What's in the SOSS? features the sharpest minds in security as they dig into the challenges and opportunities that create a recipe for success in making software more secure. Get a taste of all the ingredients that make up secure open source ...

<p>If you did a word cloud of this week’s podcast episode, the number one word would be PENULTIMATE. Because this week, we’re talking all about Season 2 Episode 9 — that’s right, it’s the penultimate episode of the season. For this momentous occasion, Ben and Adam are joined by Sydney Cole Alexander, who plays Natalie, conduit to the Board and conduit to our fan hotline. They discuss Natalie’s infamous smile, the different way she handles Milchick and Cobel, and how corporate “friendly feedback” can feel like getting stabbed in the heart. Plus, Sydney sticks around to give some Lumon-approved answers to your hotline questions.</p><p>To learn more about listener data and our privacy practices visit: <a href="https://www.audacyinc.com/privacy-policy">https://www.audacyinc.com/privacy-policy</a></p><p>Learn more about your ad choices. Visit <a href="https://podcastchoices.com/adchoices">https://podcastchoices.com/adchoices</a></p>

<p>For Season 2 Episode 8 of Severance, it’s the Harmony Cobel Show. And there’s no one better to break it down with Ben and Adam than Cobel herself — Patricia Arquette! They talk all about how she built Cobel’s backstory and how Newfoundland became the perfect Salt’s Neck. Then, Ben and Adam are joined by Severance superfan Jimmy Kimmel to answer some of the your burning hotline questions, including: would you rather be a fetid moppet or a shambolic rube?</p><p>To learn more about listener data and our privacy practices visit: <a href="https://www.audacyinc.com/privacy-policy">https://www.audacyinc.com/privacy-policy</a></p><p>Learn more about your ad choices. Visit <a href="https://podcastchoices.com/adchoices">https://podcastchoices.com/adchoices</a></p>

<p>This week, it’s finally time to take the elevator down to the testing floor. To break down all the revelations in Season 2 Episode 7, Ben and Adam are joined by Dichen Lachman, who plays Gemma / Ms. Casey. She shares what it was like filming in a brand new location with a new cast of characters, how she and Adam built out the relationship between Gemma and Mark, and the origin story of Ms. Casey’s iconic wig. Then, Ben sits down with Jessica Lee Gagné, Severance’s main cinematographer and director of the episode, to talk about why she chose this episode as her directorial debut. Plus: why you should never offer up your own house as a filming location.</p><p>To learn more about listener data and our privacy practices visit: <a href="https://www.audacyinc.com/privacy-policy">https://www.audacyinc.com/privacy-policy</a></p><p>Learn more about your ad choices. Visit <a href="https://podcastchoices.com/adchoices">https://podcastchoices.com/adchoices</a></p>

Visit https://cupogo.dev/ for store links, past episodes including transcripts, and more!Correction: Yoke _is_ a Helm replacementYour code deserves better: give it a linter! - talk in the Czech Repulic soonAccepted: waitgroup.Go Leak and Seek: A Go Runtime Mysterygo-yaml goes...

Aaron Frost explores the overly complex world of vulnerability identifiers for end of life software. We discuss how incomplete CVE reporting creates blind spots for users while arming attackers with knowledge. The conversation uncovers the ethical tensions between resource constraints and security transparency, highlighting why the "vulnerable until proven otherwise" approach is the best path forward for end of life software. The show notes and blog post for this episode can be found at

Ben Sigelman is the Co-Founder & CEO of observability platform Lightstep as well as Co-Creator of open source observability frameworks OpenTracing and OpenTelemetry. Lightstep was acquired by ServiceNow in 2021 and OpenTelemetry was released in 2019 and has since become the standard observability framework. In this episode, we dig into:The founding story for Lightstep - including the initial pivot into the ideaThe benefits Lightstep got from open sourcing OpenTracing The OpenTracing and OpenCensus merger into OpenTelemetryWhy OpenTelemetry has been so widely adopted Ben's perspective on the many companies building with OpenTelemetry todayHow their team made the decision to take the ServiceNow acquisition Company building learnings around team building (& more!)

