Show Notes online - http://podcast.thinkingelixir.com/299

Elixir Community News

• https://paraxial.io/ – Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a special offer.
• https://marketing.erlef.org/news/grant-petition.html – The Erlang Ecosystem Foundation is seeking community backing for a grant that would fund two full years of work on the Ægis security project — improving how packages are published, verified, and trusted across Hex and the broader ecosystem. The deadline to show support is April 17th.
• https://hex.pm/blog/security-audit – Hex.pm published the results of its first comprehensive third-party security audit, made possible by Alpha-Omega under the OpenSSF. Two firms — Paraxial.io and zentrust partners GmbH — reviewed the Hex registry, clients, documentation infrastructure, and supporting systems. Three high-severity issues were found and have all been fixed.
• https://paraxial.io/blog/hex-pentest – Michael Lubas of Paraxial.io shares details of the white-box penetration testing performed on Hex.pm as part of the Ægis security audit.
• https://hex.pm/reports/2026/zentrust.pdf – The published report from zentrust partners GmbH covering their adversarial/red-team style assessment of Hex.pm, including 3 high-severity findings (all now fixed) plus medium and low severity items.
• https://x.com/josevalim/status/2042245524116439169 – José Valim announces a massive update to Tidewave, teasing several days of videos and screenshots covering new features.
• https://hexdocs.pm/tidewave/ui_variants.html – Documentation for Tidewave's new UI Variants feature, which lets your coding agent build different versions of a page or UI component so you can pick and refine your favorite — all integrated directly in the browser.
• https://www.youtube.com/watch?v=8px8GdpID74 – Video demo of Tidewave's new UI Variants feature in action.
• https://x.com/adamwathan/status/2041977909502489060 – Adam Wathan (creator of TailwindCSS) shows off ui.sh, a set of skills for creating UIs in coding agent CLIs like Claude Code and Codex — noted as a comparison point to Tidewave's more integrated, browser-native experience.
• https://x.com/josevalim/status/2042608254065287565 – José Valim demos Tidewave's new "vision" mode, which lets your coding agent take screenshots and record videos of your web app — including demoing a feature working on both desktop and mobile resolutions and delivering results to Slack.
• https://x.com/josevalim/status/2042581154067337280 – José Valim announces that Hex.pm will now serve llms.txt files for Elixir/Erlang packages if the accept header is text/markdown. Package authors using ExDoc should update to the latest version and republish their docs.
• https://github.com/remoteoss/dexter – Remote released Dexter, a new Elixir LSP written in Go. An interesting alternative to the official LSP, though its positioning relative to the official tooling raises some questions.
• https://github.com/typhoonworks/lotus – Lotus is an embeddable BI (Business Intelligence) engine for Elixir apps featuring an SQL editor, dashboards, visualizations, and AI-powered query generation that mounts directly into a Phoenix app — no Metabase, Redash, or extra infrastructure needed.
• https://lotus.typhoon.works/lotus – The Lotus demo app showcasing its latest features including an AI-powered query assistant (BYOK), dashboards with filters and public sharing, 16 chart types, improved query results with right-click filtering and sorting, and more.
• https://github.com/ghostty-org/ghostty – Ghostty is a fast, feature-rich, native terminal emulator. Its libghostty library is a cross-platform C and Zig library for building terminal emulators or embedding terminal functionality into applications.
• https://github.com/dannote/ghostty_ex – ghostty_ex is an Elixir library that wraps libghostty-vt, bringing a SIMD-optimized VT parsing terminal emulator to the BEAM. Terminals are GenServers, with full Unicode, 24-bit color, and scrollback with text reflow.
• https://github.com/dannote/ghostty_ex?tab=readme-ov-file#liveview – The LiveView integration section of the ghostty_ex README, showing how to install the LiveView hook into a Phoenix app and use the Ghostty.LiveTerminal.Component to handle keyboard events and PTY lifecycle.
• https://x.com/flaviocopes/status/2039973060158095827 – Flavio Copes explains how Axios was compromised via a targeted ClickFix attack — a social engineering technique that tricks maintainers into pasting malicious text into their terminal.
• https://github.com/axios/axios/issues/10636 – Public post-mortem from the Axios team on the npm supply chain compromise, shared with the community for transparency and awareness.
• https://cybersecuritynews.com/clickfix-attack/ – An explainer on the ClickFix attack — how hackers use it to trick users into running malware by pasting content from the web into their terminal.
• https://github.com/axios/axios/issues/10636#issuecomment-4182134203 – A GitHub comment documenting multiple recent instances of similar ClickFix-style supply chain attacks across other open source projects.
• https://x.com/simonw/status/2040080868958765229 – Simon Willison weighs in on the Axios supply chain attack via ClickFix social engineering.
• https://simonwillison.net/2026/Apr/3/supply-chain-social-engineering/ – Simon Willison's write-up on the Axios supply chain attack and the social engineering tactics used — noting how time pressure during meetings makes maintainers especially vulnerable to quickly clicking through install prompts.

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Find us online

• Message the show - Bluesky
• Message the show - X
• Message the show on Fediverse - @ThinkingElixir@genserver.social
• Email the show - show@thinkingelixir.com
• Mark Ericksen on X - @brainlid
• Mark Ericksen on Bluesky - @brainlid.bsky.social
• Mark Ericksen on Fediverse - @brainlid@genserver.social
• David Bernheisel on Bluesky - @david.bernheisel.com
• David Bernheisel on Fediverse - @dbern@genserver.social

Sponsored By:

• Paraxial.io: Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a special offer.

Show Notes online - http://podcast.thinkingelixir.com/269

Elixir Community News

• https://paraxial.io/ – Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a special offer.
• https://github.com/elixir-lang/expert – Expert, the new official Elixir LSP was released
• https://expert-lsp.org/ – Expert LSP official website
• https://github.com/elixir-lang/expert/blob/main/pages/installation.md#editor-specific-setup – Installation instructions for different editors
• https://zed.dev/docs/languages/elixir#expert – Zed editor already supports Expert
• https://x.com/josevalim/status/1960402157922082981 – José Valim announces Tidewave Web first update
• https://tidewave.ai/blog/editor-integration-notifications – Tidewave Web blog post and full changelog
• https://x.com/josevalim/status/1960692138112352355 – José mentions plans to open public roadmap soon
• https://x.com/josevalim/status/1962491846795391333 – José Valim interviewed about Tidewave Web with Ruby focus
• https://rubyai.beehiiv.com/p/ruby-ai-introducing-tidewave-interview-with-jos-valim#interview-with-jose-valim – Full Ruby AI interview with José Valim
• https://x.com/josevalim/status/1960683093225865463 – José discusses Zed's Agent Client Protocol (ACP)
• https://github.com/zed-industries/zed/blob/main/crates/agent_servers/src/claude.rs – Zed working on Claude Code support
• https://github.com/orgs/tidewave-ai/projects/1 – Tidewave's public roadmap
• https://github.com/polvalente/handoff – Paulo Valente's handoff library v0.2.0 for distributed graph execution
• https://x.com/elixirmembrane/status/1961071773438574897 – LiveDebugger v0.4.0 release announcement
• https://forms.gle/V6tUHpJt94vi1v1TA – LiveDebugger feedback form
• https://github.com/software-mansion/live-debugger – LiveDebugger GitHub repository
• https://x.com/josevalim/status/1962649394139877479 – José Valim shares Elixir's exceptional LLM performance results
• https://x.com/tomthesilva/status/1962628935730241712 – Thomas Silva's research on language performance in code generation
• https://github.com/Tencent-Hunyuan/AutoCodeBenchmark – Tencent's AutoCodeBenchmark multilingual coding evaluation
• https://github.com/Tencent-Hunyuan/AutoCodeBenchmark/blob/main/figures/exp_acb.png – Benchmark results showing Elixir's top performance
• https://x.com/hugobarauna/status/1961914102764261688 – Next ElixirConf US announced for Chicago
• Errata correction from José about OIDC implementation attribution to Jonatan Männchen
• https://x.com/zack_overflow/status/1960771720727683507 – New developer dependency attack vector using AI CLI tools
• https://www.stepsecurity.io/blog/supply-chain-security-alert-popular-nx-build-system-package-compromised-with-data-stealing-malware – Supply chain security alert about compromised Nx package
• https://semgrep.dev/blog/2025/security-alert-nx-compromised-to-steal-wallets-and-credentials/ – Semgrep security analysis of the NPM project's Nx compromise
• https://www.anthropic.com/news/claude-for-chrome – Anthropic's post about securing browser interactions

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Find us online

• Message the show - Bluesky
• Message the show - X
• Message the show on Fediverse - @ThinkingElixir@genserver.social
• Email the show - show@thinkingelixir.com
• Mark Ericksen on X - @brainlid
• Mark Ericksen on Bluesky - @brainlid.bsky.social
• Mark Ericksen on Fediverse - @brainlid@genserver.social
• David Bernheisel on Bluesky - @david.bernheisel.com
• David Bernheisel on Fediverse - @dbern@genserver.social

Sponsored By:

• Paraxial.io: Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a special offer.

