Wicked Good Development

Ready to take a dive into the world of TestContainers? Join Kadi Grigg and Sonatype Developer Advocate Jamie Coleman as they sit down with the one and only Oleg Šelajev of AtomicJar, Inc., for an episode packed with insights and laughs. 

Together, they'll delve into the world of Testcontainers and uncover the secrets behind these powerful tools that have revolutionized the testing landscape. From the origin of Testcontainers to the crucial importance of reliability in testing, they'll cover it all and so much more

When you interview your dream guest, the conversation is wicked good. In this episode, Kadi and co-host Sal Kimmich sit down with Simon Brown–creator of the C4 Software Architecture Model–and Developer Advocate Dann Conn. Topics of conversation include the ins and outs of the C4 model, how having a detailed architecture diagram can make or break you, and more.

Tune in as we discuss the intention behind the model, best practices, and how critical it is for technical and non-technical folks alike to understand.

Join Kadi and guest co-host Sola Otudeko for a chat with ABN AMRO’s Ingmar Vis. Listen in as they discuss:

• The value of breaking builds.
• Why automation is key for agile development.
• Lessons he’s learned throughout his open source journey.
• What pushed him to give back to open source.

Today we are celebrating World Open Source Day: A day of celebration of the hard work and dedication done in the open source community and an opportunity to come together and share knowledge and experiences. At Wicked Good Development we thank open source maintainers and contributors for their endless pursuit of showcasing the power of open collaboration for the advancement of technology.

In this episode, Kadi and guest co-host Theresa Mammarella invite open-source contributor, Tom Cools, to share his journey in the world of open source. Sit back and relax as we talk through why he got involved in the community, what his first project was, and best practices to make projects more accessible for new contributors.

In this episode, Kadi and guest co-host, Dariush Griffin, sit down with Filipp Kofman (Partner, Davis Wright Tremaine LLC) and Adam Such (Solutions Architect, Sonatype) to discuss struggles with open source licensing.

There’s not always a clear-cut answer on the best way to handle open source licensing, especially when it comes to managing your dependencies. Topics of discussion include ideas from legal and development perspectives, the struggles they face, and best practices for working together to reach mutually beneficial goals.

When an interview is that good, you need to share it! 

Sonatype's Dr. Stephen Magill joins Federal Tech host, John Gilroy, for a discussion on how software developers can be assured code they develop is safe. Listen in as they discuss topics that range from how even bespoke code needs new versions and improvements over time to other interesting aspects of software risk, like artifacts.

In this episode, Kadi sits down with Sonatype’s Director of Product Management, Justin Young, and Engineering Manager, Brad Cupit to discuss all things tech debt. What is it? Can different types be treated the same? How do you quantify it? And more importantly, how do you prioritize it?

Tune in and learn how you too can begin to understand your tech debt and begin to tactically manage it.

This session features Brian Fox (CTO and Co-Founder), Joel Orlina (Engineering Manager, Maven), Jason Swank (Director of Engineering, Technical Operations) and Lakshmi Mohandas (Senior Product Manager). Listen in as they discuss Maven Central's relationship with Sonatype, its pain points and how we are addressing them, and the latest updates that make Maven more unified and powerful than before.

This session features open source war stories from James McLeod, Director of Community for FINOS–the Financial Technology vertical of the Linux Foundation.

After years in FinTech as a bank software developer, James McLeod now works to create impactful open source technology and communities. He works closely with contributors from the world’s largest investment banks and cloud providers on a daily basis, providing experiences and insights we’re excited to share with our listeners.

What does philosophy have to do with software development? More than you might think! In this episode, hosts Kadi and Omar sit down with Technologist, Ted Neward and Developer Advocate, Steve Poole to discuss how philosophy is at the heart of everything. Ted provides great insight as to how his background has influenced his outlook on software development and why developers should be asking themselves the hard questions. As Ted puts it, “It is the hard questions that are usually the good ones that will lead you to a positive outcome.”

In the latest episode, Russ Eling–Founder and CEO of OSS Consultants–sits down with Kadi Grigg and co-host A.J. Brown to discuss his journey with open source. Tune in to hear valuable lessons learned during his tenure as an Open Source Compliance Officer at General Motors and how that eventually led to the creation of OSS Consultants.

In this episode, Joel Orlina joins Kadi Grigg to provide insights and knowledge on “The Secret Life of Maven Central,” his talk given at Devoxx UK and OpenSFF Day. Joel sheds light on the previously unknown history of Maven Central and how it works under the covers. He also discusses how the Central team addresses critical security risks like dependency confusion and how it responded to security events such as Log4Shell, and most importantly, how you can get involved.

Ax Sharma, a security researcher at Sonatype and tech journalist at large, joins Kadi and Omar for his monthly malware update. Ax breaks down the latest on protestware and ransomware.

