エピソード

  • How Open Source Projects Handle Code of Conduct Disputes

    How Open Source Projects Handle Code of Conduct Disputes
    2026/06/06
    Episode 35 of Open Source with Fexingo digs into a high-stakes case: the 2018 Node.js code of conduct conflict that splintered its technical steering committee. Lucas and Luna trace how one GitHub issue escalated from a comment about 'toxic masculinity' to a fork and a governance overhaul, and why most major open source projects now employ explicit conflict-resolution pathways. They discuss the tension between inclusivity and maintainer autonomy, the role of the Contributor Covenant, and how projects like Rust and Kubernetes designed their dispute resolution from day one. No hot takes — just the mechanics of how communities write rules and enforce them when contributors disagree. #NodeJs #CodeOfConduct #OpenSourceGovernance #ContributorCovenant #RustLanguage #Kubernetes #CommunityModeration #ConflictResolution #ToxicMasculinity #Fork #OpenSourceMaintainers #GitHub #Inclusivity #Governance #Technology #FexingoBusiness #BusinessPodcast #OpenSourceWithFexingo Keep every episode free: buymeacoffee.com/fexingo
    続きを読む 一部表示
    11 分
  • How Open Source Maintainers Handle End-of-Life Cycles

    How Open Source Maintainers Handle End-of-Life Cycles
    2026/06/06
    Episode 34 of Open Source with Fexingo. Lucas and Luna dive into the tricky business of open source end-of-life cycles, using Python 2's sunset in 2020 as their anchor. They break down the logistical and emotional challenge: how maintainers decide when to stop supporting a version, manage the transition for users, and avoid community backlash. Specifics include the Python Software Foundation's timeline, the role of long-term support (LTS) releases, and why Node.js 16's EOL in 2024 sparked real migration pain. No buzzwords, just the real decisions behind the deprecation notice. #OpenSource #EndOfLife #Python #Python2 #SoftwareMaintenance #LTS #NodeJS #Deprecation #CommunityManagement #VersionControl #OSSGovernance #MaintainerBurnout #TechMigration #Linux #GitHub #FexingoBusiness #BusinessPodcast #Technology Keep every episode free: buymeacoffee.com/fexingo
    続きを読む 一部表示
    9 分
  • How Open Source Projects Negotiate Corporate Contributions

    How Open Source Projects Negotiate Corporate Contributions
    2026/06/05
    When a company like Google or Microsoft wants to contribute code to an open source project, how does that actually work without the project losing control? In this episode, Lucas and Luna break down the specific case of Kubernetes — the container orchestration platform born inside Google, then donated to the Cloud Native Computing Foundation. They walk through the Contributor License Agreement process, the role of vendor-neutral foundations, and the delicate balance between accepting corporate patches and maintaining community governance. Along the way, they talk about the Apache Software Foundation's Individual Contributor License Agreement, why some projects require copyright assignment, and how the Contributor Covenant helps set behavioral expectations alongside legal ones. If you've ever wondered how a volunteer-run project can accept contributions from a trillion-dollar company without getting steamrolled, this episode drills into the actual mechanics. #OpenSource #CorporateContributions #Kubernetes #CNCF #ApacheSoftwareFoundation #ContributorLicenseAgreement #Governance #CommunityDriven #Google #Microsoft #Technology #Podcast #FexingoBusiness #BusinessPodcast #OpenSourceGovernance #VendorNeutral #CopyrightAssignment #ContributorCovenant Keep every episode free: buymeacoffee.com/fexingo
    続きを読む 一部表示
    10 分
  • How Open Source Projects Manage Dependency Churn

    How Open Source Projects Manage Dependency Churn
    2026/06/05
    In episode 32 of Open Source with Fexingo, Lucas and Luna explore the growing challenge of dependency churn in open source projects. With over 2.5 million packages on npm alone, maintainers face constant updates, security patches, and breaking changes. The hosts dive into the story of a single Node.js utility library that depended on 1,200 packages — and how its creator trimmed it down to just 12. They discuss tools like Dependabot, the concept of 'dependency hygiene,' and why the left-pad incident of 2016 still haunts the ecosystem. Lucas explains why the average JavaScript project now has 1,500 vulnerable dependencies, and Luna questions whether the free-rider problem is getting worse. The episode offers practical takeaways for developers and project leads, including how to audit your own dependency tree without losing your mind. #DependencyChurn #OpenSource #NodeJs #JavaScript #npm #Dependabot #LeftPad #SupplyChainSecurity #MaintainerBurnout #SemVer #LockFiles #TechDebt #FexingoBusiness #BusinessPodcast #Tech #SoftwareMaintenance #DeveloperTools #CommunityDriven Keep every episode free: buymeacoffee.com/fexingo
    続きを読む 一部表示
    8 分
  • How Open Source Projects Handle Community Moderation

