Sign up to save your podcasts
Or
Share He Who Controls the Source
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
He Who Controls the Source
This week we've got Kris and Jamie! They open with the Shai-Hulud worm chewing through the npm supply chain and close on the messy economics of who actually pays for open source labor. And there's plenty of great stuff in between: GitHub's everything-platform creep, the case for LLMs as a way out of dependency hell, and the forge alternatives finally maturing into real options.
We've got supporter content, of course! This week that includes an expansion on Kris's "pull requests as original sin" theory, the everything-platform rant that compares GitHub to Meta Business Suite, a monologue on money, knowledge gaps, and LLMs as a way out of open source debt. Not a supporter yet? Fix that today by heading over to https://fallthrough.fm/subscribe where you'll get not only extra content but also higher quality audio. Sign up today!
If you prefer to watch this episode, you can view it on YouTube.
No episode of the aftershow this week. We'll have more aftershow episodes soon! In the meantime, catch up on previous episodes at https://break.show.
Thanks for tuning in and happy listening!
Table of Contents:
- Prologue (00:00:00)
- Chapter 2: The Shai-Hulud Worm and the GitHub Actions Attack Surface (00:00:59)
- Chapter 3: Pull Requests as Original Sin [Extended] (00:19:41)
- Chapter 4: GitHub Enterprise Cloud and the Forge Alternatives (00:19:59)
- Chapter 5: The Everything Platform Problem [Extended] (00:28:17)
- Chapter 6: GitLab Counterpoint, Kubernetes, Feature Flags, and Friction (00:37:58)
- Chapter 7: Walled Gardens and the Business Model of Open Source [Extended] (00:43:06)
- Chapter 8: AI Safety, Napalm Grandmas, and Agentic PRs (00:43:24)
- Chapter 9: Kris's Theory: Money, Knowledge Gaps, and LLMs as a Way Out of Open Source Debt [Extended] (00:46:37)
- Chapter 10: Jamie Pushes Back: Forks, Vulnerabilities, and OAPI CodeGen Stalled on OpenAPI 3.1 (00:46:58)
- Chapter 11: Making Open Source a Surfaceable Cost (00:54:29)
- Chapter 12: The Open Source Resistance (01:07:35)
- Chapter 13: Capital One, Director Sign-off, and the Lawyer's Perspective [Extended] (01:16:52)
- Chapter 16: FSNotify Cleanup and the Composer Token Leak (01:17:05)
- Epilogue (01:23:46)
Hosts
Socials:
- Website
- Bluesky
- Threads
- X/Twitter
- Changelog Zulip
- Gophers Slack
- (00:00) - Prologue
View all episodes
By Fallthrough Media
4.2
1313 ratings
This week we've got Kris and Jamie! They open with the Shai-Hulud worm chewing through the npm supply chain and close on the messy economics of who actually pays for open source labor. And there's plenty of great stuff in between: GitHub's everything-platform creep, the case for LLMs as a way out of dependency hell, and the forge alternatives finally maturing into real options.
We've got supporter content, of course! This week that includes an expansion on Kris's "pull requests as original sin" theory, the everything-platform rant that compares GitHub to Meta Business Suite, a monologue on money, knowledge gaps, and LLMs as a way out of open source debt. Not a supporter yet? Fix that today by heading over to https://fallthrough.fm/subscribe where you'll get not only extra content but also higher quality audio. Sign up today!
If you prefer to watch this episode, you can view it on YouTube.
No episode of the aftershow this week. We'll have more aftershow episodes soon! In the meantime, catch up on previous episodes at https://break.show.
Thanks for tuning in and happy listening!
Table of Contents:
- Prologue (00:00:00)
- Chapter 2: The Shai-Hulud Worm and the GitHub Actions Attack Surface (00:00:59)
- Chapter 3: Pull Requests as Original Sin [Extended] (00:19:41)
- Chapter 4: GitHub Enterprise Cloud and the Forge Alternatives (00:19:59)
- Chapter 5: The Everything Platform Problem [Extended] (00:28:17)
- Chapter 6: GitLab Counterpoint, Kubernetes, Feature Flags, and Friction (00:37:58)
- Chapter 7: Walled Gardens and the Business Model of Open Source [Extended] (00:43:06)
- Chapter 8: AI Safety, Napalm Grandmas, and Agentic PRs (00:43:24)
- Chapter 9: Kris's Theory: Money, Knowledge Gaps, and LLMs as a Way Out of Open Source Debt [Extended] (00:46:37)
- Chapter 10: Jamie Pushes Back: Forks, Vulnerabilities, and OAPI CodeGen Stalled on OpenAPI 3.1 (00:46:58)
- Chapter 11: Making Open Source a Surfaceable Cost (00:54:29)
- Chapter 12: The Open Source Resistance (01:07:35)
- Chapter 13: Capital One, Director Sign-off, and the Lawyer's Perspective [Extended] (01:16:52)
- Chapter 16: FSNotify Cleanup and the Composer Token Leak (01:17:05)
- Epilogue (01:23:46)
Hosts
Socials:
- Website
- Bluesky
- Threads
- X/Twitter
- Changelog Zulip
- Gophers Slack
- (00:00) - Prologue
More shows like Fallthrough
View all
Software Engineering Radio - the podcast for professional software developers
273 Listeners
Hanselminutes with Scott Hanselman
382 Listeners
The Changelog: Software Development, Open Source
288 Listeners
Software Engineering Daily
626 Listeners
Talk Python To Me
583 Listeners
Soft Skills Engineering
287 Listeners
Python Bytes
214 Listeners
Syntax - Tasty Web Development Treats
985 Listeners
CoRecursive: Coding Stories
189 Listeners
Practical AI
212 Listeners
The Stack Overflow Podcast
63 Listeners
The Real Python Podcast
140 Listeners
Oxide and Friends
67 Listeners
Cup o' Go
16 Listeners
go podcast()
6 Listeners