Chris Swan
@cpswan.net
Engineer at Atsign & Dart GDE.
Husband, dad, maker, hacker, InfoQ editor, co-host TechDebtPodcast.
He/him.
#include stddisclaimer.h
Husband, dad, maker, hacker, InfoQ editor, co-host TechDebtPodcast.
He/him.
#include stddisclaimer.h
[blog] it can take some time for less popular architectures (like RISC-V) to find their way into Docker official image manifests, so some extra testing is needed to avoid breaking Continuous Delivery pipelines by merging Dependabot PRs for incomplete images.
Checking that Docker image manifests are complete
Background We build a bunch of stuff for RISC-V using the Dart official Docker image, but the RISC-V images can often arrive some time (days) after the more mainstream images[1]. That means that if we merge a Dependabot PR for an updated image it might well be missing RISC-V, causing the Continuous Delivery (CD) pipeline to break when trying to do a release 😦
blog.thestateofme.com
November 11, 2025 at 11:20 AM
[blog] it can take some time for less popular architectures (like RISC-V) to find their way into Docker official image manifests, so some extra testing is needed to avoid breaking Continuous Delivery pipelines by merging Dependabot PRs for incomplete images.
Reposted by Chris Swan
Curious about what happened between @python.org & the National Science Foundation? Me too, so I asked PSF executive director @eximious.bsky.social onto @redmonk.com's MonkCast to discuss the situation & share her perspective redmonk.com/blog/2025/11... youtube.com/shorts/_DDWk...
NSF grant controversy with #python software foundation's Deb Nicholson
YouTube video by RedMonk
youtube.com
November 7, 2025 at 4:12 PM
Curious about what happened between @python.org & the National Science Foundation? Me too, so I asked PSF executive director @eximious.bsky.social onto @redmonk.com's MonkCast to discuss the situation & share her perspective redmonk.com/blog/2025/11... youtube.com/shorts/_DDWk...
Reposted by Chris Swan
Good morning 😊
Yes, Sir Clive hated that the Spectrum was popular because of the games and a C5 could never go this fast, but I had a lot of fun making this tribute to Sir Clive Sinclair ZX Spectrum 👍
Animation made in Blender, sountrack made in Studio one
#zxspectrum #retrogaming #8bitgaming
Yes, Sir Clive hated that the Spectrum was popular because of the games and a C5 could never go this fast, but I had a lot of fun making this tribute to Sir Clive Sinclair ZX Spectrum 👍
Animation made in Blender, sountrack made in Studio one
#zxspectrum #retrogaming #8bitgaming
November 7, 2025 at 7:49 AM
Good morning 😊
Yes, Sir Clive hated that the Spectrum was popular because of the games and a C5 could never go this fast, but I had a lot of fun making this tribute to Sir Clive Sinclair ZX Spectrum 👍
Animation made in Blender, sountrack made in Studio one
#zxspectrum #retrogaming #8bitgaming
Yes, Sir Clive hated that the Spectrum was popular because of the games and a C5 could never go this fast, but I had a lot of fun making this tribute to Sir Clive Sinclair ZX Spectrum 👍
Animation made in Blender, sountrack made in Studio one
#zxspectrum #retrogaming #8bitgaming
Reposted by Chris Swan
"If the Greens overtake Labour in the polls, it will become harder for Labour to make the case that a vote for Polanski is a vote for Farage." www.newstatesman.com/politics/202...
The Green surge is about to break Labour
Polanski's increasing popularity has huge implications for the future of British politics
www.newstatesman.com
November 7, 2025 at 9:42 AM
"If the Greens overtake Labour in the polls, it will become harder for Labour to make the case that a vote for Polanski is a vote for Farage." www.newstatesman.com/politics/202...
[blog] Agentic systems are the latest thing being used to solve IT integration issues, becoming the glue squirted into the gaps between systems. But the use of natural language means that the distinction between 'data' and 'code' is almost impossible to make, causing many security concerns.
Don’t huff the fumes
TL;DR Agentic systems are the latest thing being used to solve IT integration issues, becoming the glue squirted into the gaps between systems. But the use of natural language means that the distinction between 'data' and 'code' is almost impossible to make, which causes a whole raft of security concerns. This new glue may be powerful, but it gives off fumes that can cause a bunch of problems.
blog.thestateofme.com
November 5, 2025 at 4:47 PM
[blog] Agentic systems are the latest thing being used to solve IT integration issues, becoming the glue squirted into the gaps between systems. But the use of natural language means that the distinction between 'data' and 'code' is almost impossible to make, causing many security concerns.