Show Notes online - http://podcast.thinkingelixir.com/259

Elixir Community News

• https://www.honeybadger.io/ – Honeybadger.io is sponsoring today's show! Keep your apps healthy and your customers happy with Honeybadger! It's free to get started, and setup takes less than five minutes.
• https://phoenix.new/ – Chris McCord's phoenix.new project is open to the public
• https://x.com/chris_mccord/status/1936068482065666083 – Phoenix.new was opened to the public - a service for building Phoenix apps with AI runtime, full browser IDE, and remote development capabilities
• https://github.com/elixir-ecto/ecto – Ecto v3.13 was released with new features including transact/1, schema redaction, and built-in JSON support
• https://github.com/elixir-ecto/ecto/blob/v3.13.2/CHANGELOG.md#v3132-2025-06-24 – Ecto v3.13 changelog with detailed list of new features and improvements
• https://github.com/elixir-nx/nx – Nx v0.10 was released with documentation improvements and floating-point precision enhancements
• https://github.com/elixir-nx/nx/blob/main/nx/CHANGELOG.md – Nx v0.10 changelog including new advanced guides and NumPy comparison cheatsheets
• https://paraxial.io/blog/phoenix-security-docs – Phoenix 1.8 gets official security documentation covering OWASP Top 10 vulnerabilities
• https://github.com/phoenixframework/phoenix/pull/6295 – Pull request adding comprehensive security guide to Phoenix documentation
• https://bsky.app/profile/zachdaniel.dev/post/3lscszxpakc2o – Zach Daniel announces new "evals" package for testing and comparing AI language models
• https://github.com/ash-project/evals – Evals project for evaluating AI model performance on coding tasks with structured testing
• https://bsky.app/profile/elixirconf.bsky.social/post/3lsbt7anbda2o – ElixirConf US speakers beginning to be announced including keynotes from José Valim and Chris McCord
• https://elixirconf.com/#keynotes – ElixirConf website showing keynote speakers and initial speaker lineup
• https://x.com/sasajuric/status/1937149387299316144 – Saša Jurić shares collection of writings on Elixir project organization and structure recommendations
• https://medium.com/very-big-things/towards-maintainable-elixir-the-core-and-the-interface-c267f0da43 – Saša Jurić's article on organizing Elixir projects with core and interface separation
• https://medium.com/very-big-things/towards-maintainable-elixir-boundaries-ba013c731c0a – Article on using boundaries in Elixir applications for better structure
• https://medium.com/very-big-things/towards-maintainable-elixir-the-anatomy-of-a-core-module-b7372009ca6d – Deep dive into structuring core modules in Elixir applications
• https://github.com/sasa1977/mix_phx_alt – Demo project showing alternative Phoenix project structure with core/interface organization
• https://github.com/getsentry/sentry-elixir/blob/master/CHANGELOG.md#1100 – Sentry updates Elixir SDK to v11.x with tracing support using OpenTelemetry

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Discussion Resources

• https://phoenix.new/ – The Remote AI Runtime for Phoenix. Describe your app, and watch it take shape. Prototype quickly, experiment freely, and share instantly.
• https://x.com/chris_mccord/status/1936074795843551667 – You can vibe code on your phone
• https://x.com/sukinoverse/status/1936163792720949601 – Another success example - Stripe integrations
• https://openai.com/index/openai-codex/ – OpenAI Codex, Open AI's AI system that translates natural language to code
• https://devin.ai/ – Devin is an AI coding agent and software engineer that helps developers build better software faster. Parallel cloud agents for serious engineering teams.
• https://www.youtube.com/watch?v=ojL_VHc4gLk – Chris McCord's ElixirConf EU Keynote talk titled "Code Generators are Dead. Long Live Code Generators"

Guest Information

• https://x.com/chris_mccord – on X/Twitter
• https://github.com/chrismccord – on Github
• http://chrismccord.com/ – Blog

Find us online

• Message the show - Bluesky
• Message the show - X
• Message the show on Fediverse - @ThinkingElixir@genserver.social
• Email the show - show@thinkingelixir.com
• Mark Ericksen on X - @brainlid
• Mark Ericksen on Bluesky - @brainlid.bsky.social
• Mark Ericksen on Fediverse - @brainlid@genserver.social
• David Bernheisel on Bluesky - @david.bernheisel.com
• David Bernheisel on Fediverse - @dbern@genserver.social

Sponsored By:

• Honeybadger.io: Honeybadger is a performance monitoring and error tracking tool that combines the best monitoring features into one simple interface that works with all the frameworks you use and comes with fantastic support from a small team of passionate developers. With error tracking, performance and uptime monitoring, log management, dashboards, and more, Honeybadger has everything you need to gain real-time insights into the health of your Elixir and Phoenix applications. Keep your apps healthy and your customers happy with Honeybadger! It's free to get started, and setup takes less than five minutes. Start monitoring today →

Show Notes online - http://podcast.thinkingelixir.com/252

Elixir Community News

• https://paraxial.io/ – Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a limited time offer.
• https://youtu.be/vGue4LtqeWg – Introduction video for Tidewave, a Phoenix/Rails MCP server that helps AI-enabled editors access your application's runtime.
• https://github.com/hexpm/hexdocs/issues/49 – Hexdocs PR enabling documentation context for Tidewave, allowing AI assistants to access app documentation without manual copying.
• https://x.com/chris_mccord/status/1915017804937375896 – Chris McCord teasing his AI-enabled Phoenix app that writes code.
• https://x.com/chris_mccord/status/1917002231322116298 – Chris McCord demonstrating an interactive LiveView hosted IDE with realtime terminal support synced across browsers/devices.
• https://bsky.app/profile/theerlef.bsky.social/post/3lngay5chys22 – EEF announcement about the "mix-dependency-submission" GitHub Action for submitting Elixir/Mix dependencies.
• https://github.com/erlef/mix-dependency-submission – GitHub repo for the mix-dependency-submission tool that calculates dependencies for Mix and submits them to GitHub's API.
• https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api – GitHub documentation about the Dependency Submission API used by the mix-dependency-submission tool.
• https://exmeralda.chat/chat/start – ExMeralda.chat, a chatbot for hex.pm packages from bitcrowd.dev, using their Elixir RAG library.
• https://bitcrowd.dev/exmeralda-a-community-chatbot-for-hex-packages/ – Blog post explaining ExMeralda, a community chatbot for Hex packages that demonstrates RAG systems with LLMs.
• https://www.reddit.com/r/elixir/comments/1k600mu/livedebugger_v020_upcoming_features_part_1/ – Reddit post from Software Mansion about upcoming features in LiveDebugger v0.2.0, expected in early May.
• https://www.youtube.com/watch?v=HNl-y49Ou7E – Full interview discussing LiveDebugger in more depth.
• https://github.com/randycoulman/mix_test_interactive – mix test.interactive - an interactive test runner for ExUnit tests that enhances testing workflows.
• https://x.com/jskalc/status/1916824204156035300 – Twitter post highlighting mix test.interactive's features including running tests by names, rerunning on file save, and more.
• https://erlef.org/blog/eef/election-2025 – Information about upcoming Erlang Ecosystem Foundation board elections with important dates.
• https://andrealeopardi.com/posts/async-tests-in-elixir/ – Andrea Leopardi's blog post about reworking singleton architecture to leverage async tests in ExUnit.
• https://www.youtube.com/watch?v=KrAqMyjbkJQ – ElixirConf US 2024 talk by Jason Stiebs on FLAME (Fleeting Lambda Application for Modular Execution).
• https://www.youtube.com/watch?v=62OK9B4yRfg – ElixirConf US 2024 talk by James Isenhart on 'OpenTelemetry: From Desire to Dashboard'
• https://gridinsoft.com/blogs/slopsquatting-malware/ – Article about slopsquatting, a new malware technique targeting AI-assisted developers by exploiting AI hallucinations of package names.

