101. Sustainability in Open Source with Sumana Harihareswara

On today’s episode we are joined by Sumana Harihareswara, a programmer, technology executive, and open source software expert. She currently works as a project manager and is the founder of New York–based consultancy Changeset. They provide project management services to free and open source software projects. Since 2007, Sumana has been leading and contributing to open source projects. Today, she shares some of her insights into open-source sustainability, sharing the experiences of projects she has worked on, and suggests ideas for what sustainability for open source could look like in the future. Along with this, she also talks about the invisibility of those who maintain open source and how to rethink their role. Join us today for an incredible conversation with Sumana Harihareswara! 

Key Points From This Episode:

  • Open source should be viewed as infrastructure.
  • Infrastructure is not being maintained as it should be.
  • Difference between chore and task.
  • Organizations do not realize their open source dependencies.
  • How open source software is currently maintained.
  • Tidelift is a model to look at for sustainability.
  • Infrastructure is unseen work.
  • How to think about maintainership.
  • Division between development and maintainership.
  • Finding community is important.
  • And much more!

Transcript for Episode 101. Sustainability in Open Source with Sumana Harihareswara

[0:00:01.9] MN: Hello and welcome to The Rabbit Hole, the definitive developer’s podcast in fantabulous Chelsea, New York. I’m Dave Anderson your host, while our regular host Mike Nunez is out on paternity. With me today, I have.

[0:00:16.7] WJ: William Jeffries.

[0:00:17.8] DA: We also have an esteemed guest with us today.

[0:00:20.7] SH: Sumana Harihareswara.

[0:00:22.2] DA: How are you doing, Sumana?

[0:00:24.3] SH: I am pretty well. Thank you both for having me.

[0:00:26.4] DA: Why don’t you tell the nice people a little bit about yourself.

[0:00:29.1] SH: I am a project manager and I have my own tiny, tiny consultancy. Change set consulting here in New York City. Changeset.nyc is the domain as I’m sure will be in the show notes and I concentrate on short term targeted project management for open source projects and organizations that depend on them.

For instance, last year, I was the project manager for the big revamp, overhaul of PYPI, the python package index. And have also worked with Zulip, the open source slack alternative with the Electronic Frontier Foundation on their HTTPS everywhere browser plugin and a bunch of other projects. I’m also the co-founder and chair and co-organizer of an arts festival at this year’s PyCon north America, the Art of Python and I know a lot about open source maintainership and I do some standup comedy. I read science fiction and I’m married and all that sort of stuff.

[0:01:29.6] DA: Nice, I think that’s a pretty good summary. Thank you so much for helping out with PYPI. That really is a life changing tool for all python developers and that’s really what we’re here to talk about today, we’re going to talk about sustainability and open source.

[0:01:48.7] SH: Yeah, sustainability and open source is a huge, huge topic, arguably, there are entire other podcast about it and certainly we owe a lot to Nadia Eghbal who had this foundational report, right? That she wrote, that she plated and research and wrote roads of –

[0:02:06.0] DA: I’ve not heard of her before.

[0:02:06.7] SH: Roads and bridges. Yeah, you should go ahead and take a look and at least skim this giant report that she wrote a few years ago.

[0:02:12.0] DA: Naida Eghbal, okay.

[0:02:13.3] SH: Nadia Eghbal. She in roads and bridges really got at the way that open source needs to be considered as infrastructure, not just as you know, some hobby projects that some hippies are doing over there. No. Approximately every organization in the world that uses software is in some way dependent on open source software somewhere in their dependency chains.

[0:02:37.8] DA: What I’m hearing is, we should consider this open source like the MTA?

[0:02:47.9] SH: It’s a reasonable comparison isn’t it?

[0:02:49.5] DA: I think it is. You know, just looking around and like at the start of the year, I feel like especially in the start of the year, people who are open source maintainers feel the pressure of it, based to like evaluate their yearly goals or whatever and they’re like wow, this is really hard. Am I getting everything I need in order to perpetuate this project, you know?