Richard Moot joins us to discuss Changelog helping Square launch a developer pod and the excitement around MCP (Model Context Protocol) servers. What might it foretell about the future of human/robot relations?

<p>Legendary actor Christopher Walken, who plays Burt, is on the podcast this week to nerd out about acting with Ben and help break down Season 2 Episode 6. He reflects on the unique energy between him and John Turturro, playing two different sides of Burt, and why Bugs Bunny might be the greatest actor of all time. Then, Ben and Adam discuss the rest of the episode and the relationships growing both inside and outside of Lumon. But wait — there’s even more! The guys also talk with Sarah Bock, who plays Ms. Huang, about how scary Ms. Huang can be and what the first year of college has been like for Sarah.</p><p>To learn more about listener data and our privacy practices visit: <a href="https://www.audacyinc.com/privacy-policy">https://www.audacyinc.com/privacy-policy</a></p><p>Learn more about your ad choices. Visit <a href="https://podcastchoices.com/adchoices">https://podcastchoices.com/adchoices</a></p>

In this episode, Gary Kramlich, the lead developer of Pidgin discusses the challenges and strategies of maintaining a 26-year-old open source messaging client.Gary tell us all about how a small team manages technical debt, handles library dependencies, and makes decisions about rewrites versus incremental improvements while supporting a broader open source ecosystem. The accompaning blog can be found at

Stephan Ewen, Founder and CEO of Restate.dev joins the show to talk about the coming era of resilient apps, the meaning of and what it takes to achieve idempotency, this world of stateful durable execution functions, and when it makes sense to reach for this tech.

<p>This week, Ben and Adam welcome Michael Chernus — who plays Ricken Hale, the visionary author of “The You You Are” — to help unpack Season 2 Episode 5. And while you might expect Ricken to host a podcast of his own, Michael reveals that Ricken is actually post-podcast, so today’s episode is a really big deal. Together, they discuss Ricken’s writing, his relationship with Devon, and the actorly impulse to be liked. Then, Ben and Adam break down the rest of the episode and the challenges of crafting this soft-reset for the MDR team.</p><p>To learn more about listener data and our privacy practices visit: <a href="https://www.audacyinc.com/privacy-policy">https://www.audacyinc.com/privacy-policy</a></p><p>Learn more about your ad choices. Visit <a href="https://podcastchoices.com/adchoices">https://podcastchoices.com/adchoices</a></p>

<p>For Season 2 Episode 4, Ben and Adam are joined by <em>Severance’s</em> Emmy-winning composer, Theodore Shapiro — or, Teddy Shaps, as his friends call him. He pulls back the curtain on his long-standing collaboration with Ben Stiller, going all the way back to 2004’s Dodgeball; the four chords that unlocked <em>Severance’s</em> ear-worm of a main theme; and the world of Kier folk tunes he discovered while scoring this episode. Then, Ben and Adam talk about filming this monumental episode where the Outties go out-f***ing-side.</p><p>To learn more about listener data and our privacy practices visit: <a href="https://www.audacyinc.com/privacy-policy">https://www.audacyinc.com/privacy-policy</a></p><p>Learn more about your ad choices. Visit <a href="https://podcastchoices.com/adchoices">https://podcastchoices.com/adchoices</a></p>

François Proulx, a supply chain security researcher at Boost Security, discusses how continuous integration (CI) and build pipeline security represents a critical and overlooked hole in our supply chain security. It seems like most supply chain compromises are actually from CI system breaches rather than direct code compromise, yet we seem to obsess over everything on either side of the CI system. François has a bunch of really good practical suggestions for how we can start to improve our CI security today. &nbsp; The blog post for this episode can be found at

Sean shares his work with the CHAOSS Project, exploring open-source sustainability, leadership, metrics, and his academic journey.

🛡️ Go 1.24.2 and Go 1.23.8 are releasedAccepted: structured output for test attributesInterview with Daniel Nephin in Episode 5Meetups🇬🇧 Birmingham, UK, April 17🇬🇧 Manchester Gophers new web site🇺🇸 Go Meetup w/ Shy @ San Francisco, May 28🫚 Go Blog: Traversal-resistant file APIs by Damien Neil🇬🇧...