Sustainability

Cargo Semver Checks is a Rust tool by Predrag Gruevski that is tackling the problem of broken dependencies that cost developers time when trying to upgrade dependencies. Predrag’s work shows how automated checks can catch breaking changes before they’re released, potentially saving projects from unexpected failures and making dependency updates less painful across the entire Rust ecosystem. Episode links Predrag’s Mastodon Predrag’s Blog “We never update unless forced to” — cargo-semver-checks 2024 Year in Review cargo-semver-checks issue 5 This episode is also available as a podcast, search for “Open Source Security” on your favorite podcast player. ...

In the world of open source software, we often celebrate the code, the contributors, and the collaboration. But beneath the surface lies a world unknown to most. It’s not a secret, it’s just not something most of us pay attention to, the foundations that drive some of the open source projects. I had the opportunity to discuss this with Dr. Kelly Masada, who has served as president of the Open Information Security Foundation (OISF) for over 12 years. OISF is the organization behind Suricata, the very capable and well known open source network analysis and threat detection software. ...