[0:03:10.3] SH: I would say that it feels to me like not only are open source maintainers hearing and seeing all of the results of under investment in infrastructure, in the infrastructure they maintain but everyone else is also hearing the creaks and seeing the delays. William, have you seen anything in open source projects that you depend on?

For instance, being – they don’t seem to be quite going at the clip that I was expecting.

[0:03:41.4] WJ: Well, I mean, there are a lot of major security breaches like heart bleed that tie directly into that. Open source packages are really critical point of vulnerability for most companies.

[0:03:52.9] DA: Yeah, I was really surprise d to find that JS Lint, which is used by every single dang java script project that I worked on recently is maintained by one guy. Just you know, one person, holding down the fort and you know. what a hero, I didn’t even know. It’s easy to like just kind of take it for granted.

[0:04:13.0] SH: I have this saying that I sometimes say, which is that hygiene is harder than heroics. Which is to say that the everyday consistency and discipline of doing the annoying difficult things in a really consistent way. That’s actually harder for a lot of people and a lot of organizations, than, what we call heroism.

[0:04:41.7] DA: Yeah, I totally agree. The idea of pushing it at the deadline and really punishing your body for like the victory. That is like celebrated in like sports and you know, firefighting and whatever else, business and if you are doing it in a sustainable way, no one will ever really raise an eyebrow.

[0:05:06.8] SH: There’s under celebration absolutely but there’s also just an entire mindset and not only rhetorical but emotional stance regarding tasks versus chores, right? If you think about something as a task, you feel happy when it’s done, you’ve accomplished something. If you think of something as a chore, if your organization thinks that something is a chore, then it is something to be minimized and outsourced and you know, made a quote, efficient and it’s a boring thing that you attempt to do as little of as possible until it’s done.

[0:05:40.5] DA: Right, especially as like aa young organization, a startup. You know, you don’t have that many resources, it’s like okay, let someone else worry about the world. That’s not my problem.

[0:05:53.2] SH: I am willing to believe that there are certain forces within startups that have that effect, but there’s also absolutely forces like that within huge organizations as well, right? You look at a fortune 50 org, if something is a sort of commodity service, are they going to actually have their own janitors in-house or are they going to try and do that contractors and do to the lowest bidder, right?

Similarly, anything that they consider to be a chore, having to do with anything that’s not their main business or product line, the driver of value, right? This gets very abstract and philosophical but when it comes down to for instance, well, we have a product or service and this goes for approximately every organization that has software that it runs, that users depend on it anyway.

You probably have a bunch of open source dependencies and many of them, no one in your organization has ever audited them.

[0:06:56.7] DA: Yeah.

[0:06:57.7] SH: No one’s inventoried them, no one has done any code review of the things that you depend on. We actually, as an industry seem to think that that is above and beyond paranoia.

[0:07:08.2] DA: It’s interesting that you know, tools that we depend upon to install dependencies have now taken it upon themselves, to a lot of them sometimes. NPM does an audit of the packages and okay, this version is flack within the vulnerability, you should upgrade this and I will just hammer you with that, infinitely, until you handle it but like, you know, that’s also a form of open source software, that we’re putting on.

[0:07:36.9] SH: Right, then the question of again, sustainability of like well, is NPM as a venture backed thing, right? You stay in this industry long enough and VC sounds like a dangerous term for I think you’re actually going to depend on.

[0:07:51.1] DA: yeah, like the idea of something like PYPI going away. I don’t know what I would do? I would just have to find all of the binaries on a website and like host my own?

[0:08:05.3] SH: It’s interesting. When I started looking at the situation of PyPI, it reminded me of back when I worked at the Wiki Media foundation. The nonprofit behind Wikipedia and other free knowledge projects. Because in both of these cases, the site got popular before the code got good.