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Find us online

• Message the show - Bluesky
• Message the show - X
• Message the show on Fediverse - @ThinkingElixir@genserver.social
• Email the show - show@thinkingelixir.com
• Mark Ericksen on X - @brainlid
• Mark Ericksen on Bluesky - @brainlid.bsky.social
• Mark Ericksen on Fediverse - @brainlid@genserver.social
• David Bernheisel on Bluesky - @david.bernheisel.com
• David Bernheisel on Fediverse - @dbern@genserver.social

Sponsored By:

• Paraxial.io: Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a limited time offer.

Show Notes online - http://podcast.thinkingelixir.com/251

Elixir Community News

• https://paraxial.io/ – Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a limited time offer.
• https://x.com/ErlangDiscu/status/1914259474937753747 – Unauthenticated Remote Code Execution vulnerability discovered in Erlang/OTP SSH.
• https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2 – Official security advisory for the Erlang/OTP SSH vulnerability.
• https://paraxial.io/blog/erlang-ssh – Paraxial.io's detailed blog post addressing how the SSH vulnerability impacts typical Elixir systems.
• https://elixirforum.com/t/updated-nerves-systems-available-with-cve-2025-32433-ssh-fix/70539 – Updated Nerves systems available with SSH vulnerability fix.
• https://bsky.app/profile/oban.pro/post/3lndzg72r2k2g – Announcement of Oban Pro v1.6's new "Cascade Mode" feature.
• https://oban.pro/articles/weaving-stories-with-cascading-workflows – Blog post demonstrating Oban Pro's new Cascading Workflows feature used to create children's stories with AI.
• https://bsky.app/profile/josevalim.bsky.social/post/3lmw5fvnyvc2k – José Valim teasing a new logo with "Soon" message.
• https://tidewave.ai/ – New site mentioned in José Valim's teasers, not loading to anything yet.
• https://github.com/tidewave-ai – New GitHub organization related to José Valim's upcoming announcement.
• https://github.com/tidewave-ai/mcp_proxy_elixir – The only public project in the tidewave-ai organization - an Elixir MCP server for STDIO.
• https://x.com/chris_mccord/status/1913073561561858229 – Chris McCord teasing AI development with Phoenix applications.
• https://ashweekly.substack.com/p/ash-weekly-issue-13 – Zach Daniel teasing upcoming Ash news to be announced at ElixirConf EU.
• https://elixirforum.com/t/dune-sandbox-for-elixir/42480 – Dune - a sandbox for Elixir created by a Phoenix maintainer.
• https://github.com/functional-rewire/dune – GitHub repository for Dune, an Elixir code sandbox.
• https://blog.sequinstream.com/why-we-built-mini-elixir/ – Blog post explaining Mini Elixir, another Elixir code sandbox solution.
• https://github.com/sequinstream/sequin/tree/main/lib/sequin/transforms/minielixir – GitHub repository that contains Mini Elixir, an Elixir AST interpreter.
• https://www.reddit.com/r/elixir/comments/1k27ekg/we_built_a_custom_elixir_ast_interpreter_for/ – Reddit discussion about Mini Elixir AST interpreter.
• https://github.com/semaphoreio/semaphore – Semaphore CI/CD platform open-sourced under Apache 2.0 license - primarily an Elixir application.
• https://semaphore.io/ – Official website for Semaphore CI/CD platform.
• https://docs.semaphoreci.com/CE/getting-started/install – Installation guide for Semaphore Community Edition.
• https://bsky.app/profile/markoanastasov.bsky.social/post/3lj5o5h5z7k2t – Announcement from Marko Anastasov, co-founder of Semaphore CI, about open-sourcing their platform.
• https://github.com/elixir-dbvisor/sql – GitHub repository for SQL parser and sigil with impressive benchmarks.
• https://groups.google.com/g/elixir-ecto/c/8MOkRFAdLZc?pli=1 – Discussion about SQL parser being 400-650x faster than Ecto for generating SQL.
• https://bsky.app/profile/bcardarella.bsky.social/post/3lndymobsak2p – Announcement about BeaconCMS reducing development due to Dockyard cuts.
• https://bsky.app/profile/did:plc:vnywtpvzgdgetnwea3fs3y6w – Related profile for BeaconCMS announcement.
• https://beaconcms.org/ – BeaconCMS official website.
• https://github.com/BeaconCMS/beacon – GitHub repository for BeaconCMS.

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Discussion Resources

• Discussion about Device Bound Session Credentials, a W3C initiative being built into major browsers that will require minor changes to Phoenix for implementation.
• https://w3c.github.io/webappsec-dbsc/ – W3C - Device Bound Session Credentials proposal
• https://github.com/w3c/webappsec-dbsc/ – Device Bound Session Credentials explainer
• https://developer.chrome.com/docs/web-platform/device-bound-session-credentials – Device Bound Session Credentials (DBSC) on the Google Chrome developer blog
• https://en.wikipedia.org/wiki/Trusted_Platform_Module – Wikipedia article on Trusted Platform Module, relevant to Device Bound Session Credentials discussion.
• https://www.grc.com/sn/sn-1021-notes.pdf – Other podcast show notes discussing Device Bound Session Credentials (DBSC).
• https://twit.tv/shows/security-now/episodes/1021?autostart=false – Security Now podcast episode covering Device Bound Session Credentials (time coded link to discussion).

Find us online

• Message the show - Bluesky
• Message the show - X
• Message the show on Fediverse - @ThinkingElixir@genserver.social
• Email the show - show@thinkingelixir.com
• Mark Ericksen on X - @brainlid
• Mark Ericksen on Bluesky - @brainlid.bsky.social
• Mark Ericksen on Fediverse - @brainlid@genserver.social
• David Bernheisel on Bluesky - @david.bernheisel.com
• David Bernheisel on Fediverse - @dbern@genserver.social

Sponsored By:

• Paraxial.io: Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a limited time offer.

Show Notes online - http://podcast.thinkingelixir.com/250

Elixir Community News

• https://paraxial.io/ – Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a limited time offer.
• https://erlef.org/blog/eef/election-2025 – EEF board elections announced with important dates - candidacy submissions by May 8th, voting open May 9-16th.
• https://x.com/TheErlef/status/1911847956308959650 – Gleam v1.10.0 will ship with Build SBoMs and SLSA build provenance for all release artifacts and Docker images, improving visibility into dependencies and software supply chain security.
• https://x.com/theerlef/status/1910348770514006242 – The "Elixir Secure Coding Training (ESCT)" project has been transferred to the Erlang Ecosystem Foundation for a more permanent home and maintainership.
• https://bsky.app/profile/davelucia.com/post/3lmcqhzoc7c26 – Dave Lucia shares information about the ESCT project transfer from Podium to TvLabs and ultimately to the EEF.
• https://github.com/erlef/elixir-secure-coding – An interactive cybersecurity curriculum designed for enterprise use at software companies using Elixir.
• https://github.com/phoenixframework/phoenix/pull/6184 – Fix for Plug.Debugger screen which was showing ANSI codes in HTML.
• https://github.com/phoenixframework/phoenix/pull/6194 – Fix for the Phoenix installer's incorrect application of custom variants in tailwind v4.
• https://github.com/team-alembic/ash_authentication/security/advisories/GHSA-3988-q8q7-p787 – AshAuthentication vulnerability published with mitigation steps - update packages, set require_interaction to true, and add confirm_route above auth_routes.
• https://elixirconf.com/ – ElixirConf US 2025 is open for submitting talks and workshops in Orlando. Talk submissions due April 29, workshop submissions due April 15.
• https://x.com/elixirconf/status/1907843035544826137 – Announcement for ElixirConf US 2025 in Orlando with deadlines for talk and workshop submissions.
• https://x.com/ElixirConfEU/status/1911747531953832323 – ElixirConfEU Speakers were announced for the upcoming conference in Krakow, Poland.
• https://www.elixirconf.eu/#tickets – Ticket information for ElixirConfEU - 250 Euros for virtual ticket, 600 Euros for in-person ticket.
• https://www.elixirconf.eu/#keynotes – Keynote information for ElixirConfEU in Krakow, Poland, May 14-16 (training on May 14, regular sessions on May 15-16).

