Gotcha: docker inspect
can lie about the architecture of an image (3 mins read).
How incorrectly wiring up your Docker multi-platform builds may lead to docker inspect
lying about the architecture of said image.
Hi, I'm Jamie Tanna (he/him/his), and I'm currently a Senior Software Engineer at Elastic.
I currently live in Nottingham with my partner Anna Dodson and our cat Morph and our puppy Cookie.
I use my site as a method of blogging about my learnings, as well as sharing information about projects I have previously, or are currently, working on in my spare time.
I'm an maintainer for a number of Open Source projects, including oapi-codegen, and my most recent passion project, dependency-management-data (DMD) and the SAAS platform behind it, deps.fyi.
I'm a GNU/Linux user, a big advocate for the Free Software Movement, and the IndieWeb movement and I try to self host my own services where possible, instead of relying on other providers.
I have ADHD (Inattentive Type) and am learning how to make my life work better around it.
Drop me an email at hi@jamietanna.co.uk, or using any of the other social links below.
Gotcha: docker inspect
can lie about the architecture of an image (3 mins read).
How incorrectly wiring up your Docker multi-platform builds may lead to docker inspect
lying about the architecture of said image.
Guy Podjarny is the Founder of Snyk, the developer-first security platform that helps companies find and fix vulnerabilities in their code, open source dependencies, containers, and infrastructure as code. Snyk has raised $1.2B from investors including Boldstart, Accel, Tiger Global, and Addition. In this episode, we dig into selling security products to developers, the pros and cons of being open source (Snyk is not!), Snyk's fundraising journey and challenges early on, how Snyk has evolved over the years, the decision to bring in an outside CEO & more!
Rendering diffs for Go's testable examples (3 mins read).
A somewhat hacky solution for providing rich diffs for expected-vs-actual comparisons for testable examples in Go.
Calling the United States a developed nation seems increasingly inappropriate
Paul Copplestone is Co-Founder & CEO of Supabase the open source Backend-as-a-Service company that provides storage, authentication, edge functions, and a postgres database to users. Supabase's project, also called supabase, has 36K stars on GitHub and is positioned as the "open source Firebase alternative". Supabase has raised $116M from investors including Coatue, Felicis, and YC. In this episode, we discuss positioning as an open source alternative to "x", the benefits of going through YC as an open source company, how to judge open source momentum, learnings for other early open source founders, and more!
Lessons from 100+ DevTool founders - DevTools successes, failures and stories in a free weekly email and podcast.
I chat with Alan Pope about the open source security tools Syft, Grype, and Grant. These tools help create Software Bills of Materials (SBOMs) and scan for vulnerabilities. Learn why generating and storing SBOMs is crucial for understanding your software supply chain and quickly responding to new threats like Log4Shell. The show notes and blog post for this episode can be found at
<p>The second season may be over, but the Severance Podcast is back with an extra special bonus episode, where Ben and Adam look at all of season 2 with some incredible guests. First, they welcome back everyone’s favorite brain-in-a-jar, Severance creator Dan Erickson, to answer your hotline questions and uncover the origin story behind how his brain got in a jar. Then, Ben and Adam are joined by the hosts of the podcast We Know Severance (Josh Wigler, Dr. Melissa Woodward, Dr. Amanda Rabinowitz) to talk about the real-world science of Severance — and two of the hosts are literal doctors, so they know what they’re talking about. Finally, Grammy-winning artist SZA comes on the pod to share how Severance has impacted her life and meditate on one of the central themes of the show: who are you?</p><p>To learn more about listener data and our privacy practices visit: <a href="https://www.audacyinc.com/privacy-policy">https://www.audacyinc.com/privacy-policy</a></p><p>Learn more about your ad choices. Visit <a href="https://podcastchoices.com/adchoices">https://podcastchoices.com/adchoices</a></p>
+alt because this is A M A Z I N G [contains quote post or other embedded content]
Week Notes 25#15 (3 mins read).
What happened in the week of 2025-04-14?
In July of 2020, Joran Dirk Greef stumbled into a fundamental limitation in the general-purpose database design for transaction processing. This sent him on a path that ended with TigerBeetle, a redesigned distributed database for financial transactions that yielded three orders of magnitude faster OLTP performance ove...
I’ve been working for over 20 years in the field of “developer experience,” where we help developers be more effective, efficient, and happy, by improving tools, systems, and processes. I have been intimately involved in designing key aspects of the developer experience at Google and LinkedIn, have been very involved with the research community in this space, and I’m constantly in touch with developer experience leaders at every major tech company. I’d like to spell out for you the fundamental principles of what makes a great developer experience—the most important things to understand in the space. I’m only going to
Nick Nisi joins us to confess his AI subscription glut, drool over some cool new hardware gadgets, discuss why the TypeScript team chose Go for their new compiler, opine on the React team's complicated relationship with Vercel, suggest people try Astro, update us on his browser habits, and more.
Authoring Markdown externally and pasting the 'pretty' output into Slack (on Linux) (3 mins read).