[0:08:27.4] DA: Interesting.

[0:08:27.4] SH: January 2001, English Wikipedia starts and it’s just – the software’s just some PHP scripts that some people threw together. They didn’t even have a name, it was just called the scripts.

[0:08:41.3] DA: That’s it.

[0:08:42.7] SH: Then it sort of cohered, there’s a software engineer who worked on Media Wiki for a while who said that it’s Wiki text parsing grew organically, like mold on a shower curtain. Eventually, right, this sort of cohered into a PHP web application called media wiki and then there were traffic spikes and then it was just a race, a treadmill to keep this site up and keep it going and add caching and get backups for goodness sakes, all this incredibly immediate technical work that needed to happen, before there was a chance for any real re-architecture of Media Wiki on somewhat better grounds.

Similarly, python package index started as a big list of pointers practically, right? Just hyper links to other people’s websites where you could download binaries.

[0:09:38.3] DA: Interesting, I didn’t know that.

[0:09:38.3] SH: By the way, I’m summarizing here some history that I wrote up in a piece for LWN last year to tell people that the history of PYPI and also Dustin Ingram and Ernest W. German III who were both the developers who work on Warehouse and the software behind PYPI have given talks at regional python conferences and at PyCon north America that go into all this history and a lot more detail and those videos are all up and available on Py Video but anyway.

The software underneath PYPI, right? It had to then adapt to well, maybe we should actually host those binaries ourselves. Okay.

[0:10:14.6] DA: Which is called Warehouse?

[0:10:17.2] SH: The current software is called Warehouse because for a decade plus, right? It was kind of the equivalent of The Scripts. It was a really difficult to use, difficult to develop on pre-world of web frameworks web app, right? That was written in older python and so on and so on.

[0:10:41.8] DA: Legacy Python as we call it today.

[0:10:43.0] SH: Right. That’s what PYPI ran on but various people, especially Donald Stufft created a new thing, warehouse, which is built on Pyramid, which is a Python web framework and which had tests and you know, continuous integration and a proper separation of presentation and logic.

[0:11:06.9] DA:What a dream.

[0:11:07.4] SH: I know, right? These like lovely icing. That was the future of PYPI and volunteers worked on it and Donald Stufft got some free days from his employer on a regular basis to work on it and it really needed to become the main thing instead of this sort of side bait thing that was in beta.

The Python Software Foundation applied for funding from Mozilla, which provided some money via the open source support program to PSF, PSF dispersed that money to me and several other contractors and we basically got warehouse over the edge, so that we could flip the switch and have the real canonical PYPI be running on warehouse instead of the old legacy software.

[0:11:57.1] DA: That’s awesome.

[0:11:58.8] SH: We got that finished April of last year, I think it was and early May and in time for celebrating at PyCon north America. The sustainability side here, right? Is organizations which depend on Python, really ought to be considering donating some chunk of their proceeds to the python software foundation and being sponsors of the PSF.

Because the PSF can then fund the continued maintenance security updates and development of PYPI and other packaging utilities and something like that. Now, am I interested here? Yes, absolutely, change that consulting has a contract with the PSF to do some work on PYPI but even if I didn’t, I would still think this was a really good idea.

[0:12:45.7] DA: Yeah, especially like since you were saying before, it’s infrastructure, it’s the tunnel that we had taken to Python land.

[0:12:55.2] SH: Tell me about what Stride’s financial contributions are, what taxes does it pay, right? To the open source community, for the infrastructure that you depend on?

[0:13:03.8] DA: I’m not aware of that but stride does allow a budget for us to contribute back to open source software ourselves.

[0:13:09.9] SH: Like cash?

[0:13:10.5] DA: Yeah, like –

[0:13:13.3] WJ: Stride pays –

[0:13:15.3] SH: Not cash?