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Find us online

• Message the show - Bluesky
• Message the show - X
• Message the show on Fediverse - @ThinkingElixir@genserver.social
• Email the show - show@thinkingelixir.com
• Mark Ericksen on X - @brainlid
• Mark Ericksen on Bluesky - @brainlid.bsky.social
• Mark Ericksen on Fediverse - @brainlid@genserver.social
• David Bernheisel on Bluesky - @david.bernheisel.com
• David Bernheisel on Fediverse - @dbern@genserver.social

Sponsored By:

• Paraxial.io: Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a limited time offer.

Show Notes online - http://podcast.thinkingelixir.com/248

Elixir Community News

• https://elixir-lang.org/blog/2025/03/25/cyanview-elixir-case/ – New Elixir case study about Cyanview, a Belgian company whose Remote Control Panel for camera shading is used at major events like the Olympics and Super Bowl. Their Elixir-powered solution enables remote camera control across challenging network conditions.
• https://oban.pro/docs/pro/1.6.0-rc.1/changelog.html – Oban Pro 1.6 released with subworkflows, improved queue partitioning (20x faster), and a new guide explaining different job composition approaches.
• https://oban.pro/docs/pro/1.6.0-rc.1/composition.html – New Oban Pro guide explaining when to use chains, workflows, chunks, or batches for job composition.
• https://github.com/DockYard/openid_connect – The Elixir package 'openid_connect' reached version 1.0, providing client library support for working with various OpenID Connect providers like Google, Microsoft Azure AD, Auth0, and others.
• https://hexdocs.pm/openid_connect/readme.html – Documentation for the newly released openid_connect 1.0 package.
• https://bsky.app/profile/davelucia.com/post/3llqwsbyutc2z – Announcement that openid_connect is maintained by tvlabs.
• https://bsky.app/profile/germsvel.com/post/3llee5lyerk2b – PhoenixTest v0.6.0 has been released with significant changes, including a breaking change.
• https://github.com/germsvel/phoenix_test – GitHub repository for PhoenixTest.
• https://hexdocs.pm/phoenix_test/upgrade_guides.html#upgrading-to-0-6-0 – Upgrade guide for updating to PhoenixTest v0.6.0 with its breaking change.
• https://hexdocs.pm/phoenix_test/changelog.html#0-6-0 – Changelog for PhoenixTest v0.6.0.
• https://supabase.com/blog/postgres-language-server – Supabase has released a new Postgres Language Server for developers, providing IDE intellisense and autocomplete for PostgreSQL.
• https://marketplace.visualstudio.com/items?itemName=Supabase.postgrestools – VSCode extension for Supabase's new Postgres developer tools.
• https://github.com/supabase-community/postgres-language-server – GitHub repository for Supabase's Postgres Language Server.
• https://pgtools.dev/ – Official website for Postgres Tools with documentation and features.
• https://pgtools.dev/checking_migrations/ – Feature in Postgres Tools that lints database migrations to check for problematic schema changes.
• https://github.com/fly-apps/safe-ecto-migrations – Resource for ensuring safe Ecto migrations.
• https://fly.io/phoenix-files/safe-ecto-migrations/ – Article about safe Ecto migrations posted on Fly.io.
• https://elixirevents.net/ – Community resource created by Johanna Larsson for tracking, sharing, and learning about Elixir events worldwide.
• https://bsky.app/profile/elixirevents.net – Bluesky account for ElixirEvents.net for following Elixir community events.

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Discussion Resources

• https://paraxial.io/
• https://paraxial.io/blog/index – Blog with posts about security for Elixir, Rails, and the Paraxial service
• https://www.cnn.com/2025/03/18/tech/google-wiz-acquisition/index.html
• https://podcast.thinkingelixir.com/93 – Our last discussion was 3 years ago in episode 93! Titled "Preventing Service Abuse with Michael Lubas"
• https://www.amazon.com/Innovators-Dilemma-Revolutionary-Change-Business/dp/0062060244
• https://www.merriam-webster.com/dictionary/Kafkaesque - having a nightmarishly complex, bizarre, or illogical quality
• https://paraxial.io/blog/oban-pentest – Completed a Security Audit of Oban Pro - this is after ObanPro went free and OpenSource
• https://paraxial.io/blog/elixir-best – Elixir and Phoenix Security Checklist: 11 Best Practices
• https://paraxial.io/blog/rails-command-injection – Ruby on Rails Security: Preventing Command Injection
• https://paraxial.io/blog/paraxial-three – Paraxial.io v3 blog post

Guest Information

• Michael Lubas, Paraxial.io Founder - michael@paraxial.io
• https://x.com/paraxialio – on Twitter/X
• https://x.com/paraxialio – on Twitter/X
• https://github.com/paraxialio/ – on Github
• https://www.youtube.com/@paraxial5874 – Paraxial.io channel on YouTube
• https://genserver.social/paraxial – on Fediverse
• https://paraxial.io/ – Blog

Find us online

• Message the show - Bluesky
• Message the show - X
• Message the show on Fediverse - @ThinkingElixir@genserver.social
• Email the show - show@thinkingelixir.com
• Mark Ericksen on X - @brainlid
• Mark Ericksen on Bluesky - @brainlid.bsky.social
• Mark Ericksen on Fediverse - @brainlid@genserver.social
• David Bernheisel on Bluesky - @david.bernheisel.com
• David Bernheisel on Fediverse - @dbern@genserver.social

Show Notes online - http://podcast.thinkingelixir.com/245

Elixir Community News

• https://gigalixir.com/thinking – Gigalixir is sponsoring the show, offering 20% off standard tier prices for a year with promo code "Thinking".
• https://github.com/electric-sql/phoenix_sync – New library called phoenix_sync providing real-time sync for Postgres-backed Phoenix applications.
• https://hexdocs.pm/phoenix_sync/readme.html – Documentation for phoenix_sync, a solution for building modern, real-time apps with local-first/sync in Elixir.
• https://github.com/josevalim/sync – José Valim's original proof of concept repo that was promptly archived.
• https://electric-sql.com/ – Electric SQL's platform that syncs subsets of Postgres data into local apps and services, allowing data to be available offline and in-sync.
• https://solnic.dev/posts/announcing-textparser-for-elixir/ – Peter Solnica released TextParser, a library for extracting interesting parts of text like hashtags and links.
• https://hexdocs.pm/text_parser/readme.html – Documentation for the Text Parser library that helps parse text into structured data.
• https://www.elixirstreams.com/tips/mix-hex-info – Elixir stream tip on using mix hex.info to find the latest package version for a Hex package locally, without needing to search on hex.pm or GitHub.
• https://github.com/phoenixframework/tailwind/blob/main/README.md#updating-from-tailwind-v3-to-v4 – Guide for upgrading Tailwind to V4 in existing Phoenix applications using Tailwind's automatic upgrade helper.
• https://gleam.run/news/hello-echo-hello-git/ – Gleam 1.9.0 release with searchability on hexdocs, Echo debug printing for improved debugging, and ability to depend on Git-hosted dependencies.
• https://d-gate.io/blog/everything-i-was-lied-to-about-node-came-true-with-elixir – Blog post discussing how promises made about NodeJS actually came true with Elixir.
• https://hexdocs.pm/wasmex/Wasmex.Components.html – Wasmex updated to v0.10 with support for WebAssembly components, enabling applications and components to work together regardless of original programming language.
• https://ashweekly.substack.com/p/ash-weekly-issue-8 – AshWeekly Issue 8 covering AshOps with mix task capabilities for CRUD operations and BeaconCMS being included in the Ash HQ installer script.
• https://developer.chrome.com/blog/command-and-commandfor – Chrome update brings new browser feature with commandfor and command attributes, similar to Phoenix LiveView.JS but native to browsers.
• https://codebeamstockholm.com/ – Code BEAM Lite announced for Stockholm on June 2, 2025 with keynote speaker Björn Gustavsson, the "B" in BEAM.
• https://alchemyconf.com/ – AlchemyConf coming up March 31-April 3 in Braga, Portugal. Use discount code THINKINGELIXIR for 10% off.
• https://www.gigcityelixir.com/ – GigCity Elixir and NervesConf on May 8-10, 2025 in Chattanooga, TN, USA.
• https://www.elixirconf.eu/ – ElixirConf EU on May 15-16, 2025 in Kraków & Virtual.
• https://goatmire.com/#tickets – Goatmire tickets are on sale now for the conference on September 10-12, 2025 in Varberg, Sweden.