Reposted by Chris Swan
I can hear @quinnypig.com reading this article to me. It’s uncanny. With dramatic pauses and everything www.theregister.com/2025/11/04/a...
How AWS is losing the younger generation with complexity
: They have no need to prove their bonafides
www.theregister.com
November 5, 2025 at 1:50 PM
I can hear @quinnypig.com reading this article to me. It’s uncanny. With dramatic pauses and everything www.theregister.com/2025/11/04/a...
Reposted by Chris Swan
After reading the Register’s article from today
www.theregister.com/2025/11/03/c...
I still stand by my article with the same title from 5 years ago
justingarrison.com/blog/2020-06...
www.theregister.com/2025/11/03/c...
I still stand by my article with the same title from 5 years ago
justingarrison.com/blog/2020-06...
Snap out of it
How to uninstall and block snapd on Ubuntu
justingarrison.com
November 3, 2025 at 11:11 PM
After reading the Register’s article from today
www.theregister.com/2025/11/03/c...
I still stand by my article with the same title from 5 years ago
justingarrison.com/blog/2020-06...
www.theregister.com/2025/11/03/c...
I still stand by my article with the same title from 5 years ago
justingarrison.com/blog/2020-06...
[blog] Trips to Bath and Barcelona, comedy with John Bishop, lots of wine, first impressions of Real Stock Pro for VR shooting, a new mattress, and the usual pupdate (with new toy) and solar diary.
October 2025
Pupdate The central heating went on a few days into the month, and it was also soon time for the boys to be wearing their coats out. Max and Milo in their blue fleece coats Interactive Ball Toy Having learned my lesson about dodgy drop shippers last month I ordered from AliExpress when $wife found a fun looking toy in some Dachshund forum.
blog.thestateofme.com
November 3, 2025 at 3:29 PM
[blog] Trips to Bath and Barcelona, comedy with John Bishop, lots of wine, first impressions of Real Stock Pro for VR shooting, a new mattress, and the usual pupdate (with new toy) and solar diary.
Reposted by Chris Swan
Sigh. Grim news, but a potential wake up call for small operators and the policymakers who love them. It’s time to [quoting @joshcorman.bsky.social] SOS - get our Shit Off Shodan.
Cyberpunks mess with Canada's water, energy, and farm systems
Cyberpunks mess with Canada's water, energy, farm systems
: Infosec agency warns hacktivists broke into critical infrastructure systems to tamper with controls
www.theregister.com
October 30, 2025 at 12:12 PM
Sigh. Grim news, but a potential wake up call for small operators and the policymakers who love them. It’s time to [quoting @joshcorman.bsky.social] SOS - get our Shit Off Shodan.
Reposted by Chris Swan
A little while back Thomas Strömberg posted (on LinkedIn) about the surprisingly lack of malware detection tooling running on platforms today.
Sign Up | LinkedIn
500 million+ members | Manage your professional identity. Build and engage with your professional network. Access knowledge, insights and opportunities.
www.linkedin.com
October 29, 2025 at 11:04 AM
A little while back Thomas Strömberg posted (on LinkedIn) about the surprisingly lack of malware detection tooling running on platforms today.
[blog] SLSA attestations are a great way to show that you care about security, and they're fairly trivial to add to delivery pipelines that produce a single binary or container image. But things get tricky with matrix jobs that build lots of things in parallel...
SLSA attestations for Docker matrix builds
TL;DR Supply-chain Levels for Software Artifacts (SLSA) attestations are a great way to show that you care about security, and they're fairly trivial to add to delivery pipelines that produce a single binary or container image. But things get tricky with matrix jobs that build lots of things in parallel, as you then need to marshal all the metadata into the attestation stage, and there isn't a straightforward way to do that.
blog.thestateofme.com
October 28, 2025 at 2:00 PM
[blog] SLSA attestations are a great way to show that you care about security, and they're fairly trivial to add to delivery pipelines that produce a single binary or container image. But things get tricky with matrix jobs that build lots of things in parallel...
Reposted by Chris Swan
Yay. Priceless. The right column at the right time. And a gleefully English two fingers to the haters.
October 25, 2025 at 7:38 AM
Yay. Priceless. The right column at the right time. And a gleefully English two fingers to the haters.
Reposted by Chris Swan
It's lovely to see a concrete list like this. It helps others define what they need in their own circumstances.
As professional maintainers we can invest in making our projects safer and more reliable. To that end, here's a draft of the Geomys Standard of Care.
It covers general maintenance, stability & reliability, dependency management, account and CI security, vulnerability handling, licensing, and more.
It covers general maintenance, stability & reliability, dependency management, account and CI security, vulnerability handling, licensing, and more.