[0:13:15.5] WJ: Stride pays Stride employees to do open source software full time. This piece of both open source software that stride maintains called remote retro, which is to help teams conduct retros and Stride pays the primary maintainer and other maintainers on that code base to do that work.

It’s open, it’s up on GitHub and you can fork it if you want.

[0:13:42.1] SH: Right, but, for instance, what language is that written in?

[0:13:47.9] WJ: Elixir and React.

[0:13:48.6] DA: And React.

[0:13:49.0] SH: Okay, the people who actually maintain Elixir and React aren’t getting any money from stride, right?

[0:13:53.9] WJ: Well, I mean, there’s like an endless list of dependencies and trying to track all those people down and making sure that they get like –

[0:14:00.6] SH: Well, that’s where TideLift comes in, isn’t it? I do a tiny bit of consulting for TideLift so I am interested, I’m not absolutely objective there, but TideLift’s model is one of the ways that open source sustainability could possibly work in this freaking industry, right?

Libraries.io is the open source software that they use to kind of scan like a tri quarter, the dependencies in your world, right? Through your package manifests, chef puppet, whatever. Then, that tracks across a bunch of different package managers, language and frameworks. This C Pan module depends on this Ruby thing, depends on this Maven thing, whatever.

Then you find out what you actually depend on, you can pay some subscription money to TideLift and then they take care of the hard bit as it were, which is actually paying those maintainers, getting those maintainers, getting those maintainers paid, so that they can spend their time actually releasing new versions and fixing bugs and keeping up with security and licensing issues.

[0:14:59.9] WJ: How do you make sure that the money is going to the pieces of infrastructure that are almost critical to you? It might be that this particular project that we’re working on, the contributions are going toward relies really heavily on Graphene and that’s super important but that’s just one package in.

[0:15:15.5] SH: Is there a reason Graphene comes to mind William?

[0:15:18.4] WJ: Graphene is one that I think maybe use symbol of?

[0:15:20.4] DA: Yeah, I spent the past year working with Graphene and I’m actually giving a tutorial talk on Graphene at PyCon this year and I’m very excited about it, but also, you know, there’s some challenges like the core maintainer for many years has kind of like other interests and wants to move on to other things and so now we’re trying to struggle –

[0:15:42.3] SH: Is there a buzz factor issue?

[0:15:44.0] WJ: Absolutely.

[0:15:44.9] DA: Yeah, absolutely.

[0:15:45.7] SH: Who is the lieutenant? Who is second in command of Graphene and has that person shone any interest in being funded to work more on it? Et cetera?

[0:15:54.2] DA: I think the first in command is Cyrus Subarskie and the second in command is probably also Cyrus Subarskie. We’re going to have a conversation a couple of days with a group of investment people.

[0:16:02.8] WJ: Maybe the second in command could be Dave Anderson.

[0:16:05.1] DA: I don’t think so, but they’re going to have a community discussion about what kind of model might the future look like, versus handleability and I am definitely looking forward to having that conversation with people at PyCon as well like you know, getting some enthusiasm about GraphQL and Python and organizing something sustainable.

[0:16:25.9] SH: I will say, I have never personally gone through the title of sales process. In the sense of trying to pay money to title it so that they can pay money to maintainers. So, I don’t know as much about what you can fiddle with of, “I want a subscription for this.” Versus not that but my understanding is it is not all or nothing. It is okay, you are paying a subscription to these projects because these are key to you and you want the maintainer agreements, you want secure, dependability and sustainability on those projects.

That’s my understanding but I am sure you could probably get one of the Tidelift folks on this podcast to talk more about it. I often don’t say the marketing approved things about Tidelift. Like I’ve had them give me the presentation and nowhere in that presentation does it say any kind of tagline that goes like, “Making open source sustainable no, really this time,” which is one of the things I often see.

[0:17:20.5] DA: Yeah, many have tried.

