DevOpsSpeakeasy Podcast S01E08: Sam Boyer on the sea of despair of dependency management

In this episode, we embarked on a fascinating journey of despair and hope with Sam Boyer (@sdboyer), the author of the Go Dep experiment, and discussed all things dependency management - why it doesn't work, and what can be done to make it a little more transparent and easier to work with.

• Go dep commit officially retiring the project, made on the day of our podcast was aired
• The notorious blog post about package manager (which Baruch uses in all his talks now)
• Sam's take on the Go Dep experiment
• Semantic Versioning
• Russ Cox on SAT
• JFrog Xray analyzing the security and licensing selections signals of the dependency management
• Confusion Matrix definition
• Confusion Matrix explained
• ^1.2.0 is a lie

Episode source