The Geomys Standard of Care
Introducing the set of standards that Geomys maintainers strive to uphold in our professional activity as open source maintainers.
words.filippo.io
October 23, 2025 at 2:35 PM
It's lovely to see a concrete list like this. It helps others define what they need in their own circumstances.
Reposted by Chris Swan
people playing music/videos on their phone speakers in public is more than just mildly annoying and is instead a leading indicator of the decline of community and empath
Do you have any extremely niche, but serious, ethical stances?
October 19, 2025 at 8:54 PM
people playing music/videos on their phone speakers in public is more than just mildly annoying and is instead a leading indicator of the decline of community and empath
Reposted by Chris Swan
Slides for my #taloscon2025 keynote, "The Complexity of Simplicity" (video to come): speakerdeck.com/bcantrill/th...
The Complexity of Simplicity
Talk given at TalosCon in Amsterdam on October 17, 2025. Video to come.
speakerdeck.com
October 17, 2025 at 9:31 AM
Slides for my #taloscon2025 keynote, "The Complexity of Simplicity" (video to come): speakerdeck.com/bcantrill/th...
Reposted by Chris Swan
when I heard about Qualcomm buying Arduino I thought what different relationships they have with developers and then I thought maybe that's why they're buying them? Leendert van Doorn engineering SVP @ qualcomm tells me I've figured it out but @monkchips.com warns me it's going to be a balancing act
Can Arduino Teach a Tech Giant How To Win Over Developers?
Open source infrastructure meeting strong commercial integration isn’t always a good fit, but Qualcomm and Arduino hope to change that narrative.
thenewstack.io
October 14, 2025 at 9:48 PM
when I heard about Qualcomm buying Arduino I thought what different relationships they have with developers and then I thought maybe that's why they're buying them? Leendert van Doorn engineering SVP @ qualcomm tells me I've figured it out but @monkchips.com warns me it's going to be a balancing act
Reposted by Chris Swan
it's kinda weird that all the software i am expected to use for work are all written by distributed teams, go, python, postgres, linux, chrome, k8s etc
and despite being told "the best teams work in an office together" i don't know of any software i use that's actually written that way
and despite being told "the best teams work in an office together" i don't know of any software i use that's actually written that way
October 13, 2025 at 5:00 PM
it's kinda weird that all the software i am expected to use for work are all written by distributed teams, go, python, postgres, linux, chrome, k8s etc
and despite being told "the best teams work in an office together" i don't know of any software i use that's actually written that way
and despite being told "the best teams work in an office together" i don't know of any software i use that's actually written that way
Reposted by Chris Swan
The CRA is rewriting the rules of selling software.
After 2027, anything sold in Europe must meet strict security standards. This will reshape how we build, patch, and monetize software, and how we work with open source.
I spoke with Mike Milinkovich of the Eclipse Foundation to learn more.
After 2027, anything sold in Europe must meet strict security standards. This will reshape how we build, patch, and monetize software, and how we work with open source.
I spoke with Mike Milinkovich of the Eclipse Foundation to learn more.
October 9, 2025 at 4:11 PM
The CRA is rewriting the rules of selling software.
After 2027, anything sold in Europe must meet strict security standards. This will reshape how we build, patch, and monetize software, and how we work with open source.
I spoke with Mike Milinkovich of the Eclipse Foundation to learn more.
After 2027, anything sold in Europe must meet strict security standards. This will reshape how we build, patch, and monetize software, and how we work with open source.
I spoke with Mike Milinkovich of the Eclipse Foundation to learn more.
Reposted by Chris Swan
As a leader wanting to optimise outcomes, how should I behave?
Align, Act, Reflect, Adapt (AARA)
🎯 Align: be clear on the Why and the direction (measurable outcome hypotheses). Limit Work In Progress.
Align, Act, Reflect, Adapt (AARA)
🎯 Align: be clear on the Why and the direction (measurable outcome hypotheses). Limit Work In Progress.
October 9, 2025 at 8:50 AM
As a leader wanting to optimise outcomes, how should I behave?
Align, Act, Reflect, Adapt (AARA)
🎯 Align: be clear on the Why and the direction (measurable outcome hypotheses). Limit Work In Progress.
Align, Act, Reflect, Adapt (AARA)
🎯 Align: be clear on the Why and the direction (measurable outcome hypotheses). Limit Work In Progress.
[blog] September 2025
A scammy octopus, a stay at South Lodge, Torres wine tasting, Marcus Brigstocke comedy, T'Pau, RC2014 Assembly, Clay Hunt VR, and of course the usual pupdate and solar diary.
