Episode 268: Maintainer Month 2025 with Dirkjan Ochtman on Sustaining Critical Rust Libraries
vor 10 Monaten
Kicking off our 2025 Maintainer Month series, Dirkjan joins Richard
to talk Rust maintenance, open source funding, and sustaining
projects without burning out.
Podcast
Podcaster
Beschreibung
vor 10 Monaten
Guest Dirkjan Ochtman Panelist Richard Littauer Show Notes In this
special Maintainer Month episode of Sustain, host Richard speaks
with Dirkjan Ochtman, a long-time open source contributor and Rust
advocate. They dive deep into what it's like maintaining critical
infrastructure libraries, the motivations behind taking over
"abandonware," and how funding ecosystems like GitHub Sponsors and
thanks.dev help sustain low-level dependencies. Dirkjan also
reflects on how Rust’s design lends itself well to long-term
maintainability and shares thoughts on the challenges of burnout,
context switching, and ensuring project continuity. Hit the
download button now! [00:01:33] Dirkjan explains how he chooses
which projects he’s maintaining, being passionate about memory
safety via Rust, and maintaining tools like Rustls, Hickory DNS,
and Quinn. [00:03:14] Dirkjan describes his motivation for
maintaining abandonware and sees it as providing value to the
community. [00:04:23] ISRG funds Dirkjan’s work on memory-safe DNS
and TLS libraires, and they are replacing C-based libraires with
Rust equivalents. [00:05:33] Dirkjan uses thanks.dev to help fund
maintainers through the full dependency graph and revenue is
limited but promising. [00:08:06] Richard brings up Tidelift and
Dirkjan mentions it’s not yielding results for Rust projects yet
because the Rust ecosystem is smaller. [00:09:30] We hear Dirkjan’s
journey into Rust, starting in Python but frustrated by lack of
type safety and performance, and creating his own compiler before
appreciating Rust’s complexity. [00:12:20] Dirkjan talks about his
transition from Python to Rust. [00:13:39] Dirkjan uses PyO3 to
create Python bindings for Rust libraries. [00:15:31] Richard
wonders why projects become unmaintained and Dirkjan responds that
people have life events, job changes, or shifting interests.
[00:17:11] How are unmaintained projects flagged? Dirkjan uses the
RustSec Advisory DB to detect projects with no active maintainers.
[00:18:47] Dirkjan avoids burnout as a maintainer by keeping the
scope narrow, only responds to PRs, doesn’t overcommit, and focuses
on high-efficiency, low-effort maintenance. [00:19:51] Rust has a
strong system, built-in unit tests, great CI support, and Dirkjan
encourages atomic commits to simplify code review. [00:21:28]
Dirkjan speaks about languages that are more maintainer safe.
[00:22:18] Richard brings up attack vectors and the ‘left-pad
incident.’ Dirkjan shares how he builds trust via his public GitHub
record. [00:24:17] We hear Dirkjan’s offboarding and succession
planning as he explains handing off projects like Askama and
promoting multiple maintainers to reduce bus factor. [00:26:08]
Dirkjan’s long-term vision for OSS sustainability is he hopes to
move higher in the stack and wants to make high-quality software
easier to build. [00:27:38] Dirkjan explains why he prefers to do
asynchronous collaboration over pair programming. [00:28:52]
Dirkjan discusses Rust’s long-term ecosystem stability. [00:31:09]
Find out where you can follow Dirkjan on the web. Quotes [00:03:23]
“You call it abandonware and I call it a dependency that has a
million users.” [00:19:02] “[When I take on a project], I don’t
take on the burden of proactively improving the project.”
