The Manifest
The Manifest
Andrew Nesbitt and Alex Pounds
Welcome to The Manifest, a podcast all about package management. Your hosts are Alex Pounds and Andrew Nesbitt. Together they explore the technical details of package management, the stories and the history of various projects, and the communities around them too. Every so often there will be a brand new interview with a package manager maintainer.
Episode 16: Conda Forge, Mamba, and Packaging Con with Wolf Vollprecht
Wherein we talk with Wolf Vollprecht about his work on Conda Forge and Mamba and the upcoming Packaging-Con event that he's organizing. The Packaging Con 2021: Call for Presentations is open until 1st September 2021,14:00 (UTC) if you'd like to speak: https://pretalx.com/packagingcon-2021/cfpSpecial Guest: Wolf Vollprecht.Links:conda-forgeconda-forge on GitHubAnaconda.orgPackagingCon 2021PackagingCon 2021: Call for PresentationsPackage Management devroom FOSDEM 2018Wolf Vollprecht on GitHubWolf VollprechtWolf Vollprecht on TwitterQuantStackQuantStack on GitHub
Aug 16, 2021
35 min
Episode 15: Packagist with Nils Adermann
Wherein Alex talks with Nils Adermann, the co-founder of Packagist and co-creator of Composer, about package management in PHP.Special Guest: Nils Adermann.
Nov 10, 2019
56 min
Episode 14: Debian and Reproducible Builds with Chris Lamb
Wherein we discuss how package management works in Debian and the Reproducible Builds project with Chris Lamb, a director of both the Open Source Initiative and of Software in the Public Interest, previously the Debian Project Leader and a core developer on the Reproducible Builds project.Special Guest: Chris Lamb.
Nov 4, 2019
56 min
Episode 13: Conan with Diego Rodriguez-Losada
Wherein we discuss Conan, the C and C++ package manager with Diego Rodriguez-Losada as it reaches 1.0. We talk about what inspired the development of Conan, package management problems specific to C/C++ package management and the plans for the future. Note: This episode was recorded 9 months before it was published, so some details may be out of date.Special Guest: Diego Rodriguez-Losada.Links:ConanConan on GitHubBintrayBincraftersbiicodeJFrog XrayConan hits 1.0Cpplang SlackDiego's websiteDiego on TwitterDiego on GitHubSwampUP
Feb 25, 2019
1 hr 9 min
Episode 12: Clojars with Daniel Compton
Wherein we discuss Clojars, the clojure package manager registry and it's relationship to Maven with Daniel Compton. Special Guest: Daniel Compton.Links:ClojarsDatomicClojureMicrosoft Dynamics NAVC/AL programming languageMavenThe Manifest Episode 6: Maven with Brian FoxLeiningenBoot: build tooling for ClojurecljdocMaven Artifact ResolverOpenJDKGraalClojureScriptGoogle Closure CompilervgoGit Deps for ClojureDeps - Private Maven Repository HostingDaniel Compton's websiteDaniel Compton on GitHubDaniel Compton on TwitterClojars on GitHub
Feb 4, 2019
1 hr 4 min
Episode 11: Spack with Todd Gamblin
Wherein we chat with Todd Gamblin about Spack, the package manager for supercomputers. We talk the unique challenges that packaging for High-performance computing platforms bring to package management, whether you should mine bitcoins on super computers and what's planned for the future of spack.Special Guest: Todd Gamblin.Links:SpackSpack on GitHubSpack documentationLawrence Livermore National LaboratoryHigh-performance computering on WikipediaEasyBuildSpack white paperHow To Make Package Managers CryPubGrub: Next-Generation Version Solving – Natalie WeizenbaumTodd Gamblin on GitHubTodd Gamblin on TwitterTodd Gamblin on The Changelog
Jan 21, 2019
56 min
Episode 10: Licensing with Kate Stewart
Wherein we discuss open source licensing and how that relates to software packaging with Kate Stewart, of Linux Foundation and SPDX.Special Guest: Kate Stewart.Links:Board support packageLTIBSoftware Package Data Exchange (SPDX)DEP5FreshmeatFOSSologyBlack DuckCompliance Basics for DevelopersChoose a LicenseFreeRTOSThe `React Patent License’ ControversySPDX on GitHublibrariesio/spdx: A SPDX license normalizerlibrariesio/license-compatibility: Check compatibility between different SPDX licensesFree Software FoundationFOSDEM 2018 - Legal and Policy Issues devroomHeather MeekerKyle MitchellLuis VillaOracle America, Inc. v. Google, Inc.Spdx-tech mailing listSpdx-legal mailing listKate Stewart on Twitter
Aug 29, 2018
56 min
Episode 9: Typosquatting with Adam Baldwin
Wherein we discuss typosquatting and other security matters with Adam Baldwin, of Lift security and the Node Security Platform. We cover what kind of exploits people are trying, speculate about how blockchains may well be the answer, and unsuccessfully attempt to start a turf war between various package managers. Special Guest: Adam Baldwin.Links:^Lift Securitynpm registryTypo.js on GitHub52% of All JavaScript npm Packages Could Have Been Hacked via Weak CredentialsHave I been pwned?Protect your npm account with two-factor authenticationTyposquatting programming language package managersShellshockDependency CIThe Update Frameworkpackage.communitycrossenv malware on the npm registryNode Security PlatformYarnAdam Baldwin on TwitterAdam Baldwin on GitHub
Dec 11, 2017
50 min
Episode 8: Cargo and Crates.io with Carol (Nichols || Goulding)
Wherein we discuss Cargo (the Rust package manager) and Crates.io (the Rust package registry) with Carol (Nichols || Goulding). We talk about the Rust language, the history of the project, the features that make Cargo the envy of all the other package managers, and the sustainability of the project.Special Guest: Carol (Nichols || Goulding).Links:FOSDEM Package Management Devroom CFPCrates.ioCargo on GitHub
Nov 27, 2017
58 min
Episode 7: The Update Framework with Trishank Karthik Kuppusamy
Wherein we chat with Trishank Karthik Kuppusamy about The Update Framework, a security layer that lets package managers assure the veracity and integrity of their packages. We talk about how it grew out of the TOR Project, how it works, how Uptane is used for package management in cars (!), and what package maintainers can do to help their own security.Special Guest: Trishank Karthik Kuppusamy.Links:FOSDEM Package Management Devroom CFPThe Update FrameworkThe Update Framework on GitHub
Nov 13, 2017
57 min
Load more