How to use xclip
to copy the rendered representation of Markdown into a rich-text form into Slack.
Dave Anderson, formerly Tech Director at Amazon, shares an inside look at Amazon's engineering culture—from hiring and promotions to team autonomy and extreme frugality.
If you believed, they put a data center on the moon. No, for real, they did, and it’s partially thanks to Lili Rogowsky, partner at Atypical Ventures. Lili joins Corey to discuss her unconventional leap from law to venture capital. Although she made a sharp turn career-wise, Lili remains grounded...
Things I've learned about building + delivering software for other engineers while working in Engineering Productivity (17 mins read).
13 lessons I've learned about building software for (internal teams of) software engineers.
and embark on a thought experiment to discuss how a commercial entity would handle something like the xz incident. It was very specific and difficult to understand. It's easy to claim just because source code being available doesn't matter. But the reality is when source code is needed, it can make a huge difference for everyone working together, just like we saw with xz. Show Notes
and talk to Brian Fox from Sonatype and Donald Fischer from Tidelift about their recent reports as well as open source. There are really interesting connections between the two reports. The overall theme seems to be open source is huge, everywhere, and needs help. But all is no lost! There's some great ideas on what the future needs to look like. Show Notes
Anthony Eden, Founder & CEO of DNSimple, joins the show to talk about the world of managed hosting for DNS and more.
Idk who needs to hear this but tech workers who have to have high salaries are still working class and should act (and be treated) accordingly. Tech workers have much more in common with miners and factory workers and secretaries and baristas than with management and executives.
What's in the SOSS? features the sharpest minds in security as they dig into the challenges and opportunities that create a recipe for success in making software more secure. Get a taste of all the ingredients that make up secure open source ...
<p>If you did a word cloud of this week’s podcast episode, the number one word would be PENULTIMATE. Because this week, we’re talking all about Season 2 Episode 9 — that’s right, it’s the penultimate episode of the season. For this momentous occasion, Ben and Adam are joined by Sydney Cole Alexander, who plays Natalie, conduit to the Board and conduit to our fan hotline. They discuss Natalie’s infamous smile, the different way she handles Milchick and Cobel, and how corporate “friendly feedback” can feel like getting stabbed in the heart. Plus, Sydney sticks around to give some Lumon-approved answers to your hotline questions.</p><p>To learn more about listener data and our privacy practices visit: <a href="https://www.audacyinc.com/privacy-policy">https://www.audacyinc.com/privacy-policy</a></p><p>Learn more about your ad choices. Visit <a href="https://podcastchoices.com/adchoices">https://podcastchoices.com/adchoices</a></p>
<p>For Season 2 Episode 8 of Severance, it’s the Harmony Cobel Show. And there’s no one better to break it down with Ben and Adam than Cobel herself — Patricia Arquette! They talk all about how she built Cobel’s backstory and how Newfoundland became the perfect Salt’s Neck. Then, Ben and Adam are joined by Severance superfan Jimmy Kimmel to answer some of the your burning hotline questions, including: would you rather be a fetid moppet or a shambolic rube?</p><p>To learn more about listener data and our privacy practices visit: <a href="https://www.audacyinc.com/privacy-policy">https://www.audacyinc.com/privacy-policy</a></p><p>Learn more about your ad choices. Visit <a href="https://podcastchoices.com/adchoices">https://podcastchoices.com/adchoices</a></p>
Stop making those little AI image generator memes of yourself as a Barbie or a Ghibli character you are enriching evil companies and destroying the planet and this is like one of the easiest things you can just not do
Reddit commenters are shocked and appalled that 4chan's tech stack was out of date. Buddy do I have news for you about basically everywhere else
<p>This week, it’s finally time to take the elevator down to the testing floor. To break down all the revelations in Season 2 Episode 7, Ben and Adam are joined by Dichen Lachman, who plays Gemma / Ms. Casey. She shares what it was like filming in a brand new location with a new cast of characters, how she and Adam built out the relationship between Gemma and Mark, and the origin story of Ms. Casey’s iconic wig. Then, Ben sits down with Jessica Lee Gagné, Severance’s main cinematographer and director of the episode, to talk about why she chose this episode as her directorial debut. Plus: why you should never offer up your own house as a filming location.</p><p>To learn more about listener data and our privacy practices visit: <a href="https://www.audacyinc.com/privacy-policy">https://www.audacyinc.com/privacy-policy</a></p><p>Learn more about your ad choices. Visit <a href="https://podcastchoices.com/adchoices">https://podcastchoices.com/adchoices</a></p>
Visit https://cupogo.dev/ for store links, past episodes including transcripts, and more!Correction: Yoke _is_ a Helm replacementYour code deserves better: give it a linter! - talk in the Czech Repulic soonAccepted: waitgroup.Go Leak and Seek: A Go Runtime Mysterygo-yaml goes...
