IndieWeb post types
This content type is full of IndieWeb post types, which are all content types which allow me to take greater ownership of my own data. These are likely unrelated to my blog posts. You can find a better breakdown by actual post kind below:
Post details
#Hashicorp sending their lawyers on #OpenTofu feels like the last chapter of what was once a great open source company. Oh well, the claims look baseless, and like pretty much any move Hahicorp made this past year, this will only hurt themselves. https://www.linkedin.com/posts/opentofuorg_opentofu-project-was-recently-made-aware-activity-7182147077496344576-jsDQ
Post details
This week, I had a dilemma: should I prioritize the episode where I spoke with one of the MariaDB co-founders, in which we discuss setting up a foundation as a way to ensure that the project continues to be open source in the future, no matter what (relevant given the Redis announcement); or...

Between and I took 7173 steps.
Between and I took 4527 steps.
Post details
The Oxide Friends talk about about cultural idiosyncrasies--turns out we have a lot of them at Oxide! Some might even sound good enough for you to try out! Demo Fridays, morning water-cooler, no-meet Wednesdays, recorded meetings, dog-pile debugging (aka CSPAN for debugging), RFDs (requests for...

Post details
Post details
The fascinating Xz backdoor; a looming AI crisis in peer-review; and news around the infamous Lena image. That's all on this week's episode.

Post details
Content warning: transpohbia, dhh (the rails dude)
Post details
Content warning: dhh and transphobia
Post details
Dan Lorenc, co-founder and CEO of Chainguard, joins Dennis Fisher to dig into the recent XZ Utils backdoor incident, the implications for the open source ecosystem, and what can be done to avoid similar incidents in the future. Then they discuss the problems facing NIST’s National Vulnerability Database and the CVE ecosystem.

Post details
“trans people don't want equality, they want special treatmen-” Special treatment would be if LGBTQ+ people didn't have to pay taxes. You know, like churches. :trantifa:
Post details
How about a Hey Friends! T-shirt!? ALL proceeds go to charity https://www.bonfire.com/hey-friends/
Post details
I have a lot more to say, but I'll hold it for now and simply wonder aloud... Which BigTech clouds are the "Lavender" & "Where's Daddy?" AI systems running on? What APIs are they using? Which libraries are they calling? What work did my former colleagues, did I, did *you* contribute to that may now be enabling this automated slaughter? (Also, content warning. This is some of the sickest shit I've ever read.) https://www.972mag.com/lavender-ai-israeli-army-gaza/
Between and I took 2837 steps.
Post details
Attached: 1 image #rustlang #xz #supplychain

Post details
get into computers, they told me when i was a kid, you'll have fun and possibly a rewarding career! reality: my computers have been interdicted by intelligence agencies to install god knows what on them before i receive them, presumably in the hope of extricating my signing keys, i have to deal with something called "docker", and another thing called "kubernetes", there is a whole profession called DevOops and i have to deal with entitled pricks who say my projects are "dead" because i did not review their error-ridden patches fast enough for their liking
Post details
I love people who say “what is missing from society is support for opposing and dissenting points of view.” I then ask them, “did you schedule your pro-cancer rally this year?” Yeah! Go cancer! Those cells have every right to be unique and different and thrive! 🎉
Post details
Your belated reminder, in the aftermath of the xz backdoor, that open source maintainers still owe you nothing: https://mikemcquaid.com/open-source-maintainers-owe-you-nothing/ Not only do they owe you nothing but: if they are running a large open source project at scale and have been doing so for a while: in almost every case they know vastly more about doing so than almost anyone else in the world does. Open source users and contributors: show some more gratitude and, frankly, deference to the maintainers who keep OSS alive.
Post details
accidentally wrote "saad" instead of "saas" in a text to my partner; they immediately coined "Software as a Disappointment" and honestly, where is the lie
Post details
@shanselman I think my biggest concern now is 'code review now comes with a rousing game of Among Us', but I'm still weighing that concern in a larger context.
Post details
Ten years ago today, a new app arrived to strip the "media" out of social media, reducing messaging to two little letters. It burned bright, but not for long.

