InfoQ Homepage Software Supply Chain Content on InfoQ

Podcasts

RSS Feed

Newer Older

About this Podcast

Intended for architects and senior developers.

Architecture & Design

Andres Almiray on How to Release Any Software to Any OS with JReleaser

Andres Almiray, a serial open-source contributor and the creator of JReleaser, discusses the project's state, noting that the tool is usable across any ecosystem, not just Java. He also touches on the Common House Foundation's mission.

Andres Almiray
on Mar 16, 2026

Icon

31:33
Java

The Hidden Vulnerability of the Open Source Software Supply Chain: the Underlying Infrastructure

Software supply chain veteran Brian Fox unpacks the security implications of the new EU Cyber Resilience Act and its profound impact on open-source projects. He reveals the hidden infrastructure risks threatening open-source projects and shares insights for senior software leaders navigating this regulatory landscape.

Brian Fox
on Sep 29, 2025

Icon

41:48
DevOps

Implement the EU Cyber Resilience Act's Requirements to Strengthen Your Software Project

Eddie Knight, OSPO lead at Sonatype, discusses how the EU Cyber Resilience Act can help with improving your software project’s security and in the same time to slow down the alarming acceleration of software supply chain attacks.

Eddie Knight
on Apr 21, 2025

Icon

40:38
Sponsored Content by

Icon
AI, ML & Data Engineering

Generally AI Episode 4: Sold out!

In this episode of Generally AI, Meertens and Alford explore the theme of "sold out" and delve into the world of GPUs, hot sauce, and beer. The hosts cover CUDA-enabled GPUs and parallel programming patterns, then explore the parallels between the scarcity of GPUs and Sriracha hot sauce; the historical context of GPU shortages; and how beer and college students can model supply chain dynamics.

Anthony Alford Roland Meertens
on Feb 14, 2024

Icon

49:11
Architecture & Design

Tracy Miranda on Secure Supply Chains, SBOMs, and SLSA

In this episode, Tracy Miranda, a leader in the secure software supply chain domain, sat down with InfoQ podcast co-host Daniel Bryant and discussed the current state of the industry. Topics covered included the benefits of SBOMs and SLSA, getting started with generating SBOMs, and how developers should work with leadership when evaluating their organization’s security posture.

Tracy Miranda
on Sep 18, 2023

Icon

24:20

About this Podcast

Discussions on intentional corporate culture and software management approaches.

Culture & Methods

Investing in Open Source: The Open Source Pledge and Why it Matters

In this podcast, Shane Hastie, Lead Editor for Culture & Methods, spoke to Chad Whitacre about the Open Source Pledge, an initiative to encourage companies to financially support open-source maintainers to ensure the sustainability and security of the software they depend on. The goal is to address the social contract within open source, where companies benefit from freely available software.

Chad Whitacre
on Mar 07, 2025

Icon

16:00
Culture & Methods

Vulnerabilities and Risks in the Software Supply Chain

Shane Hastie spoke to Brian Fox of Sonatype about vulnerabilities and risks inherent in the modern software supply chain and how to overcome them.

Brian Fox
on Apr 22, 2022

Icon

27:21
Sponsored Content by

Icon

Newer Podcasts

Older Podcasts

Unlock the full InfoQ experience

Don't have an InfoQ account?

Topics

Stateful Continuation for AI Agents: Why Transport Layers Now Matter

Latency: The Race to Zero...Are We There Yet?

Choosing Your AI Copilot: Maximizing Developer Productivity

Tiger Teams, Evals and Agents: The New AI Engineering Playbook

Duolingo's Kubernetes Leap

Helpful links

Choose your language

Podcasts

About this Podcast

Andres Almiray on How to Release Any Software to Any OS with JReleaser

The Hidden Vulnerability of the Open Source Software Supply Chain: the Underlying Infrastructure

Implement the EU Cyber Resilience Act's Requirements to Strengthen Your Software Project

Generally AI Episode 4: Sold out!

Tracy Miranda on Secure Supply Chains, SBOMs, and SLSA

About this Podcast

Investing in Open Source: The Open Source Pledge and Why it Matters

Vulnerabilities and Risks in the Software Supply Chain

Cloudflare Introduces EmDash: TypeScript CMS Positioned as WordPress Successor

Stateful Continuation for AI Agents: Why Transport Layers Now Matter

When Every Bit Counts: How Valkey Rebuilt Its Hashtable for Modern Hardware

Latency: The Race to Zero...Are We There Yet?

Uber’s Hive Federation Decentralizes 16K Datasets and 10+ PB for Zero-Downtime Analytics at Scale

Cloudflare and ETH Zurich Outline Approaches for AI-Driven Cache Optimization

Tiger Teams, Evals and Agents: The New AI Engineering Playbook

Developing Your Leadership Skills toward Principal Engineering

Local First – How To Build Software Which Still Works After the Acquihire

Etsy Migrates 1000-Shard, 425 TB MySQL Sharding Architecture to Vitess

Google Cloud Highlights Ongoing Work on PostgreSQL Core Capabilities

AAIF's MCP Dev Summit: Gateways, gRPC, and Observability Signal Protocol Hardening

GitHub Copilot CLI Reaches General Availability

CNCF and Kusari Partner to Strengthen Software Supply Chain Security Across Cloud-Native Projects

GitHub Actions Custom Runner Images Reach General Availability

Online InfoQ Architect Certification

QCon AI Boston

QCon San Francisco

InfoQ Software Architects' Newsletter

Podcasts

About this Podcast

About this Podcast