The pain of dependency management

Aug. 11, 2022, 5:30 p.m. (2 years, 3 months ago)
0 Comments

Baruch Sadogursky (Chief Sticker Officer at JFrog) joins Natalie & Johnny to lament the current state of dependency management in Go and other languages. They discuss the problems dependency managers face, possible technical mitigations like SBOMs, people problems that will never be solved by tech, and take questions from listeners in the #gotimefm channel of Gophers Slack.

Join the discussion

Changelog++ members save 4 minutes on this episode because they made the ads disappear. Join today!

Sponsors:

  • SquareDevelop on the platform that sellers trust. There is a massive opportunity for developers to support Square sellers by building apps for today’s business needs. Learn more at changelog.com/square to dive into the docs, APIs, SDKs and to create your Square Developer account — tell them Changelog sent you.
  • HoneycombGuess less, know more. When production is running slow, it’s hard to know where problems originate: is it your application code, users, or the underlying systems? With Honeycomb you get a fast, unified, and clear understanding of the one thing driving your business: production. Join the swarm and try Honeycomb free today at honeycomb.io/changelog
  • Ship It! – A podcast about getting your best ideas into the world and seeing what happens. Listen to an episode that interests you and subscribe today.

Featuring:

Show Notes:

Something missing or broken? PRs welcome!

Login to Add New Comment
No comments have been posted yet, be the first one to comment.
Similar Podcasts
It's Go Time! It's Go Time!
In this inaugural show Erik, Brian, and Carlisia kick things off by sharing some recent Go news that caught their attention, what to expect from this show, ways to get in touch, and more. Join the discussionChangelog++ members support our work, get closer to the metal, and make the ads disappear. Jo...
Sarah Adams on Test2Doc and Women Who Go Sarah Adams on Test2Doc and Women Who Go
On this show we’re joined by Sarah Adams. We talk about creating safe spaces for women to get started in the Go community, about Women Who Go, and take a deep dive into her Test2Doc open source project. Join the discussionChangelog++ members support our work, get closer to the metal, and make the ad...
State of Go Survey and Go at Heroku State of Go Survey and Go at Heroku
Ed Muller from Heroku join us to discuss his State of Go survey, vendoring and versioning, the Heroku Go Buildpack, how they use Go at Heroku, and more. Join the discussionChangelog++ members support our work, get closer to the metal, and make the ads disappear. Join today!Sponsors:Linode – Our clou...
Jessie Frazelle on Maintaining Open Source, Docker, dotfiles Jessie Frazelle on Maintaining Open Source, Docker, dotfiles
Jessie Frazelle joins us this week to talk about being an open source maintainer, Docker’s pull request acceptance workflow, dotfiles, getting started with public speaking. Join the discussionChangelog++ members support our work, get closer to the metal, and make the ads disappear. Join today!Sponso...
Matt Holt on CaddyServer, the ACME Protocol, TLS Matt Holt on CaddyServer, the ACME Protocol, TLS
This episode wins the contest for the most protocols discussed. Matt Holt joined the show to to talk about TLS, Let’s Encrypt, the ACME protocol, CaddyServer, and a host of other important information security issues. Join the discussionChangelog++ members support our work, get closer to the metal, ...
Similar Tutorials
How to Install Deno on macOS
How to Install Deno on macOS
Deno is a simple, modern and secure runtime for JavaScript and TypeScript, by the creator of Node.js himself, Ryan Dahl. Deno uses the Chrome v8 engine and is built with Rust. The project just reach version 1.0 and got many people in the JavaScript community interested. In this tutori...
How to Build a Movie Database & API with Strapi
How to Build a Movie Database & API with Strapi
Strapi is an awesome headless CMS built with Node.js that can speed up the process of building an API quiet dramatically. It's perfect for people who enjoy the frontend more than the backend, and it allows you to build complex database structures with out writing any code. Magic, if y...
How to Install Go on Linux
How to Install Go on Linux
Download the latest Linux version of Go You can download the latest binary from https://go.dev/dl/ Extract the archive you downloaded into /usr/local, creating a Go tree in /usr/local/go. Important: This step will remove a previous installation at /usr/local/go, if any, prior to extr...