Open Source Icon

Open Source

All things open source.
222 Stories
All Topics

Ship It! Ship It! #9

What is good release engineering?

This week we talk with Jean-Sébastien Pedron, RabbitMQ and FreeBSD contributor, about the importance of good release engineering for core infrastructure. Both Jean-Sébastien and I have been part of the Core RabbitMQ team for many years now. We have built some of the biggest CI/CD pipelines (check the show notes for one example), wrote and shipped some great code together, while breaking and fixing many things in the process.

We have been wrestling with today’s topic since 2016. Jean-Sébastien has some great FreeBSD stories to share, as well as an interesting perspective on shipping graphic card drivers. Oh, and by the way, it’s probably our fault why your remote car key stopped working that afternoon. It will all make sense after you listen to this episode.

The Changelog The Changelog #448

Massive scale and ultra-resilience

This week we’re sharing a recent episode from Founders Talk that we continuously hear about from listeners. Listen and subscribe to Founders Talk at founderstalk.fm and anywhere you listen to podcasts.

On Founders Talk #75 — Adam talks with Spencer Kimball, CEO and Co-founder of Cockroach Labs — makers of CockroachDB an open source cloud-native distributed SQL database. Cockroach Labs recently raised $160 million dollars on a $2 billion dollar valuation. In this episode, Spencer shares his journey in open source, startups and entrepreneurship, and what they’re doing to build CockroachCloud to meet the needs of applications that require massive scale and ultra-resilience.

Music tenacityaudio.org

Tenacity – a FLOSS fork of Audacity

Tenacity is an easy-to-use, cross-platform multi-track audio editor/recorder for Windows, MacOS, GNU/Linux and other operating systems and is developed by a group of volunteers as open source software.

Sound familiar? Maybe because it’s a fork of the historically awesome Audacity project that promises:

no telemetry, crash reports and other shenanigans like that!

Not ringing any bells? Check out Audacity’s privacy policy changes, new CLA, and data collection attempts.

Security github.com

Security health metrics for open source projects

This project is a formalized list of checks that can be run against an open source codebase and a Go-based tool to run those checks and provide a report on the project’s health. Here are a few of the checks it runs, to get an idea of what it’s all about:

  • Does the project use fuzzing tools, e.g. OSS-Fuzz?
  • Does the project cryptographically sign releases?
  • Does the project contain a security policy?

The Changelog The Changelog #445

Funds for open source

This week we’re talking with Pia Mancini about the latest updates to the mission of Open Collective. Earlier this year Open Collective announced “Funds for Open Source.” The idea is simple, make it easy for companies to invest in open source, and they will. Also, since recording this episode, Pia and the team at Open Collective along with Gitcoin announced fundoss.org as part of Maintainer Week announcements. And right now, they have a matching fund of $75,000 dollars funding open source that you can support.

The Changelog The Changelog #444

Every commit is a gift

Maintainer Week is finally here and we’re excited to make this an annual thing! If Maintainer Week is new to you, check out episode #442 with Josh Simmons and Kara Sowles.

Today we’re talking Brett Cannon. Brett is Dev Manager of the Python Extension for VS Code, Python Steering Council Member, and core team member for Python. He recently shared a blog post The social contract of open source, so we invited Brett to join us for Maintainer Week to discuss this topic in detail.

Thank a maintainer on us! We’re printing a limited run t-shirt that’s free for maintainers, and all you gotta do is thank them, today!

The Changelog The Changelog #443

Exploring Deno Land 🦕

This week we’re joined by Ryan Dahl, Node.js creator, and now the creator of Deno - a simple, modern and secure runtime for JavaScript and TypeScript that uses V8 and is built in Rust.

We talk with Ryan about the massive success of Node and how it impacted his life, and how he eventually created Deno and what he’s doing differently this time around. We also talk about The Deno Company and what’s in store for Deno Deploy.

The Changelog The Changelog #442

Maintainer week!