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Discussion Resources

• https://elixir-lang.org/blog/2025/02/26/elixir-openchain-certification/
• https://cna.erlef.org/ – EEF CVE Numbering Authority
• https://erlangforums.com/t/security-working-group-minutes/3451/22
• https://podcast.thinkingelixir.com/220 – previous interview with Alistair
• https://digital-strategy.ec.europa.eu/en/policies/cyber-resilience-act – CRA - Cyber Resilience Act
• https://www.cisa.gov/ – CISA US Government Agency
• https://www.cisa.gov/sbom – Software Bill of Materials
• https://oss-review-toolkit.org/ort/ – Desire to integrate with tooling outside the Elixir ecosystem like OSS Review Toolkit
• https://github.com/voltone/rebar3_sbom
• https://cve.mitre.org/
• https://openssf.org/projects/guac/
• https://erlef.github.io/security-wg/security_vulnerability_disclosure/ – EEF Security WG Vulnerability Disclosure Guide

Guest Information

• https://x.com/maennchen_ – Jonatan on Twitter/X
• https://bsky.app/profile/maennchen.dev – Jonatan on Bluesky
• https://github.com/maennchen/ – Jonatan on Github
• https://maennchen.dev – Jonatan's Blog
• https://www.linkedin.com/in/alistair-woodman-51934433 – Alistair Woodman on LinkedIn
• awoodman@erlef.org
• https://github.com/ahw59/ – Alistair on Github
• http://erlef.org/ – Erlang Ecosystem Foundation Website

Find us online

• Message the show - Bluesky
• Message the show - X
• Message the show on Fediverse - @ThinkingElixir@genserver.social
• Email the show - show@thinkingelixir.com
• Mark Ericksen on X - @brainlid
• Mark Ericksen on Bluesky - @brainlid.bsky.social
• Mark Ericksen on Fediverse - @brainlid@genserver.social
• David Bernheisel on Bluesky - @david.bernheisel.com
• David Bernheisel on Fediverse - @dbern@genserver.social

Sponsored By:

• Gigalixir: Today’s Thinking Elixir show is brought to you by our friends at Gigalixir, the premier deployment platform for Elixir and Phoenix projects. Use the promo code “Thinking” during signup to get 20% off the standard tier prices for an entire year. Or, visit https://gigalixir.com/thinking to sign up and get 20% off your first year. Promo Code: Thinking

Show Notes online - http://podcast.thinkingelixir.com/242

Elixir Community News

• https://gigalixir.com/thinking – Visit to sign up and get 20% off your first year. Or use the promo code "Thinking" during signup.
• https://github.com/phoenixframework/phoenix/pull/6081 – Phoenix gen_auth is adding support for magic links (passwordless login) and sudo mode for sensitive operations.
• https://elixirstream.dev/gendiff – Additional resource for Phoenix gen_auth updates.
• https://github.com/9elements/hex-mcp – New Model Context Protocol server providing real-time Hex package version information for AI tools like Cursor.
• https://paraxial.io/blog/elixir-best – Michael Lubas shares 11 best practices for security in Elixir and Phoenix applications.
• https://elixirstatus.com/p/7bQOj-daisyuicomponents---a-phoenix-liveview--daisyui-library – DaisyUI Components library for Phoenix LiveView updated to version 0.7.0.
• https://github.com/phcurado/daisy_ui_components – GitHub repository for DaisyUI Components, featuring over 30 pre-styled components.
• https://daisy-ui-components-site.fly.dev/storybook/welcome – Interactive Storybook for exploring DaisyUI Components.
• https://github.com/phcurado/daisy_ui_components/blob/main/CHANGELOG.md – Changelog showing recent updates to DaisyUI Components.
• https://github.com/software-mansion-labs/live-debugger – LiveDebugger tool for Phoenix LiveView applications, providing insights into LiveViews, components, and state transitions.
• https://www.phoronix.com/news/PostgreSQL-Self-Join-Eliminate – Postgres adds optimization for self-joins, improving query performance.
• https://www.lambdadays.org/lambdadays2025 – Lambda Days conference tickets on sale, happening June 12-13 in Kraków, Poland, focusing on functional programming.
• https://alchemyconf.com/ – Alchemy Conf happening April 2-3 in Braga, Portugal with 10% discount code "THINKINGELIXIR".
• https://membrz.club/alchemyconf/events – Direct link for purchasing Alchemy Conf tickets.

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Find us online

• Message the show - Bluesky
• Message the show - X
• Message the show on Fediverse - @ThinkingElixir@genserver.social
• Email the show - show@thinkingelixir.com
• Mark Ericksen on X - @brainlid
• Mark Ericksen on Bluesky - @brainlid.bsky.social
• Mark Ericksen on Fediverse - @brainlid@genserver.social
• David Bernheisel on Bluesky - @david.bernheisel.com
• David Bernheisel on Fediverse - @dbern@genserver.social

Sponsored By:

• Gigalixir: Today’s Thinking Elixir show is brought to you by our friends at Gigalixir, the premier deployment platform for Elixir and Phoenix projects. Use the promo code “Thinking” during signup to get 20% off the standard tier prices for an entire year. Or, visit https://gigalixir.com/thinking to sign up and get 20% off your first year. Promo Code: Thinking

Show Notes online - http://podcast.thinkingelixir.com/240

Elixir Community News

• https://bsky.app/profile/theerlef.bsky.social/post/3lhc5552djc24 – Erlang/OTP team announces compliance with OpenChain ISO/IEC 5230 standard for open source license compliance.
• https://openchainproject.org/featured/2025/02/01/erlang-otp-iso5230 – Details about OpenChain certification and its importance for Erlang/OTP's 2025 goals for enhancing community infrastructure.
• https://podcast.thinkingelixir.com/220 – Reference to Allistair Woodman episode providing additional context about Erlang/OTP.
• https://www.elixirpatterns.dev/#pricing – New book "Elixir Patterns" by Hugo Barauna and Alex Koutmos has been released.
• https://bsky.app/profile/hugobarauna.com/post/3lgv5yfw5o22q – Author's announcement about the Elixir Patterns book release.
• https://www.elixirpatterns.dev/#free-chapters – Free sample chapters of Elixir Patterns book available with accompanying Livebooks.
• https://www.youtube.com/watch?v=AZZvljvgKy8 – Launch livestream recording for the Elixir Patterns book.
• https://paraxial.io/blog/oban-pentest – Security audit results for Oban Web and Oban Pro by Paraxial.io, showing no critical vulnerabilities.
• https://alchemyconf.com/ – Announcement for Alchemy Conf happening April 2-3 in Braga Portugal.
• https://x.com/hugobarauna/status/1886766098411909420 – Hugo Barauna announces he'll be speaking about Livebook and Livebook Teams internals at Alchemy Conf.
• https://stratus3d.com/blog/2025/02/03/asdf-has-been-rewritten-in-go/ – Announcement about asdf v0.16 major update and rewrite in Go.
• https://asdf-vm.com/guide/upgrading-to-v0-16.html#installation – Installation guide for the new asdf v0.16 with breaking changes.