After attending the Devoxx Poland Developer Conference in June in Krakow, Kadi and co-host Steve Poole sat down with speakers Oleg Šelajev, Developer Relations at Atomic Jar Inc, Ana-Maria Mihalceanu, Java Champion and  Developer Advocate at Redhat, and Brain Vermeer,  Java Champion and JUG Leader Netherlands about their key takeaways from the event, trends on cloud adoption, how hot the developer market is right now, and their favorite presentations (hint: they weren’t their own talks!).

In this episode, Kadi and Omar sit down and chat with members of the Developer Relations team at Sonatype to discuss the value in engineering teams doing vulnerability drills. We now live in a world where it's not a matter of if you will get attacked, it’s now a matter of when you will get attacked. So what can you do to protect yourself when that does happen? Learn why this shouldn’t be viewed as an incident response but more as streamlining your operational and engineering levels that need to be in lockstep with one another.

For this episode, Jamie Whitehouse, Director of Product Management at Sonatype, joins Kadi as guest host. With the unique perspectives of a Product Manager, Engineering Manager Daryl Handley, Data Scientist Cody Nash, and principal Engineer AJ Brown, we dissect the evolution of software supply chain attacks and lessons learned. We’ll dive into how credit card fraud detection and supply chain attack detection is similar, the data science behind these systems, and the behavior of the developers.

This episode is three fold as we finish up the roundtable discussion on Devnexus 2022 and we get a chance to interview two more developers who contribute to the open source community. We connect with Luis Majano, CEO of Ortus Solutions and long-time computer engineer, about putting in the open source work. From using a 70/30 ratio to dedicate time building open source in between client work to getting the next generation involved in maintaining minor code fixes first-hand, hear how the level of work put in makes the difference in professional open source. We also learn with Grace Jansen, Developer Advocate at IBM, about how the preservation of open source collaboration will be the guiding light to pushing technology forward. Hear how her unique background in Biology gives her insight into methodologies and behaviors when it comes to responsiveness and resiliency.

Brad Wood, Software Architect at Ortus Solutions says “everybody should be secure” when it comes to open source security. Hear Brad’s distinctive perspective after occupying roles of both an open source maintainer and contributor. From the advantages of using ColdFusion to the effects of trust in development like abandonware and namespace confusion attacks, Brad covers it all with Wicked Good Development at DevNexus 2022.

This episode is the first in a mini-series from our experience at Devnexus 2022. It was an exciting time to learn from developers and capture wisdom from the open source community.  The life of a contributor told by Maarten Mulders, Consultant, Trainer, and Technology Advocate at Info Support, plays out on Wicked Good Development during DevNexus 2022. Considering Apache Maven to be the cornerstone for Java development, hear how Maarten navigates fixing bugs, avoiding build breaks, and Java derivative languages.

Write code so good you don’t need documentation to go along with it. Achieving code quality that is measurable, efficient, and scalable across even the leanest development teams can feel like a stunt. Yet, the costs of growing tech debt make setting a standard a no-brainer. From defining code quality, how to measure it, and the best time to involve quality checks in the development process, join a comprehensive talk on the logic of high code quality.

Coming straight from Sonatype in-house industry experts Product Manager Rohan Bhaumik, Developer Advocate Sal Kimmich, and VP of product innovation Stephen Magill.

“I’ll block, you run.” In this encouraging talk from four women in tech at Sonatype, hear how their career paths have shaped how they support mitigating and interrupting bias at work and ways to create environments that empower women to be their authentic selves every day.

Join Senior Security Researcher Ankita Lamba, Product Manager Grace Lee, Customer Success Engineer Santi Mulukutla, and Director of Agile Coaching Sue Jasmin as they create space to discuss:

-The importance of active sponsorship and mentorship

-How to eliminate bias in the hiring process

-Cultural limitations that affect bias in company cultures

-Why cancel culture doesn’t work when it comes to inclusion

-And so much more

As we promised, here’s the article that inspired today’s discussion:

Did Spring4Shell set the internet on fire again? Not so fast. In a special episode of Wicked Good Development, we dissect the zero-day RCE vulnerability in the Spring Framework dubbed Spring4Shell or Springshell. From comparisons to Log4j to how to remediate it and what versions on vulnerable, the experts on today's show break down what we know so far about this new vulnerability. And most importantly, how to determine if you're affected.

If you utilize Java or any other JVM, there’s a good chance you know the Maven Central repository. Today’s episode brings long-time maintainers and contributors of Maven Central, Brian Fox, Jason Swank, and Joel Orlina to the mic to rehash the early days of Maven Central, lessons learned from managing open source ecosystems, and bring insight into the platform’s practical software supply chain management capabilities of the past, present, and future.

In today's episode, we're tackling the ongoing discussion about shifting security left - or really starting security left. What do developers need to understand about the current state of application security? How should they be involved in security decisions? What's involved in building secure code from the beginning? This episode wraps up on the topic of what questions organizations and developers should be asking themselves when it comes to their security practices.

Three industry experts with different ties to the world of software talk about the latest in software, from Log4j to today, and what remediation looks like for development teams. We discuss update behaviors in the development community and the risks associated with using old code. To round out our debut episode - we talk about the silent industrial revolution and who bears the burden of maintaining open source software.