[0:17:23.1] SH: I will say that no matter whether or not you are thinking about going with TideLift, it’s worth checking out libraries.io, just as a user of open source for a few reasons. One, is that you can use libraries.io, the website to subscribe to email notifications for new releases of any of the packages in like 30 different package managers and some of those package managing websites, some of those package managers don’t have email notifications, RSS, anything like that, right?

[0:17:51.4] DA: Yeah, it’s always a challenge like it’s nice like we talk about MPM like how it recently started having integrations to tell you when you should upgrade your packages, but it is something that is easy to forget about like once you have the functionality. It is doing the job for you, you can forget about your left pad viber or what have you.

[0:18:11.8] SH: It is funny how we have left pad and heart bleed in some of these other sort of poster children now for the problem, but not nearly enough people know about some of the solutions and some of the attempts that thinking about the – if I may theoretical frameworks, that step solutions would have to address stuff like the Roads and Bridges report and Tidelift, right? So, I am doing my tiny bit to tell people about that stuff.

[0:18:39.4] DA: Yeah, that’s true and those things, it says something about the media today where like the train wreck is the most attractive thing to look at to gawk at a little bit.

[0:18:48.8] SH: You say media today. I mean I am just imagining that whoever was going around retelling the Homer’s Odyssey had the same problem. People wanted to hear more about some bits more than others.

[0:19:04.2] DA: Yeah, please let me know how badly that experience the Lotus Eater went.

[0:19:08.9] SH: Like, the sweet bit at the end where Penelope is like, “Oh could you move the bed?” and he’s like, “How could I move the bed when it is literally built into the ground because I carved it out of the tree to like aha, that is how I know it’s you?” like not nearly enough people knew that.

[0:19:24.5] DA: No, I don’t remember that part, no.

[0:19:26.4] SH: Yeah, well the bard who came to your town was like bowing to popular demand and talking about selling the crib in this so.

[0:19:33.0] DA: Yeah, let’s hear that one again. But yeah, that is a great point. The sustainable models when they are working because people aren’t thinking about it like they don’t notice it because it’s a chore.

[0:19:49.9] SH: Infrastructure, the idea that infrastructure is whatever is not seen is also part of the division between what kinds of work we consider masculine versus feminine, right? Like the moment something seems boring, the moment something seems like a chore that we need to be dealing over and over again that are not very celebrated, you know the industry feminizes it, right? And it considers it to be women’s work.

[0:20:22.4] DA: Computers.

[0:20:23.4] SH: I mean the –

[0:20:24.1] DA: The original computers.

[0:20:25.7] SH: Right, the computer voice takeover, that book I think is a Mighty Press. All that kind of stuff Programmed Inequality. There is now so many other authors and speakers who write about this stuff, that I don’t even need. I can do my job instead of ranting about this all the time, which is nice.

[0:20:44.1] DA: You just point at things.

[0:20:44.7] SH: I just can point at things. But part of the problem of maintainership, part of the problem of how we consider open source maintainership to be or not be a role is, it’s different from lead dev, right? It’s not just the person who has the most skill at understanding the existing codebase, reviewing and making additions to it and architecting the next generation, which is all extremely important to do, right? Any codebase of any size that is going to be a going concern is going to need that set of skills.

But also, if you want to be a leader whether it is inside a company or inside a consortium or inside a government institution or a non-profit or an academic institution or an open source community. If you are the leader or the coordinator of other people’s efforts, there is a whole bunch of things that have to happen, like actually sharing your roadmap, instead of having it live in your head. Giving people reviews on their code that allow them not just to improve that bit of code but to understand better the context that they are operating in. So that someday they –

[0:22:00.8] DA: Right the broader direction that you are headed.

[0:22:02.5] SH: So that someday they will be able to review other people’s code and of course –

[0:22:08.0] DA: And community buy in and all of that like just giving.

[0:22:10.6] SH: Oh yeah, you’ll have to quote manager upstream, manager downstream, figure out budget, figure out. Yes, marketing is actually a thing because you wouldn’t want for instance some other project that is worse than yours to get more users.

