The Manifest

Andrew Nesbitt and Alex Pounds

Welcome to The Manifest, a podcast all about package management. Your hosts are Alex Pounds and Andrew Nesbitt. Together they explore the technical details of package management, the stories and the history of various projects, and the communities around them too. Every two weeks there will be a brand new interview with a package manager maintai

All Episodes

Wherein Alex talks with Nils Adermann, the co-founder of Packagist and co-creator of Composer, about package management in PHP. Special Guest: Nils Adermann.

Nov 2019

57 min

Wherein we discuss how package management works in Debian and the Reproducible Builds project with Chris Lamb, a director of both the Open Source Initiative and of Software in the Public Interest, previously the Debian Project Leader and a core developer on the Reproducible Builds project. Special Guest: Chris Lamb.

Nov 2019

57 min

Wherein we discuss Conan, the C and C++ package manager with Diego Rodriguez-Losada as it reaches 1.0. We talk about what inspired the development of Conan, package management problems specific to C/C++ package management and the plans for the future. Note: This episode was recorded 9 months before it was published, so some details may be out of date. Special Guest: Diego Rodriguez-Losada.

Feb 2019

70 min

Wherein we discuss Clojars, the clojure package manager registry and it's relationship to Maven with Daniel Compton. Special Guest: Daniel Compton.

Feb 2019

65 min

Wherein we chat with Todd Gamblin about Spack, the package manager for supercomputers. We talk the unique challenges that packaging for High-performance computing platforms bring to package management, whether you should mine bitcoins on super computers and what's planned for the future of spack. Special Guest: Todd Gamblin.

Jan 2019

57 min

Wherein we discuss open source licensing and how that relates to software packaging with Kate Stewart, of Linux Foundation and SPDX. Special Guest: Kate Stewart.

Aug 2018

57 min

Wherein we discuss typosquatting and other security matters with Adam Baldwin, of Lift security and the Node Security Platform. We cover what kind of exploits people are trying, speculate about how blockchains may well be the answer, and unsuccessfully attempt to start a turf war between various package managers. Special Guest: Adam Baldwin.

Dec 2017

51 min

Wherein we discuss Cargo (the Rust package manager) and Crates.io (the Rust package registry) with Carol (Nichols || Goulding). We talk about the Rust language, the history of the project, the features that make Cargo the envy of all the other package managers, and the sustainability of the project. Special Guest: Carol (Nichols || Goulding).

Nov 2017

59 min

Wherein we chat with Trishank Karthik Kuppusamy about The Update Framework, a security layer that lets package managers assure the veracity and integrity of their packages. We talk about how it grew out of the TOR Project, how it works, how Uptane is used for package management in cars (!), and what package maintainers can do to help their own security. Special Guest: Trishank Karthik Kuppusamy.

Nov 2017

58 min

Wherein we chat with Brian Fox about all things Maven. We hear the history of Maven Central, war stories, how Minecraft DDoSed the service, and discuss planning for the future of Maven and Java 9. Special Guest: Brian Fox.

Oct 2017

69 min

Wherein we discuss Dart and Pub with Natalie Weizenbaum. We discuss how Dart and Pub are being used and developed within Google and a potential new algorithm for more user friendly dependency resolution error messages. Special Guest: Natalie Weizenbaum.

Oct 2017

49 min

Wherein we discuss Go and Dep with Sam Boyer. We discuss how he led the improvements to package management for the Go ecosystem and went deep on satisfiability and how it relates to dependency resolution. Special Guest: Sam Boyer.

Oct 2017

54 min

Wherein we discuss Rubygems and Bundler with André Arko. We discuss how he became the lead maintainer of Rubygems and Bundler, and what lead him to set up Ruby Together. Special Guest: André Arko.

Sep 2017

55 min

Wherein we discuss CocoaPods, a package manager for macOS/iOS development, with lead maintainer Orta Therox. We discuss how he got started contributing to Cocoapods, the arrival of Swift Package Manager and Orta's latest project, Danger. Special Guest: Orta Therox.

Sep 2017

54 min

Wherein we chat with Mike McQuaid, the lead maintainer of Homebrew. We discuss how he got started contributing to Homebrew, its differences from Macports, using GitHub as a database, patching upstream, and more. Special Guest: Mike McQuaid.

Aug 2017

55 min

Cookie policy

We and our partners use cookies to personalize your experience, to show you ads based on your interests, and for measurement and analytics purposes. By using our website and our services, you agree to our use of cookies as described in our Cookie Policy.