    How Open Source Projects Handle Community Moderation
    2026/06/04
    Ep 31: Lucas and Luna dive into the unseen work of open source community moderation. Using the Linux kernel's Code of Conduct Committee and the Django project's moderation practices as specific cases, they explore how projects handle toxic behavior, ban appeals, and scale rules from 10 to 10,000 contributors. They discuss the tension between maintainer burnout and inclusive governance, and why clear moderation policies are as critical as clean code. The episode also touches on how the Python community handled a high-profile incident in 2025 that reshaped their moderation approach. A concrete look at the people-side of open source that often goes unspoken. #OpenSource #CommunityModeration #LinuxKernel #Django #Python #CodeOfConduct #Burnout #Governance #InclusiveTech #TechEthics #FexingoBusiness #BusinessPodcast #Technology #Moderation #CommunityManagement #ConflictResolution #OpenSourceGovernance #Podcast Keep every episode free: buymeacoffee.com/fexingo
    続きを読む 一部表示
    8 分
  • How Open Source Projects Handle Bug Bounties

    How Open Source Projects Handle Bug Bounties
    2026/06/04
    Lucas and Luna dive into the messy reality of bug bounty programs in open source. They explore the tension between well-funded programs at companies like Google and Microsoft, and the unfunded, volunteer-driven projects that handle critical vulnerabilities with zero budget. Using the Linux kernel's patch-based model and the HackerOne platform as contrasting case studies, they unpack why bug bounties can create perverse incentives, how triage works without a full-time security team, and what happens when a researcher finds a flaw in a project that can't pay a cent. Specific examples include the 2021 PHP bug that paid out $10,000 and the Heartbleed vulnerability that had no bounty at all. They also touch on the growing role of VDPs (vulnerability disclosure programs) as a middle ground, and why some maintainers argue that bounties actually make projects less safe by attracting the wrong kind of attention. A nuanced look at an often-glamorized corner of open source security. #OpenSource #BugBounties #Security #VulnerabilityDisclosure #LinuxKernel #HackerOne #PHP #Heartbleed #VDP #CVEs #SecurityResearch #CommunityDriven #FexingoBusiness #BusinessPodcast #Technology #Cybersecurity #MaintainerBurnout #EthicalHacking Keep every episode free: buymeacoffee.com/fexingo
    続きを読む 一部表示
    12 分
  • How Open Source Projects Write Code That Works for Everyone

    How Open Source Projects Write Code That Works for Everyone
    2026/06/03
    In Episode 29 of Open Source with Fexingo, Lucas and Luna dive into accessibility at the code level — not just UI design, but how open source projects like React and WordPress build inclusive developer experiences. They break down ARIA landmarks, semantic HTML, and the real cost of ignoring accessibility in open source. Along the way, they share a behind-the-scenes look at how listener support keeps this show ad-free. Perfect for developers and open source enthusiasts who want to build better, more inclusive software. #OpenSource #Accessibility #React #WordPress #ARIA #SemanticHTML #InclusiveDesign #A11y #WebDevelopment #JavaScript #CSS #GitHub #OpenSourceCommunity #Tech #Podcast #FexingoBusiness #BusinessPodcast #AccessibleCode Keep every episode free: buymeacoffee.com/fexingo
    続きを読む 一部表示
    10 分
  • How Open Source Projects Handle Accessibility at the Code Level

    How Open Source Projects Handle Accessibility at the Code Level
    2026/06/03
    Lucas and Luna explore how open source projects like the GNOME desktop environment and the React ecosystem approach accessibility at the code level. They look at the specific practices that make software usable for people with disabilities, including screen reader support, keyboard navigation, and color contrast checks. Lucas explains the role of tools like Axe and the Web Content Accessibility Guidelines (WCAG), while Luna highlights how community-driven projects can embed these standards early. The episode also covers the unique challenges open source maintainers face in prioritizing accessibility when resources are tight. Along the way, they tie in how listener donations via Buy Me a Coffee help keep the show ad-free and support deeper dives into technical topics like this one. #Accessibility #OpenSource #InclusiveDesign #GNOME #React #ScreenReaders #WCAG #Axe #WebAccessibility #KeyboardNavigation #ColorContrast #TechPodcast #Linux #CommunityDriven #FexingoBusiness #BusinessPodcast #Technology #SoftwareDesign Keep every episode free: buymeacoffee.com/fexingo
    続きを読む 一部表示
    7 分