Summary

Ted Neward tells me about his job search that started in 2022. Part 1 of a 2 parter.

Details

Who he is, what he did. The job search begins. Companies are looking for "passionate" employees with specific skill sets. The job market in 2022. The COVID tech bubble. How he searched; false starts, near misses. Writing a book on the side. You need luck too. Customized resumes for roles. Applicant tracking systems.

Support this podcast

Full show notes
@tedneward.bsky.social
Ted's blog post

Summary

Jeff Fritz and I talk about glories of running .NET on Linux.

Details

Who he is, what he does. Where .NET runs. When it moved from Windows only. Arrival of .Net Core, open source. What changed in Microsoft for a move to multi-platform. .Net standard. Why try .NET on Linux. Flavors of Linux. .NET on Linux in Docker on the cloud. Types of Linux where .NET runs. CPUs. Ways to install .NET. Multiple versions of .NET can be installed. Ahead of time compilation. All the other tools you need, IDEs, Docker, databases including SQL Server. Publishing .NET as a container. .NET Aspire. Database IDEs. Maui. How to get started with .NET and Linux, Codespaces, live disks, WSL.

Support this podcast

Full show notes
@csharpfritz.com
Jeff's home page
Bryan's blog post on .NET on Linux
Building a container image with a Dockerfile

Summary

Tanya Janca talks about her new book and how to write secure code.

Details

Tanya's new book, why she is writing for the developer. Including code for multiple languages. What makes her book different. Starting with how to defend against vulnerabilities. Validation and sanitization. What zero trust is. Balancing too much security vs other needs. Supply chain attacks and accidents. Backing up and losing code. Excess security and workarounds. Sharing information about security breaches, making it ok to fail. Re-running security tests when code changes, using analysis tools. Testing legacy applications with compromised libraries, network segmentation, web application firewall. Where to get the book.

Support this podcast

Full show notes
Tanya's home page
Tanya's books
Other security podcasts

Summary

Mads Torgersen talks about what's new in C# 13, and some of what might be coming in C# 14.

Details

Upcoming release of C# 13, .NET Conf 2024. Params collections, use cases. Overload resolution priority. System.Threading.Lock, why a new lock type. Ref struct types, the underbelly of C#. Update on discriminated unions, but years away. Preview features - field keyword properties, extension everything.

Support this podcast

Full show notes
What's new in C# 13
C# Language Design - GitHub

Summary

Andy Gocke, lead of the native AOT and app model team at Microsoft answers listener's questions about native AOT.

Details

Future of Native AOT. Trimming support in third party libraries. Why .NET prefers its own JIT compiler over the LLVM MSIL backend. How much bigger with AOT be over MSIL and JIT. Where to follow libraries supporting AOT. Using AOT and GPUs. WASM performance. Can Native AOT replace Mono AOT. Plan for using dependency injection with AOT. When will the IDEs support for Native AOT. How to get in touch.

Support this podcast

Full show notes
@andygocke
Native AOT deployment
Native AOT on GitHub
Other C# Podcast Episodes

Summary

Stormy Peters talks about open source software and how to support the communities that create it.

Details

Who she is, what she does. What open source software is, what free means. Different types of OSS licenses, beerware, restrictive licenses. Commercial use of open software. Making OSS financially viable; tools that GitHub offers, most software is built on open source software. "We're not paying for free software!", normalizing paying for OSS; hard for companies to make payments; GitHub sponsors for companies. Individuals sponsoring/supporting OSS, getting in touch with maintainers. Barriers to getting involved. One-person projects. Sponsorship by programming language. Is anyone making enough money from sponsorship. How GitHub supports OSS developers; corporate sponsors. Copilot and its use of OSS. Future of OSS. How to get involved in OSS.

Support this podcast

Full show notes
@storming
Stormy's Wiki page
Stormy's web site
GitHub corporate sponsorship

Summary

Andy Gocke, lead of the native AOT and app model team at Microsoft talks about ahead-of-time compilation (AOT) in .NET.

Details

Who he is, what he does. Quick overview of ahead-of-time compilation (AOT); finding your code. Traditional compilation, interpreter vs compiler, translation from source to target languages. Operating systems, intermediate language (IL). There's always an interpreter. Just-in-time compilation (JIT); Java ran on multiple OSes, but .NET was Windows only; .NET ran on multiple architectures. Ready-to-run (R2R) and trimming. Tiered compilation, variable performance. R2R mixes precompiled and IL, native AOT only has precompiled. Trimming - getting rid of unneeded things, trouble with plugins and reflection; static analysis - don't ignore warnings. Why AOT was built, where it is a good fit. How much work it was; Core RT, low adoption, but good feedback. Good and bad use cases for AOT. For .NET 7 console apps and libraries, or if you don't get trim warnings; a single trim warning is too many. AOT and non-AOT OSS NuGet packages. .NET 8 support for ASP.NET. JIT and IL will not go away. AWS Lambda functions and AOT, exclusions, problems that might occur; trimmable all the way down. Getting started with AOT. Can't turn off trimming. Future of AOT.

Support this podcast

Full show notes
@andygocke
Native AOT deployment
Andy's de/serializer Serde-dn
More C# episodes

Summary

Tanya Janca talks about fixing your developer process so that security is part of the life cycle.

Details

Who she is, what she does. Becoming a penetration tester. Being a developer advocated. Adding security at the end of the software development life cycle; people wish there was a silver bullet for security. "We're secure, we don't need to test our security". Security should start at the project kickoff. Who owns security, the devs or the security team; getting authority and responsibility. Choosing what to fix; likelihood, potential losses, cost. Security stories during development iterations. Security gets in the way. Feature switches to turn off security in dev environments. Negotiating about what to fix; working around the process. Should security programming be a specialty. Don't build a tool if you can buy it. Copy pasting your way into trouble; Stack Overflow has a security section now; team to build core security tools. Buying services for authentication/authorization. Communicating with other applications. Why no HTTPS. Why encryption at rest when data is in the cloud. Security testing - static analysis, dependencies vulnerabilities, dynamic analysis. Security tools.

Support this podcast

Full show notes
@SheHacksPurple
SheHacksPurple
Tanya's music
We Hack Purple
Why No HTTPS
Other Security Podcast Episodes