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Find us online

• Message the show - Bluesky
• Message the show - X
• Message the show on Fediverse - @ThinkingElixir@genserver.social
• Email the show - show@thinkingelixir.com
• Mark Ericksen on X - @brainlid
• Mark Ericksen on Bluesky - @brainlid.bsky.social
• Mark Ericksen on Fediverse - @brainlid@genserver.social
• David Bernheisel on Bluesky - @david.bernheisel.com
• David Bernheisel on Fediverse - @dbern@genserver.social

Show Notes online - http://podcast.thinkingelixir.com/173

Elixir Community News

• https://github.com/phoenixframework/phoenix_live_view/pull/2845 – Information on the upcoming LiveView that speeds up client DOM patching 5x.
• https://twitter.com/chris_mccord/status/1709681327019086044 – The post to further explain the upcoming LiveView.
• https://twitter.com/josevalim/status/1709841186972705033 – José Valim's clarification on how LiveView's 5x DOM patching works.
• https://twitter.com/wojtekmach/status/1709675064944144605 – Teaser about a cool new Req feature by Wojtek Mach.
• https://twitter.com/wojtekmach/status/1710053454217887970 – Release note for Req v0.3.12 and v0.4.4 and encouragement to upgrade.
• https://twitter.com/Tangui/status/1709645048906748378 – Announcement of a new HTTP Caching library called http_cache.
• http://svground.fr/blog/posts/introducing-http-cache/ – Blog post that accompanies the release of the new HTTP Caching library.
• https://github.com/tanguilp/plug_http_cache – plug_http_cache - An Elixir plug that caches HTTP responses.
• https://github.com/tanguilp/tesla_http_cache – tesla_http_cache - HTTP caching Tesla middleware.
• https://news.livebook.dev/remote-execution-smart-cell---launch-week-2---day-1-m3dv2 – Post about Day 1 of Livebook's launch week with information on the new feature.
• https://twitter.com/thmsmlr/status/1709309268183367901 – Announcement of Livebook Copilot by Thomas Millar.
• https://github.com/thmsmlr/kino_copilot – kino_copilot - Livebook SmartCell that refactors code, generates SQL for data analysis, writes documentation, and generates dashboards.
• https://twitter.com/hugobarauna/status/1709631824555573554 – Demonstration of Livebook voice transcription by Hugo Baraúna.
• https://github.com/brainlid/langchain_demo – LangChain Demo project that includes an example of an Agent.
• https://fly.io/phoenix-files/created-my-personal-ai-fitness-trainer-in-2-days/ – Blog post - Created my Personal AI Fitness Trainer in 2 Days
• https://www.youtube.com/watch?v=AsfQNtoaB1M – YouTube video overview for AI Personal Fitness Trainer with demo
• https://spawnfest.org/ – Information on SpawnFest, a 48-hour online software development contest.
• https://codebeameurope.com/ – Information on CodeBEAM Europe event.

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Discussion Resources

• https://www.wired.com/story/23andme-credential-stuffing-data-stolen/ – 23andMe breach
• https://erlef.github.io/security-wg/web_app_security_best_practices_beam/ – Web Application Security Best Practices for BEAM languages - a guide from the EEF Security Working Group
• https://paraxial.io/blog/real-sobelow – Elixir Security - Real World Sobelow
• https://podcast.thinkingelixir.com/148 – Security Scanning our Apps with Sobelow
• https://www.ftc.gov/enforcement/refunds/equifax-data-breach-settlement – Why use Sobelow? The Equifax breach, $425 million penalty, was a remote code execution (RCE) vulnerability
• https://paraxial.io/blog/elixir-rce – Understanding remote code execution (RCE) attacks in Elixir
• https://paraxial.io/blog/potion-shop – Potion Shop
• https://www.meetup.com/new-york-city-elixir/events/296705817/ – The NYC Elixir meetup
• https://www.meetup.com/denver-erlang-elixir/ – Denver Elixir meetup

Guest Information

• https://twitter.com/paraxialio – on Twitter
• https://github.com/paraxialio/ – on Github
• https://genserver.social/paraxial – on Fediverse
• https://paraxial.io/blog/index – Blog
• https://www.linkedin.com/company/paraxial-io – LinkedIn
• https://www.youtube.com/@paraxial5874 – Paraxial YouTube channel

Find us online

• Message the show - @ThinkingElixir
• Message the show on Fediverse - @ThinkingElixir@genserver.social
• Email the show - show@thinkingelixir.com
• Mark Ericksen - @brainlid
• Mark Ericksen on Fediverse - @brainlid@genserver.social
• David Bernheisel - @bernheisel
• David Bernheisel on Fediverse - @dbern@genserver.social
• Cade Ward - @cadebward
• Cade Ward on Fediverse - @cadebward@genserver.social

Sponsored By:

• Fly.io: Fly.io is a great place to deploy your next Phoenix application! Check them out!

Show Notes online - http://podcast.thinkingelixir.com/155

Elixir Community News

• https://twitter.com/michalslaski/status/1664237603728551936 – Jonatan Kłosko won an award for opensource contributions to Livebook.
• https://podcast.thinkingelixir.com/151 – Previous interview with Jonatan Kłosko about Livebook
• https://dockyard.com/blog/2023/05/16/open-source-elixir-alternatives-to-chatgpt – Sean Moriarity wrote a post titled “Open-Source Elixir Alternatives to ChatGPT”
• https://twitter.com/natfriedman/status/1665402680376987648 – LLaMa update running on local hardware
• https://twitter.com/yoooodaaaa/status/1663988571047354371 – Stephen Bussey's new book in beta called "From Ruby to Elixir"
• https://pragprog.com/titles/sbelixir/from-ruby-to-elixir/ – PragProg book page where it can be purchased as early access.
• https://twitter.com/josevalim/status/1664743585873264641 – José Valim calling out contributions by Qqwy with links to the Arrow related PRs
• https://github.com/elixir-nx/explorer – Nx Explorer
• https://arrow.apache.org/docs/format/ADBC.html – ADBC Apache project for data connectivity
• https://arrow.apache.org/ – Arrow Apache project
• https://github.com/jorgecarleitao/arrow2 – Aarow2 Rust project
• https://jorgecarleitao.github.io/arrow2/main/guide/ – Arrow2 guide
• https://elixirforum.com/t/mime-v2-0-4-has-been-released-with-a-potential-security-fix/56216 – PSA for security concern with package version update available
• https://elixirforum.com/t/livemonacoeditor-monaco-editor-component-for-phoenix-liveview/56212 – New library LiveMonacoEditor for integrating the VSCode JS-powered editor called Monoco into LiveView
• https://github.com/BeaconCMS/live_monaco_editor – BeaconCMS linked LiveMonacoEditor project
• https://codebeameurope.com/ – CodeBEAM EU October 19-20
• https://twitter.com/ElixirConf/status/1663920528829161474 – ElixirConf US 2023 - call for speakers
• https://docs.google.com/forms/d/e/1FAIpQLSeN6BFybOd4vXweCuBvINjhbO-Ev7Zk1sZf8YBXwjnwQC0-aA/viewform – Form for submitting a talk

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Find us online

• Message the show - @ThinkingElixir
• Message the show on Fediverse - @ThinkingElixir@genserver.social
• Email the show - show@thinkingelixir.com
• Mark Ericksen - @brainlid
• Mark Ericksen on Fediverse - @brainlid@genserver.social
• David Bernheisel - @bernheisel
• David Bernheisel on Fediverse - @dbern@genserver.social
• Cade Ward - @cadebward
• Cade Ward on Fediverse - @cadebward@genserver.social

Sponsored By:

• Fly.io: Fly.io is a great place to deploy your next Phoenix application! Check them out!

