February 2026
Package Manager Podcast Episodes
A reference list of podcast episodes about package managers, grouped by ecosystem.
Sandwich Bill of Materials
SBOM 1.0: A specification for sandwich supply chain transparency.
Dependency Resolution Methods
A reference on how package managers solve the version constraint satisfaction problem, from SAT solvers to content-addressed stores.
Crates.io's Freaky Friday
What happens when Rust's package registry wakes up with Debian's design choices?
Git's Magic Files
Magic files and where to find them: .gitignore, .gitattributes, .mailmap, .git-blame-ignore-revs, .lfsconfig, and more.
Package Management at FOSDEM 2026
Summary of package management talks from FOSDEM 2026, covering supply chain security, attestations, SBOMs, dependency resolution, and distribution packaging across multiple devrooms.
Incident Report: CVE-2024-YIKES
A series of unfortunate events.