This week is all about Maintainer Week — it’s a week long event starting June 7th for open source maintainers to gather, share, and be celebrated. We’re joined by Josh Simmons (Ecosystem Strategy Lead at Tidelift & President of Open Source Initiative) and Kara Sowles (Senior Open Source Program Manager at GitHub). Of course we love open source maintainers, that’s why we’re so excited about Maintainer Week and making it an annual thing. Today we talk through all the details of this event, what we can expect for this year and the years to come.

Data visualization schleiss.io

Plotting the source code "TODO" history of the most popular open source projects

It’s fun seeing the proliferation of TODO comments over time on these bastions of open source. One not-surprising (but still unfortunate) trend: they all pretty much move up and to the right 📈, but a few have had some dramatic reversals 📉 at certain points in time. Go had a crazy month in April 2018 & TypeScript’s TODOs exploded in the Spring of 2018.

The Changelog The Changelog #440

Open source goes to Mars 🚀

This week we’re talking about open source on Mars. Martin Woodward (Senior Director of Developer Relations at GitHub) joins us to talk about the new Mars badge GitHub introduced. This collaboration between GitHub and NASA confirmed nearly 12,000 people contributed code, documentation, graphic design, and more to the open source software that made Ingenuity’s launch possible. Today’s show is a celebration of this human achievement and the impact of open source on space exploration as we know it.

Brett Cannon snarky.ca

The social contract of open source

Brett Cannon, who is a Python core developer (and a tall, snarky Canadian):

I felt it was time to do another blog post to directly address the issue of entitlement by some open source users which is hurting open source, both for themselves and for others. I want to get the point across that open source maintainers owe you quite literally nothing when it comes to their open source code, and treating them poorly is unethical. And to me, this is the underlying social contract of open source. (emphasis added)

You should read the entire post, especially if you want to learn which programming language (having nothing to do with snakes) that has Brett’s attention. But I’d be remiss not to pull quote this gift of a pull quote from the end:

Every commit of open source code should be viewed as an independent gift from the maintainer that they happened to leave on their front yard for others to enjoy if they so desire; treating them as a means to and for their open source code is unethical.

Raj Dutt grafana.com

Grafana, Loki, and Tempo will be relicensed to AGPLv3

Raj Dutt, CEO and co-founder of Grafana Labs:

Our company has always tried to balance the “value creation” of open source and community with the “value capture” of our monetization strategy. The choice of license is a key pillar of this strategy, and is something that we’ve deliberated on extensively since the company began.

Over the last few years, we’ve watched closely as almost every at-scale open source company that we admire (such as Elastic, Redis Labs, MongoDB, Timescale, Cockroach Labs, and many others) has evolved their license regime. In almost all of these cases, the result has been a move to a non-OSI-approved source-available license.

We have spent the first months of 2021 having sometimes contentious but always healthy internal debates over this topic, and today we are announcing a change of our own.

They’re switching to AGPLv3, which is OSI-approved, but like Heather Meeker said on our SSPL/Elastic episode, is often on the DO NOT USE list at large tech firms. Raj continues:

Ensuring we maintain these freedoms for our community is a big priority for us. While AGPL doesn’t “protect” us to the same degree as other licenses (such as the SSPL), we feel that it strikes the right balance. Being open source will always be at the core of who we are, and we believe that adopting AGPLv3 allows our community and users to by and large have the same freedoms that they have enjoyed since our inception.

Read the entire post for more details on what is being re-licensed, what isn’t, and what it all means. They also have a Q&A on their blog answering other common questions and concerns.

Productivity github.com

Calendso – an open source Calendly alternative

Let’s face it: Calendly and other scheduling tools are awesome. It made our lives massively easier. We’re using it for business meetings, seminars, yoga classes and even calls with our families. However, most tools are very limited in terms of control and customisations. That’s where Calendso comes in. Self-hosted or hosted by us. White-label by design. API-driven and ready to be deployed on your own domain. Full control of your events and data. Calendso is to Calendly what GitLab is to GitHub.

We’ve been happy Calendly users for years, but I do like the idea of white-labeling and hosting on our own domain. Calendso is built with Next, React, Tailwind, & Prisma.

Calendso – an open source Calendly alternative
0:00 / 0:00