Show Notes online - http://podcast.thinkingelixir.com/148

Elixir Community News

• https://news.livebook.dev/hubs-and-secret-management---launch-week-1---day-3-3tMaJ2 – Livebook Launch Week - Day 3 - Hubs, secrets, teams, authentication
• https://news.livebook.dev/build-and-deploy-a-whisper-chat-app-to-hugging-face-in-15-minutes---launch-week-1---day-4-wYM0w – Livebook Launch Week - Day 4 - What is deploying apps to HuggingFace?
• https://news.livebook.dev/data-wrangling-in-elixir-with-explorer-the-power-of-rust-the-elegance-of-r---launch-week-1---day-5-1xqwCI – Livebook Launch Week - Day 5 - Data wrangling in Elixir with https://news.livebook.dev/data-wrangling-in-elixir-with-explorer-the-power-of-rust-the-elegance-of-r---launch-week-1---day-5-1xqwCI
• https://github.com/elixir-nx – The Nx GitHub organization page was set up
• https://twitter.com/sorentwo/status/1646493981591625732 – Oban update 2.15.0
• https://github.com/sorentwo/oban/releases/tag/v2.15.0 – Oban release notes
• https://twitter.com/osterbergmarcus/status/1646833341881016323 – Tweet asking about bulk steam inserts
• https://twitter.com/elixirphoenix/status/1646913447030865921 – Phoenix response says the bulk insert is in main now.
• https://hexdocs.pm/ecto/Ecto.Changeset.html#cast_assoc/3-sorting-and-deleting-from-many-collections – Ecto's Sorting and deleting from -many collections
• https://twitter.com/iteamon/status/1648310734479130627 – Dry run implementation by Tymon Tobolski
• https://twitter.com/theerlef/status/1646211583172034563 – ElixirConf EU keynote to look forward to

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Discussion Resources

• https://twitter.com/paraxialio/status/1641242283134660616
• https://github.com/nccgroup/sobelow
• https://github.com/nccgroup/sobelow/releases/tag/v0.12.2 – recent release
• https://github.com/podium/elixir-secure-coding
• https://www.podium.com/
• https://podcast.thinkingelixir.com/122 – Securing Elixir and Teaching the Team interview with Holden
• https://www.crowdstrike.com/cybersecurity-101/shift-left-security/ – Shift left
• https://www.nccgroup.com/us/
• https://github.com/podium/elixir-secure-coding
• https://github.com/ExHammer/hammer
• SAST - Static Application Security Testing
• IAST - Interactive Application Security Testing

Guest Information

• https://twitter.com/HoldenOullette – Holden on Twitter
• https://github.com/houllette/ – Holden on Github
• https://oullette.xyz/ – Holden's Blog
• https://twitter.com/griffinbyatt – Griffin on Twitter
• https://github.com/GriffinMB/ – Griffin on Github
• https://griffinbyatt.com/ – Griffin's page

Find us online

• Message the show - @ThinkingElixir
• Message the show on Fediverse - @ThinkingElixir@genserver.social
• Email the show - show@thinkingelixir.com
• Mark Ericksen - @brainlid
• Mark Ericksen on Fediverse - @brainlid@genserver.social
• David Bernheisel - @bernheisel
• David Bernheisel on Fediverse - @dbern@genserver.social
• Cade Ward - @cadebward
• Cade Ward on Fediverse - @cadebward@genserver.social

Sponsored By:

• Fly.io: Fly.io is a great place to deploy your next Phoenix application! Check them out!

Show Notes online - http://podcast.thinkingelixir.com/134

Elixir Community News

• http://example.com/ – Example website
• https://github.com/phoenixframework/phoenix/blob/master/CHANGELOG.md – New release candidate for Phoenix! 1.7.0-rc.1
• https://github.com/phoenixframework/phoenix_live_view/blob/master/CHANGELOG.md – New minor Phoenix LiveView releases
• https://twitter.com/whatyouhide/status/1610675036108771328 – Andrea Leopardi published his second video where he works through the ProtoHackers.com challenges using Elixir
• https://github.com/sorentwo/oban/pull/819 – Oban now supports SQLite3
• https://github.com/JohnnyCurran/TimeTravel – Time Travel with LiveView events
• https://www.chriis.dev/opinion/setting-up-a-google-chrome-shortcut-to-elixir-documentation-in-30-seconds – Chris Gregori shared a post about setting up a Google Chrome shortcut to Elixir documentation
• https://twitter.com/benvp_/status/1610884773387321345 – Tip for saving hex docs offline locally
• https://twitter.com/theerlef/status/1611076916957843456 – erlef/setup-beam v1.15.1 has been released
• https://github.com/erlef/setup-beam/releases/tag/v1.15.1
• https://github.com/elixir-nx/ex_faiss – Sean Morriarity released a new library in the Nx family called ex_faiss
• https://dockyard.com/blog/2023/01/04/search-and-clustering-with-exfaiss – Blog post to accompany ex_faiss
• https://github.com/lexmag – Core team Aleksei
• https://github.com/am-kantox – Finitomata Aleksei
• https://twitter.com/yburyug/status/1611125098286813184 – Fun Phoenix success story

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Discussion Resources

• https://erlef.github.io/security-wg/
• https://erlef.org/wg/security
• https://github.com/erlef/security-wg
• https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/
• https://podcast.thinkingelixir.com/64 – OTP Certificate Woes with Bram Verburg
• https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/releases – Section on releases and Erlang's ability to conditionally include the compiler
• https://bluecode.com/en/
• https://www.linkedin.com/in/FrancescoCesarini
• https://podcast.thinkingelixir.com/122 – Interview with Holden Oullette about Elixir Secure Coding Training for teams
• https://en.wikipedia.org/wiki/Whac-A-Mole
• https://podcast.thinkingelixir.com/131 – Interview with Michael Lubas about securing Elixir and Phoenix applications
• https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/crash_dumps
• https://github.com/voltone/x509/
• https://github.com/beam-telemetry/telemetry
• https://www.lua.org/start.html
• https://www.cisa.gov/uscert/bsi/articles/knowledge/sdlc-process/secure-software-development-life-cycle-processes – Secure Software Development Lifecycle
• https://github.com/nccgroup/sobelow
• https://github.com/rrrene/credo
• https://en.wikipedia.org/wiki/Data-flow_analysis
• https://erlef.org/
• https://members.erlef.org/join-us

Guest Information

• https://twitter.com/voltonez – on Twitter
• https://fosstodon.org/@voltone – on Fediverse
• https://github.com/voltone – on Github
• https://blog.voltone.net/ – Blog

Find us online

• Message the show - @ThinkingElixir
• Message the show on Fediverse - @ThinkingElixir@genserver.social
• Email the show - show@thinkingelixir.com
• Mark Ericksen - @brainlid
• Mark Ericksen on Fediverse - @brainlid@genserver.social
• David Bernheisel - @bernheisel
• David Bernheisel on Fediverse - @dbern@genserver.social
• Cade Ward - @cadebward
• Cade Ward on Fediverse - @cadebward@genserver.social

Sponsored By:

• Fly.io: Fly.io is a great place to deploy your next Phoenix application! Check them out!

Show Notes online - http://podcast.thinkingelixir.com/131

Elixir Community News

• https://erlangforums.com/t/otp-25-2-released/2166 – Erlang/OTP 25.2 is the second maintenance patch package for OTP 25, with mostly bug fixes as well as improvements.
• https://twitter.com/livebookdev/status/1603787699458113539 – HuggingFace announced “spaces”, a feature that lets people run Docker images on HuggingFace.
• https://huggingface.co/spaces/livebook-dev/single_file_phx_bumblebee_ml – Elixir Phoenix was specifically shown as a Docker example on HuggingFace
• https://twitter.com/sean_moriarity/status/1602817446875992066 – Sean Moriarity added “negative prompts” feature to Nx's Stable Diffusion support.
• https://github.com/elixir-nx/bumblebee/pull/109 – PR adding "negative prompt" support
• https://twitter.com/miruoss/status/1604849993130676225 – Michael Ruoss has a new Kino plugin for working with kubernetes pods
• https://github.com/mruoss/kino_k8s_term – KinoK8sTerm
• https://twitter.com/livebookdev/status/1603391808209391617 – Livebook added two new neural network tasks to Bumblebee integration.
• https://twitter.com/hanrelan/status/1603470678081929216 – Customized Livebook Stable Diffusion shows intermediate steps when generating images.
• https://blog.ftes.de/elixir-dijkstras-algorithm-with-priority-queue-f6022d710877 – Fredrik Teschke wrote a blogpost using Livebook to visualize Dijkstra's algorithm for finding the shortest path between nodes in a graph.
• https://notes.club/ – Notesclub is a website by Hec Perez that makes it easy to share and discover Livebook notebooks online.
• https://twitter.com/louispilfold/status/1602740866602631170 – Louis Pilfold announced his last full day at Nomio. He is now working full time on Gleam.
• https://twitter.com/louispilfold/status/1600960290455113728 – Louis Pilfold shared that Bumblebee, Nx and Axon work in Gleam thanks to Gleam's new Elixir support.
• https://twitter.com/kipcole9/status/1604929772253229057 – Kip Cole has a library called Image. He added Image.Classification.classify(image) using Bumblebee.
• https://sessionize.com/code-beam-lite-stockholm-2023 – Code BEAM Lite Stockholm 2023, 12 May 2023, Stockholm, Sweden. Call for speakers is open until Feb 5th 2023.

