homebrew Bundle\" rel=\"nofollow\" href=\"https://github.com/Homebrew/homebrew-bundle\"\u003eHomebrew Bundle\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Contributing to Homebrew\" rel=\"nofollow\" href=\"https://github.com/Homebrew/brew/blob/master/CONTRIBUTING.md\"\u003eContributing to Homebrew\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mike\u0026#39;s website\" rel=\"nofollow\" href=\"http://mikemcquaid.com/\"\u003eMike\u0026#39;s website\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mike\u0026#39;s Twitter\" rel=\"nofollow\" href=\"https://twitter.com/MikeMcQuaid\"\u003eMike\u0026#39;s Twitter\u003c/a\u003e\u003c/li\u003e\u003cli\u003e\u003ca title=\"Mike on GitHub\" rel=\"nofollow\" href=\"https://github.com/MikeMcQuaid\"\u003eMike on GitHub\u003c/a\u003e\u003c/li\u003e\u003c/ul\u003e","summary":"Wherein we chat with Mike McQuaid, the lead maintainer of Homebrew. We discuss how he got started contributing to Homebrew, its differences from Macports, using GitHub as a database, patching upstream, and more.","date_published":"2017-08-16T21:00:00.000+01:00","attachments":[{"url":"https://aphid.fireside.fm/d/1437767933/09b1672e-d238-4955-847b-084d98d93e95/bbf3e56a-9358-44d8-848e-f69fbc1348a6.mp3","mime_type":"audio/mpeg","size_in_bytes":31651101,"duration_in_seconds":3292}]}]}