[0:22:22.2] DA: They’d just be dazzling, better, shinier gifts on its website or docks there for the marketing too, I think.

[0:22:29.4] SH: Absolutely, they are for marketing in a certain way and I mean to me, when I think of marketing, there is awful marketing where you try and lie and manipulate and stuff like that and substitute sensation for usefulness. And then there’s the kind of marketing that is like making sure your neighbor knows about the thing that would make their life easier.

[0:22:51.6] DA: Right. Earnestly.

[0:22:54.3] SH: Yeah, I have been accused of being very earnest by many people. So yeah and so I have done a little bit of open source market, a lot of times that’s what it is. It’s a PSA, right? It is a public service announcement.

[0:23:06.6] DA: Yeah, there is something about just getting excited about something because it is very useful and wanting to get back to that.

[0:23:15.0] SH: Absolutely and so a lot of the things that a maintainer needs to do in order to help nurture an open source project, make sure it doesn’t freaking die on the vine, is stuff that the tech industry as a culture, at least the programming side of the tech industry often calls management. And it’s like it’s a dirty word.

[0:23:40.3] DA: You just want – well and the project that are more challenged to have maybe people who are like, the soul hero or survivor.

[0:23:52.7] SH: Well I’d actually like to know the both of you, right? Because you’re sort of microcosms, right? Both of you work in the tech industry, both of you probably came into it assuming that you would be programmers, right?

[0:24:03.0] DA: I started out as a support, a support guy person and –

[0:24:08.8] SH: What do you mean by support?

[0:24:09.6] DA: Technical support. So, I don’t know, I came from a non-traditional background. I think at the time when less people were doing that and so I came from an engineering background and make a lot of transition.

[0:24:22.9] SH: It’s funny to say non-traditional isn’t it? Because like, “How old are these traditions exactly?” it’s like the collectible Franklin Mint. It’s like we’re putting –

[0:24:31.5] DA: The traditions of the 90’s you know?

[0:24:33.2] SH: Yeah, when you thought, “Okay I am going into programming.” What was your view of what programmers did versus what managers did?

[0:24:43.3] WJ: I think I thought of the programmers is the one writing the code and the managers is doing something less interesting.

[0:24:50.5] DA: Spreadsheets.

[0:24:51.9] SH: No, seriously. What did you think managers do?

[0:24:54.2] WJ: I think of thought of managers as coordinators primarily. Everybody needs a manager, you need somebody who is going to be an advocate for you for the rest of the organization because internal facing the person, you get primary point of contact that you go through with questions about compensation or opportunities.

[0:25:17.1] DA: Or like mechanical, internal things.

[0:25:19.4] SH: And what did you think?

[0:25:21.0] DA: Yeah, I think something along that. I think we’ve had some good discussions about managers in technology. Let me check my tattoos, yeah so in episode 69 that was a great one. We talked with Kyle Rush about becoming a manager like what that means and yeah, we’ve had a couple of good discussions about that and how it means like growing with the team and being responsible for like making a garden versus other command and control kind of perspectives.

So, do you think that are there any good resources for people who want to get involved or like kind of trying to level up in these areas to become a better open source maintainer or who want to even just grow into that at all or consider that?

[0:26:12.0] SH: My feelings on that are that there are a lot of individual pieces of advice that are helpful in different contexts. Having a community of practice is incredibly important when you want to grow in any skill, right? Whether that skill is baking or bird watching or using React or being a better maintainer. So, finding the other maintainers in your language or framework community and talking to them is going to be very helpful. There are some general open source maintainer conference and online communities.

So, for instance, if your community participates in Google summer of code, there is a yearly mentor summit that is a really excellent conference that Google will pay for two people from your organization to come to. That is one of the reasons to participate in GSoC, so that your organ sends some people into that mentor summit because it is a community of open source maintainers who all want to help get more contributors in there.