Aaron Frost explores the overly complex world of vulnerability identifiers for end of life software. We discuss how incomplete CVE reporting creates blind spots for users while arming attackers with knowledge. The conversation uncovers the ethical tensions between resource constraints and security transparency, highlighting why the "vulnerable until proven otherwise" approach is the best path forward for end of life software. The show notes and blog post for this episode can be found at
Week Notes 25#14 (3 mins read).
What happened in the week of 2025-04-07?
Ben Sigelman is the Co-Founder & CEO of observability platform Lightstep as well as Co-Creator of open source observability frameworks OpenTracing and OpenTelemetry. Lightstep was acquired by ServiceNow in 2021 and OpenTelemetry was released in 2019 and has since become the standard observability framework. In this episode, we dig into:The founding story for Lightstep - including the initial pivot into the ideaThe benefits Lightstep got from open sourcing OpenTracing The OpenTracing and OpenCensus merger into OpenTelemetryWhy OpenTelemetry has been so widely adopted Ben's perspective on the many companies building with OpenTelemetry todayHow their team made the decision to take the ServiceNow acquisition Company building learnings around team building (& more!)
Richard Moot joins us to discuss Changelog helping Square launch a developer pod and the excitement around MCP (Model Context Protocol) servers. What might it foretell about the future of human/robot relations?
<p>Legendary actor Christopher Walken, who plays Burt, is on the podcast this week to nerd out about acting with Ben and help break down Season 2 Episode 6. He reflects on the unique energy between him and John Turturro, playing two different sides of Burt, and why Bugs Bunny might be the greatest actor of all time. Then, Ben and Adam discuss the rest of the episode and the relationships growing both inside and outside of Lumon. But wait — there’s even more! The guys also talk with Sarah Bock, who plays Ms. Huang, about how scary Ms. Huang can be and what the first year of college has been like for Sarah.</p><p>To learn more about listener data and our privacy practices visit: <a href="https://www.audacyinc.com/privacy-policy">https://www.audacyinc.com/privacy-policy</a></p><p>Learn more about your ad choices. Visit <a href="https://podcastchoices.com/adchoices">https://podcastchoices.com/adchoices</a></p>
Properly patching packages: persistently producing patches for published projects, particularly practically prevented by patch-package
policy (10 mins read).
How to use patch-package
to modify NPM dependencies, for instance when you're distributing an executable and you want to patch something you rely upon, without relying upon postinstall
scripts.
In this episode, Gary Kramlich, the lead developer of Pidgin discusses the challenges and strategies of maintaining a 26-year-old open source messaging client.Gary tell us all about how a small team manages technical debt, handles library dependencies, and makes decisions about rewrites versus incremental improvements while supporting a broader open source ecosystem. The accompaning blog can be found at
Stephan Ewen, Founder and CEO of Restate.dev joins the show to talk about the coming era of resilient apps, the meaning of and what it takes to achieve idempotency, this world of stateful durable execution functions, and when it makes sense to reach for this tech.
<p>This week, Ben and Adam welcome Michael Chernus — who plays Ricken Hale, the visionary author of “The You You Are” — to help unpack Season 2 Episode 5. And while you might expect Ricken to host a podcast of his own, Michael reveals that Ricken is actually post-podcast, so today’s episode is a really big deal. Together, they discuss Ricken’s writing, his relationship with Devon, and the actorly impulse to be liked. Then, Ben and Adam break down the rest of the episode and the challenges of crafting this soft-reset for the MDR team.</p><p>To learn more about listener data and our privacy practices visit: <a href="https://www.audacyinc.com/privacy-policy">https://www.audacyinc.com/privacy-policy</a></p><p>Learn more about your ad choices. Visit <a href="https://podcastchoices.com/adchoices">https://podcastchoices.com/adchoices</a></p>
<p>For Season 2 Episode 4, Ben and Adam are joined by <em>Severance’s</em> Emmy-winning composer, Theodore Shapiro — or, Teddy Shaps, as his friends call him. He pulls back the curtain on his long-standing collaboration with Ben Stiller, going all the way back to 2004’s Dodgeball; the four chords that unlocked <em>Severance’s</em> ear-worm of a main theme; and the world of Kier folk tunes he discovered while scoring this episode. Then, Ben and Adam talk about filming this monumental episode where the Outties go out-f***ing-side.</p><p>To learn more about listener data and our privacy practices visit: <a href="https://www.audacyinc.com/privacy-policy">https://www.audacyinc.com/privacy-policy</a></p><p>Learn more about your ad choices. Visit <a href="https://podcastchoices.com/adchoices">https://podcastchoices.com/adchoices</a></p>
François Proulx, a supply chain security researcher at Boost Security, discusses how continuous integration (CI) and build pipeline security represents a critical and overlooked hole in our supply chain security. It seems like most supply chain compromises are actually from CI system breaches rather than direct code compromise, yet we seem to obsess over everything on either side of the CI system. François has a bunch of really good practical suggestions for how we can start to improve our CI security today. The blog post for this episode can be found at
Sean shares his work with the CHAOSS Project, exploring open-source sustainability, leadership, metrics, and his academic journey.
You're currently viewing page 1 of 158, of 7878 posts.