TNS
VOXPOP
Will JavaScript type annotations kill TypeScript?
The creators of Svelte and Turbo 8 both dropped TS recently saying that "it's not worth it".
Yes: If JavaScript gets type annotations then there's no reason for TypeScript to exist.
0%
No: TypeScript remains the best language for structuring large enterprise applications.
0%
TBD: The existing user base and its corpensource owner means that TypeScript isn’t likely to reach EOL without a putting up a fight.
0%
I hope they both die. I mean, if you really need strong types in the browser then you could leverage WASM and use a real programming language.
0%
I don’t know and I don’t care.
0%
Kubernetes / Open Source / Security / Software Development

The New Stack Context: Two Views of Open Source Security

Welcome to The New Stack Context, a podcast where we discuss the latest news and perspectives in the world of cloud native computing. This week we have two guests, who discuss their experience with the challenges of securing open source software.
Feb 21st, 2020 5:00pm by
Featued image for: The New Stack Context: Two Views of Open Source Security

Welcome to The New Stack Context, a podcast where we discuss the latest news and perspectives in the world of cloud native computing. This week we have two guests who discuss their experience with the challenges of securing open source software.

First, we talk to Frank Nagle, a professor at Harvard Business School and co-director of the Census II project to assess security practices in open source software components, in partnership with The Linux Foundation’s Core Infrastructure Initiative (CII). The report, “‘Vulnerabilities in the Core,’ a Preliminary Report and Census II of Open Source Software,” attempts to understand the “structural and security complexities in the modern day supply chain where open source is pervasive but not always understood.” We discuss his findings, including the surprising state of under-management for most open source projects.

We also chat with Neeraj Poddar, Aspen Mesh co-founder and engineering lead who developed the fix for a recent vulnerability in the Istio service mesh project. We speak with Poddar about the challenges of quickly fixing an bug in an open source program when there are so many stakeholders, and how the work should be cordoned off until a public announcement is ready to be made.


Episode 105 : Two Views of Open Source Security

We also discuss some of the more pertinent podcasts and news stories of late. We herald the return of fellow podcast TNS Analysts, and a conversation there about the developer experience with Kubernetes. We also have a spirited discussion about a Carnegie Mellon University researcher who debunks the myth of the 10x programmer. We delve into how companies such as Platform9, Rancher Labs, and services like Google Cloud are making Kubernetes easier to use. Finally, in the realm of artificial intelligence, we take a look at a Deep Neural Network reconstructed a mysterious image hidden in a Picasso painting.

TNS editorial and marketing director Libby Clark hosted this episode, alongside founder and publisher Alex Williams and TNS Managing Editor Joab Jackson.

Aspen Mesh and the Linux Foundation are sponsors of The New Stack.

Feature image: 17th Century French key, New York Metropolitan Museum of Art.

Group Created with Sketch.
TNS owner Insight Partners is an investor in: Census, The New Stack.
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.