[0:27:21.9] DA: Yeah, I already thought about the idea of really driving it towards community like finding, even if you are alone in that task of maintaining it or being the leader there, there are other leaders out there that you can –

[0:27:36.6] SH: There are and there are other maintainer related conferences. There is maintainaranti, there’s sustain OSS, there are some online communities that GitHub itself is working with and I think becoming a TideLift lifter is also going to hook you in a particular community, but also, some of these skills are management skills, right? You have the skill of managing things in general. You have the skill of managing software projects and you have the skill of managing open source projects.

And there are – I’ve actually got a blog post that we can link to the shownotes that is basically here are a bunch of resources at each of these levels. If you’ve never run anything before then you are also going to need stuff at that first level. If you have run things, like let’s say an arts festival but you have never run a software project before, you’re also going to need stuff at that second level and if you’ve run software projects in the enterprise on a proprietary project but never open source, you are going to need stuff at that third level.

That third level, the Bible there is Karl Fogel’s book, Producing Open Source Software, but I have several blog posts that seem to want to become a book about being a maintainer, not just in greenfield but in brownfield, right? Not just starting an open source project and setting it up well but coming into an existing one maybe when you have never run things before.

[0:29:06.0] DA: Yeah, maybe we can put some links to that in the show notes.

[0:29:08.9] SH: Yeah, sounds good.

[0:29:09.7] DA: Yeah, I definitely feel like I fall into that third category where I might check out that book or those blog post myself.

[0:29:17.8] SH: You mean the book that doesn’t exists yet that I need to write?

[0:29:20.5] DA: Oh, well one day but building open source software book.

[0:29:24.2] SH: Karl Fogel’s book is absolutely a tremendous resource and not nearly enough people know about that.

[0:29:29.0] DA: Yeah, I have never heard about it before. Yeah, I mean I have heard cats but not distributed cats before so.

[0:29:33.9] SH: Wait, I’m sorry what?

[0:29:36.1] DA: You know, distributed network of global cats that are everywhere helping you build software, open source cats.

[0:29:42.1] SH: I’m sorry, I still don’t understand.

[0:29:43.7] DA: It’s a bad metaphor.

[0:29:46.3] SH: Okay.

[0:29:47.1] DA: Yeah, it was wonderful chatting with you about maintainability in open source Sumana. Is there any way that people can reach out to you?

[0:29:56.3] SH: Absolutely, I have a website. If you search for my name Sumana, you will get there. I’ve been blogging for nearly 20 years there’s that but also I am on mastedon.social as @brainwane or if you prefer proprietary social networks, I am on Twitter as brainwane

[0:30:20.8] DA: I think I have seen you around there.

[0:30:22.2] WJ: Well we’ve have to have you back some time.

[0:30:24.5] SH: I would love to chat with you some more especially about an arts festival that I am about to run at PyCon North America called the Art of Python.

[0:30:32.3] DA: That sounds great.

[0:30:33.1] WJ: A little bit of foreshadowing there.

[0:30:35.4] SH: Foreshadowing, that sounds like an art term, William.


[0:30:40.4] DA: Follow us now on Twitter @radiofreerabbit so we can keep the conversation going. Like what you hear? Give us a five star review and help developers just like you find their way into The Rabbit Hole and never miss an episode, subscribe now however you listen to your favorite podcast. On behalf of our producer extraordinaire, William Jeffries and our amazing host, Michael Nunez, who is out being a dad and me, your host, Dave Anderson, thanks for listening to The Rabbit Hole.


Links and Resources:

The Rabbit Hole on Twitter

Changeset Consulting



Electronic Frontier Foundation

PyCon North America

Nadia Eghbal

Roads and Bridges Report




Python Software Foundation




Programmed Inequality

Google Summer of Code


Sustain OSS

Producing Open Source Software

Sumana's Blog

Sumana's Mastadon Social Account