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Discussion Resources

• https://paraxial.io
• https://paraxial.io/blog/securing-elixir – Securing Elixir/Phoenix Applications - 5 Tips to Get Started
• https://paraxial.io/blog/xss-phoenix – Cross Site Scripting (XSS) Patterns in Phoenix
• https://podcast.thinkingelixir.com/93 – Previous interview with Michael
• https://www.youtube.com/watch?v=w3lKmFsmlvQ – ElixirConf 2017 - Plugging the Security Holes in Your Phoenix Application - Griffin Byatt
• https://felt.com/blog/rate-limiting – Rate Limiting Algorithms for Client-Facing Web Apps by Tyler Young
• https://github.com/podium/elixir-secure-coding – Elixir Secure Coding Training (ESCT) that runs in Livebook
• https://github.com/rrrene/html_sanitize_ex
• https://fly.io/phoenix-files/github-actions-for-elixir-ci/ – Blog post about Elixir CI/CD checks
• https://github.com/mirego/mix_audit – mix_audit
• https://hexdocs.pm/mix/Mix.Tasks.Deps.Unlock.html – mix hex.audit
• https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/ – Erlang Ecosystem Foundation resource - Secure Coding and Deployment Hardening Guidelines
• https://github.com/slab/safeurl-elixir – SafeURL hex package by Slab
• https://slab.com/

Guest Information

• https://twitter.com/paraxialio – on Twitter
• https://github.com/paraxialio/ – on Github
• https://paraxial.io/ – Blog
• michael@paraxial.io
• https://genserver.social/paraxial – on Mastadon

Find us online

• Message the show - @ThinkingElixir
• Message the show on Mastadon - @ThinkingElixir@genserver.social
• Email the show - show@thinkingelixir.com
• Mark Ericksen - @brainlid
• Mark Ericksen on Mastadon - @brainlid@genserver.social
• David Bernheisel - @bernheisel
• David Bernheisel on Mastadon - @dbern@genserver.social
• Cade Ward - @cadebward
• Cade Ward on Mastadon - @cadebward@genserver.social

Sponsored By:

• Fly.io: Fly.io is a great place to deploy your next Phoenix application! Check them out!

Show Notes online - http://podcast.thinkingelixir.com/122

Elixir Community News

• https://twitter.com/AshFramework/status/1582062954891350016 – Ash Framework 2.0 released
• https://github.com/ash-project/ash/blob/2.0/CHANGELOG.md – Ash Framework changelog
• https://www.ash-hq.org/
• https://elixirforum.com/t/ex-cldr-common-locale-data-repository-cldr-functions-for-elixir/17350/92 – Ex_cldr and Kip Cole's development plans
• https://podcast.thinkingelixir.com/120 – Interview with Kip Cole
• https://hexdocs.pm/ex_cldr_routes – New CLDR library to help localize Phoenix routes
• https://hexdocs.pm/phoenix_localized_routes – There are other route localizing options as well
• https://twitter.com/lukaszsamson/status/1578521810554916864 – Elixir-LS fixed 4 year old bug with help from reporter!
• https://github.com/elixir-lsp/elixir-ls/issues/120 – Elixir-LS history and details on the fix
• https://twitter.com/fhunleth/status/1580524909939556353 – Nerves on Apple silicon improvements in upcoming release
• https://spawnfest.org/ – Spawnfest competition closed. People sharing their creations.
• https://twitter.com/spawnfest/status/1581347422671806464 – List of Spawnfest judges
• https://twitter.com/michalmuskala/status/1581743531764617217 – JSON Native project shared
• https://github.com/spawnfest/json_native
• https://twitter.com/livebookdev/status/1581995785637756928 – Livebook Ecto extension called Lively supports Entity Relationship Diagrams and more.
• https://github.com/orgs/spawnfest/repositories?q=2022+in%3Atopics – See all the submissions with this non-obvious GitHub search
• https://www.elixirconf.eu/ – ElixirConf EU 2023 in in Lisbon Portugal - Hybrid conference 20-21 April 2023 - In person and virtual

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Discussion Resources

• https://github.com/Podium/elixir-secure-coding
• https://www.podium.com/
• https://jupyter.org/
• https://twitter.com/holdenoullette/status/1565486046237921280
• https://2022.elixirconf.com/speakers/holden-oullette
• https://owasp.org/Top10/
• https://en.wikipedia.org/wiki/Capture_the_flag_(cybersecurity)
• https://github.com/podium/elixir-secure-coding/blob/main/modules/4-graphql.livemd – Incomplete GraphQL module
• https://hex.pm/packages/sobelow
• https://semgrep.dev/
• https://www.theregister.com/2016/03/23/npm_left_pad_chaos/ – Background on "left pad"
• https://github.com/podium/vigil

Guest Information

• https://twitter.com/holdenoullette – on Twitter
• https://github.com/houllette/ – on Github
• https://oullette.xyz – Blog

Find us online

• Message the show - @ThinkingElixir
• Email the show - show@thinkingelixir.com
• Mark Ericksen - @brainlid
• David Bernheisel - @bernheisel
• Cade Ward - @cadebward

Sponsored By:

• Fly.io: Fly.io is a great place to deploy your next Phoenix application! Check them out!

Show Notes online - http://podcast.thinkingelixir.com/93

Elixir Community News

• https://erlef.org/blog/eef/election-2022-results – Erlang Ecosystem Foundation board election voting results
• https://erlef.org/blog/eef/election-2022 – Previous election notice and explanations
• https://hexdocs.pm/ex_doc/changelog.html – ExDoc v0.28.3 was released
• https://twitter.com/josevalim/status/1508528099973120004 – Call to help move ExDoc away from webpack to esbuild
• https://twitter.com/dominicletz/status/1506675402059792388 – iOS app store now has an Elixir application deployed in it!
• https://podcast.thinkingelixir.com/69 – Previous interview with Dominic Letz about doing Elixir on the desktop and mobile.
• https://www.erlang.org/news/155 – Erlang 25.0 rc-2 was released and requesting feedback
• https://twitter.com/josevalim/status/1507443537851392007 – Jose Valim's experience compiling Elixir from scratch on Apple's new MacStudio M1 Max
• Conference reminders
• https://www.empex.co/mtn – Empex MTN in Salt Lake City on May 6
• https://codesync.global/conferences/code-beam-sto-2022/ – CodeBEAM in Stockholm on May 19-20
• https://www.elixirconf.eu/ – ElixirConf EU in London on June 9-10
• https://elixirconf.com/events – ElixirConf US in Colorado on August 30-Sep2
• https://github.com/lucasvegi/Elixir-Code-Smells – Elixir Code Smells - public project
• https://fly.io/phoenix-files/safe-ecto-migrations/ – Safe Ecto Migrations
• https://twitter.com/TylerAYoung/status/1508413319178297352 – Today I Learned about doctests and importing

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Discussion Resources

• https://www.paraxial.io/blog/throttle-requests
• https://github.com/michalmuskala/plug_attack
• https://owasp.org/Top10/
• https://github.com/magento/magento2/issues/28614 – What is a carding attack?
• https://owasp.org/www-project-automated-threats-to-web-applications/
• http://paraxial.io/
• https://frame.io/
• https://news.adobe.com/news/news-details/2021/Adobe-Completes-Acquisition-of-Frame.io/default.aspx
• https://www.metasploit.com/
• https://www.crunchbase.com/
• https://owasp.org/www-community/attacks/Credential_stuffing
• https://en.wikipedia.org/wiki/Web_application_firewall

Guest Information

• https://twitter.com/paraxialio – on Twitter
• https://github.com/paraxialio/ – on Github
• https://paraxial.io/ – Website
• sales@paraxial.io

Find us online

• Message the show - @ThinkingElixir
• Email the show - show@thinkingelixir.com
• Mark Ericksen - @brainlid
• David Bernheisel - @bernheisel
• Cade Ward - @cadebward

Sponsored By:

• Fly.io: Fly.io is a great place to deploy your next Phoenix application! Check them out!