Great post on the problems organizations will face operationalizing SBOMs:

tomalrichblog.blogspot.com/2022/10/heres-…

Nice surprise! You can watch the talks live. dagger one coming up in 30 mins.

There is another track, see David Flanagan's tweets for the other link.

Here we go, Liz Rice @ KubeHuddle 🏴󠁧󠁢󠁳󠁣󠁴󠁿🐝 💙💛 kicking us off KubeHuddle with talk about using eBPF!

Starting the day with a powerful talk about an important topic and how well meant intent can still have negative impact

Good advice for everyone participating in hacktoberfest. Good luck everyone and be excellent to each other.

Enjoy everybody! So sorry I can't make it :(

Chainguard ⛓ introduced #Wolfi – the first Linux (Un)distro designed for securing the software supply chain!

Find all the details in the below blog post by Dan Lorenc 👇
chainguard.dev/unchained/intr…

Normally I enjoy these stories but this one is just painful 😬

I wouldn't call your actions a fuck-up Hazel Weakly, you made reasonable guesses under intense pressure.

Please read this to build some empathy towards women who have to endure this kind of shit just because they go to a tech conference. This should not happen

As a sensible person™️, I’m isolating at home after +ve covid test. This means I can’t do KubeHuddle in Edinburgh 😭🏴󠁧󠁢󠁳󠁣󠁴󠁿
I also can’t get refunds on flights or hotel 🤬
So, if anyone needs a room for Sunday & Monday in Edinburgh for #KubeHuddle , DM me 💬
#Kubernetes #CovidSucks

If you loved DevOpsDays London and are sad you have to wait a whole year to connect with a lovely, welcoming community, fear not! We have #Kubernetes Community Days UK in London on 22nd & 23rd Nov, please join us 🙏
Early bird tickets on sale ti.to/open-source-ev… #DevOpsDaysLDN

Getting excited for KubeHuddle !!

This paragraph by Moxie Marlinspike in his web3 take-down piece changed the way I think about sigstore.

Swap 'people will not manage their own keys' for 'people will not run their own servers' and you see how Sigstore can decentralize trust with simple, centralized infrastructure.

Are you curious about distroless OCI images, reproducible builds, and the open source tooling behind #Wolfi and Chainguard ⛓ Images? Then join me online tomorrow at Full-Stack NL to learn more about apko: meetup.com/full-stack-nl/…

There are a few issues here. First, to anything thinking 'if I run docker build twice, the second build is fast and identical to the first', that's not reproducible, that's just cached. 1/

Hey friends! Chainguard ⛓ is working w/Eclipse Foundation Rust Foundation and OpenSSF to understand how #SupplyChainSecurity practices resonate w/users and which ones are in use

We'd 💙 to hear from U! hubs.la/Q01nbYT70

(We'll donate $10 to Outreachy Internships for each response!)

Thanks Darren Shepherd! You groked what we're up to pretty damn quick.