Post details
... next month... Me: "Dear maintainer, can you please bump package XY?" Maintainer: ...furiously starts looking into the git diff looking for a backdoor.
Hmm, will have a think about it - this may come down to a bit of verbosity and explicit checking in Go. I think I'd prefer to see it be more explicit when constructing the entity in terms of what happens when it's set, but I get your point
There's .Get
or .MustGet
(not ideal outside of tests or CLIs) that you can use to work out whether the value is there, but given you may want to check IsSpecified
and IsNull
, that's why there's no way to get it back as a pointer
That library doesn't handle "field not set" vs "field explicitly set to null" - https://github.com/guregu/null/issues/39#issuecomment-1895386392
You may want to give https://github.com/oapi-codegen/nullable a go for this instead - we wrote it because /none/ of the options out there worked for all the cases you need to handle - more info at https://www.jvt.me/posts/2024/01/09/go-json-nullable/
Post details
Post details
Q1 2024 is officially behind us. So we figured that it was a great time for a bit of reflection on the exciting start to the year. In this episode, we sit down with our founders, Stephen, Chris, and Pete, to get a bit of perspective on how the last three months played out. We chat about On-call, our AI launch, and the hundreds of other features, bug fixes, and bits of polish and delight that we've shipped over the last 12 weeks. We also chat about the state of the company as a whole, our growth, and ultimately what's on the horizon.

Post details
I recently went through a job search, and I thought it would be good to do a mini retrospective on the whole experience. Overall, it was a better candidate experience than the last time I interviewed so I want to believe that the industry is making progress.
I may be attending
.Post details
Robin Guldener from Nango talks to Mike about building an open, unified API, the value of building on top of Open Source products, and building a growing product team on this episode of the podcast.

Post details
Josh and Kurt talk about the recent events around XZ. It’s only been a few days, and it’s amazing what we already know. We explain a lot of the basics we currently know with the attitude much of these …
Between and I took 3457 steps.
Post details
Enhance and enrich your OpenAPI descriptions without creating conflicts in the source code using filters and overlays.
Between and I took 6942 steps.
Post details
Which is smarter: specializing in a particular tech or becoming more of a generalist? It depends! Which is why Jerod invited “undercover generalist” Adolfo Ochagavía on our “It Depends” series to weigh the pros & cons of each path.

Post details
Just did a task that was open since Feb. 20th that will unblock six teammates doing full-time work starting this week. It took 5 minutes 35 seconds to finish. I will, again, learn nothing from this.
Post details
Attached: 1 image One of my friends from $BIRBSITE posted this and I am dyingggggggg

Post details
Content warning: my take on the xz backdoor
Post details
Attached: 1 image When you realise that people have been *planning* shitty jokes like this just for one day, for the likes

Post details
Corollary: Your adversaries' SBOMs and dependency graphs *for your infrastructure* are better than yours.
Post details
That sound you hear is a flurry of people asking ChatGPT to write a business plan to monetize the XZ incident.
Post details
I really can only shitpost about the #xv debacle because the whole thing just makes me tired and sad. Anyone paying even a tiny bit of attention to the conversation about open source sustainability could have told you this was inevitable. And now we're watching people blame a volunteer trying to step back, and rehashing all the same old tired arguments we've been having literally for decades. It's just so tired and predicable and boring and sad.
Post details
so do alice and bob ever fuck or like what
Post details
My favorite Ren Faire story: I knew a guy who kept a Starfleet insignia pinned to the inside of his garb. A few times per season, some folks would come to the Faire cosplaying as a Star Trek landing party, investigating a “primitive” world. He would take them aside, show his insignia, and identify himself as a Starfleet officer on a cultural research mission. He’d call them out for breaking the Prime Directive and ruining his research. Then he’d demand to know what ship they’re from, and threaten to get them court martialed if they didn’t change into something less conspicuous.
Post details
tech companies donate their april fools’ day joke budget to open source maintainers challenge 2024
Post details
Polite reminder about the Jia Tan XZ hack: if an organization is so well run and well funded that it's able to play that long a game to that degree of depth and sophistication, that organization does not have all its eggs in one basket.