Shows
Open Source SecurityHobbyist Maintainers with Thomas DePierreThomas DePierre joins Open Source Security to discuss the central idea from his blog post, "You are all on the hobbyist maintainers turf now," exploring the massive disconnect between the corporate world that consumes open source and the hobbyist community that actually produces it. The conversation reveals this isn't a new problem, but a long-standing reality whose consequences for security, stability, and the future of software we are only now beginning to truly confront. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-06-hobbyist-thomas-depierre/2025-06-1649 min
Open Source SecuritySafety vs Security with Thomas DepierreIn this episode of Open Source Security, Josh welcomes Thomas Depierre, a Site Reliability Engineer and open source maintainer, to discuss the intersection of safety and security. Thomas explains why safety is broader than security. While security often views people as the problem, Thomas explains that people are paradoxically the solution. Nothing should work, but it does, mostly due to people keeping things working. The accompaning blog can be found at https://opensourcesecurity.io/2025/01-safety_vs_security_with_thomas_depierre/2025-01-1321 min
L'info s'éclaireAssemblée nationale, le budget prend racine - Lundi 28 octobre 2024Invités :- Lisa Thomas-Darbois, directrice adjointe des études France de l'Institut Montaigne - Stéphanie Dépierre, journaliste politique pour La Chaine Parlementaire- Mathieu Souquière, essayiste, expert associé à la Fondation Jean Jaurès - Nicolas Barré, directeur du journal Les Echos L'examen en séance publique de la première partie du budget consacré aux recettes n'a pas pu aller à son terme après six jours d'échanges parfois houleux. Ce sont 1508 amendements qu'il reste à étudier alors que l'examen du texte s'arrête et ne reprendra qu'en nove...2024-10-281h 20
The New Stack PodcastAre We Thinking About Supply Chain Security All Wrong?In a New Stack Makers episode, Ashley Williams, founder and CEO of axo, highlights how the software world depends on open-source code, which is largely maintained by unpaid volunteers. She likens this to a CVS relying on volunteer-run shipping companies, pointing out how unsettling that might be for customers. The conversation focuses on open-source maintainers’ reluctance to be seen as "suppliers" of software, an idea explored in a 2022 blog post by Thomas Depierre. Many maintainers reject the label, as there is no contractual obligation to support the software they provide. Williams critiques the industry's response to this, not...2024-10-0343 min
Open Source SecurityThomas Depierre on open source in EuropeJosh and Kurt talk to Thomas Depierre about some of the European efforts to secure software. We touch on the CRA, MDA, FOSDEM, and more. As expected Thomas drops a huge amount of knowledge on what's happening in open source. We close the show with a lot of ideas around how to move the needle for open source. It's not easy, but it is possible. Show Notes Thomas Depierre I am not a supplier Open Source In The European Legislative Landscape devroom Cyber Resilience Act The 2023 Tidelift state of the open source maintainer report 2024-02-1942 min
SustainEpisode 166: Thomas Steenbergen & Josep Prat at FOSS Backstage 2023Guests
Thomas Steenbergen | Josep Prat
Panelist
Richard Littauer
Show Notes
Hello and welcome to Sustain! Richard is at the FOSS Backstage 2023 that’s held in Berlin every year. On this episode, Richard has two guests joining him. His first guest is Thomas Steenbergen, co-founder and organizer for the TODO Group Europe and Head of the Open Source Program Office at EPAM Systems. Thomas talks about his current workshop, OSS Review Toolkit, his background as a software developer, and the three important aspects of open-source software: consuming, compliance, and contributing ba...2023-04-1146 min
Test & Code196: I am not a supplier - Thomas DepierreShould we think of open source components the same way we think of physical parts for manufactured goods? There are problems with supply chain analogy when applied to software. Thomas Depierre discusses some of those issues in this episode. Links:I am not a supplier - article
Help support the show AND learn pytest: The Complete pytest course is now a bundle, with each part available separately.pytest Primary Power teaches the super powers of pytest that you need to learn to use pytest effectively.Using pyte...2023-03-3137 min
Thinking Elixir Podcast142: Orion for Distributed Tracing in ProductionOrion is an interesting library created by Thomas Depierre that makes it easy to run dynamic distributed tracing in your app on production! It includes a LiveView UI for visualizing the performance and running multiple traces simultaneously. We talk with Thomas to learn more about the history, the inspirations, how it works, why it's safe to run in production, how to get performance insights, and more!
Show Notes online - http://podcast.thinkingelixir.com/142
Elixir Community News
https://github.com/phoenixframework/phoenix/blob/main/CHANGELOG.md#171-2023-03-02 – Phoenix 1.7.1 released with enhancement to ph...2023-03-1453 min
Open Source Security"I am not your supplier" with Thomas DepierreJosh and Kurt talk to Thomas Depierre about his "I am not a supplier" blog post. We drink from the firehose on this one. Thomas describes the realities and challenges of being an open source maintainer. What open source and society owe each other. How safety can help describe what we see. There's too many topics to even list. The whole episode is an epic adventure through modern open source. Show Notes Thomas on Mastodon I am not a supplier The Treachery of Images (Ceci n'est pas une pipe) Atlantic Council report The Field Guide to...2023-03-0652 min