A scammy octopus, a stay at South Lodge, Torres wine tasting, Marcus Brigstocke comedy, T'Pau, RC2014 Assembly, Clay Hunt VR, and of course the usual pupdate and solar diary.
September 2025
Pupdate Autumn is upon us, and it was a wet start to the month, but that hasn't stopped the boys from being enthusiastic about their walks. Miniature Dachshunds Max and Milo on a leafy woodland path Clear scan Milo had another scan at the start of the month, and once again it was clear 🙂 That means we're now on the longest stretch of remission since he got ill.
blog.thestateofme.com
October 1, 2025 at 1:16 PM
[blog] September 2025
A scammy octopus, a stay at South Lodge, Torres wine tasting, Marcus Brigstocke comedy, T'Pau, RC2014 Assembly, Clay Hunt VR, and of course the usual pupdate and solar diary.
A scammy octopus, a stay at South Lodge, Torres wine tasting, Marcus Brigstocke comedy, T'Pau, RC2014 Assembly, Clay Hunt VR, and of course the usual pupdate and solar diary.
Reposted by Chris Swan
@openssf.org says the open-source software ecosystem is unsustainable and reaching a breaking point as maintainers struggle with funding, time, and demands from commercial users: openssf.org/blog/2025/09...
I wrote about this problem recently: www.cybersecuritydive.com/news/open-so...
I wrote about this problem recently: www.cybersecuritydive.com/news/open-so...
Open Infrastructure is Not Free: A Joint Statement on Sustainable Stewardship – Open Source Security Foundation
Register for Open Source SecurityCon 2025
openssf.org
September 23, 2025 at 6:30 PM
@openssf.org says the open-source software ecosystem is unsustainable and reaching a breaking point as maintainers struggle with funding, time, and demands from commercial users: openssf.org/blog/2025/09...
I wrote about this problem recently: www.cybersecuritydive.com/news/open-so...
I wrote about this problem recently: www.cybersecuritydive.com/news/open-so...
Reposted by Chris Swan
having autism is actually fine. the Tylenol and vaccination stuff is bullshit, obvi, but also: it’s okay to have autism.
to all my friends and loved ones on the spectrum feeling attacked by this discourse, please remember you are gifts to the world. ❤️❤️
to all my friends and loved ones on the spectrum feeling attacked by this discourse, please remember you are gifts to the world. ❤️❤️
September 23, 2025 at 12:12 PM
having autism is actually fine. the Tylenol and vaccination stuff is bullshit, obvi, but also: it’s okay to have autism.
to all my friends and loved ones on the spectrum feeling attacked by this discourse, please remember you are gifts to the world. ❤️❤️
to all my friends and loved ones on the spectrum feeling attacked by this discourse, please remember you are gifts to the world. ❤️❤️
Reposted by Chris Swan
This week, Oracle released Java 25. Several developers have used this release as an opportunity to share their enthusiasm around the JVM and Oracle’s stewardship. This strikes me as noteworthy, and in this @redmonk.com post I discuss why
redmonk.com/kholterhoff/...
redmonk.com/kholterhoff/...
September 17, 2025 at 3:44 PM
This week, Oracle released Java 25. Several developers have used this release as an opportunity to share their enthusiasm around the JVM and Oracle’s stewardship. This strikes me as noteworthy, and in this @redmonk.com post I discuss why
redmonk.com/kholterhoff/...
redmonk.com/kholterhoff/...
Reposted by Chris Swan
I was on EPSD's "Velocity's edge" podcast and had a great discussion with Nick Selby and Chris Swan about organisational scar tissue, decision records, writing things down, and "Murders & Acquisitions".
open.spotify.com/episode/1HTS...
open.spotify.com/episode/1HTS...
S1E6 - Thomas Dullien and Chris Swan on Decision Records
open.spotify.com
September 17, 2025 at 8:36 AM
I was on EPSD's "Velocity's edge" podcast and had a great discussion with Nick Selby and Chris Swan about organisational scar tissue, decision records, writing things down, and "Murders & Acquisitions".
open.spotify.com/episode/1HTS...
open.spotify.com/episode/1HTS...
This is how we get filter failure at the outrage factory; because the 'crazy' gets algorithmic amplification to drive engagement.
blog.thestateofme.com/2019/02/13/f...
blog.thestateofme.com/2019/02/13/f...
September 8, 2025 at 7:55 PM
This is how we get filter failure at the outrage factory; because the 'crazy' gets algorithmic amplification to drive engagement.
blog.thestateofme.com/2019/02/13/f...
blog.thestateofme.com/2019/02/13/f...