[00:19:11] “I will be there when someone submits a PR." [00:20:37]
“I ask folks to make small changes: atomic commits.” Spotlight
[00:31:37] Richard’s spotlight is Allan Day. [00:32:20] Dirkjan’s
spotlight is Xilem. Links SustainOSS (https://sustainoss.org/)
podcast@sustainoss.org (mailto:podcast@sustainoss.org)
richard@sustainoss.org (mailto:richard@sustainoss.org) SustainOSS
Discourse (https://discourse.sustainoss.org/) SustainOSS Mastodon
(https://mastodon.social/tags/sustainoss) SustainOSS Bluesky
(https://bsky.app/profile/sustainoss.bsky.social) SustainOSS
LinkedIn (https://www.linkedin.com/company/sustainoss/) Open
Collective-SustainOSS (Contribute)
(https://opencollective.com/sustainoss) Richard Littauer Socials
(https://www.burntfen.com/2023-05-30/socials) Dirkjan Ochtman
LinkedIn
(https://www.linkedin.com/in/dochtman/?originalSubdomain=nl)
Dirkjan Ochtman Blog (https://dirkjan.ochtman.nl/) Dirkjan Ochtman
Mastodon (https://hachyderm.io/@djc) Dirkjan Ochtman GitHub
(https://github.com/djc) Dirkjan Ochtman Bluesky
(https://bsky.app/profile/djc.ochtman.nl) Rust
(https://www.rust-lang.org/) Rustls
(https://github.com/rustls/rustls) Hickory DNS
(https://github.com/hickory-dns/hickory-dns) Quinn
(https://github.com/quinn-rs/quinn) Internet Security Research
Group (ISRG) (https://www.abetterinternet.org/) Let’s Encrypt
(https://letsencrypt.org/) Automatic Certificate Management
Environment
(https://en.wikipedia.org/wiki/Automatic_Certificate_Management_Environment)
PyO3 user guide (https://pyo3.rs/v0.15.1/) Sustain Podcast-Episode
108: Sarah Gran and Josh Aas: Sustainable Digital Infrastructure
with Memory Safe Code (https://podcast.sustainoss.org/108) Sustain
Podcast-Episode 148: Ali Nehzat of thanks.dev and OSS Funding
(https://podcast.sustainoss.org/148) Tidelift
(https://tidelift.com/) RustSec Advisory Database-GitHub
(https://github.com/RustSec/advisory-db) Askama
(https://docs.rs/askama/latest/askama/) Allan Day’s GNOME Blog
(https://blogs.gnome.org/aday/) Xilem (https://xilem.dev/) Credits
Produced by Richard Littauer (https://www.burntfen.com/) Edited by
Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/)
Show notes by DeAnn Bahr Peachtree Sound
(https://www.peachtreesound.com/) Special Guest: Dirkjan Ochtman.
special Maintainer Month episode of Sustain, host Richard speaks
with Dirkjan Ochtman, a long-time open source contributor and Rust
advocate. They dive deep into what it's like maintaining critical
infrastructure libraries, the motivations behind taking over
"abandonware," and how funding ecosystems like GitHub Sponsors and
thanks.dev help sustain low-level dependencies. Dirkjan also
reflects on how Rust’s design lends itself well to long-term
maintainability and shares thoughts on the challenges of burnout,
context switching, and ensuring project continuity. Hit the
download button now! [00:01:33] Dirkjan explains how he chooses
which projects he’s maintaining, being passionate about memory
safety via Rust, and maintaining tools like Rustls, Hickory DNS,
and Quinn. [00:03:14] Dirkjan describes his motivation for
maintaining abandonware and sees it as providing value to the
community. [00:04:23] ISRG funds Dirkjan’s work on memory-safe DNS
and TLS libraires, and they are replacing C-based libraires with
Rust equivalents. [00:05:33] Dirkjan uses thanks.dev to help fund
maintainers through the full dependency graph and revenue is
limited but promising. [00:08:06] Richard brings up Tidelift and
Dirkjan mentions it’s not yielding results for Rust projects yet
because the Rust ecosystem is smaller. [00:09:30] We hear Dirkjan’s
journey into Rust, starting in Python but frustrated by lack of
type safety and performance, and creating his own compiler before
appreciating Rust’s complexity. [00:12:20] Dirkjan talks about his
transition from Python to Rust. [00:13:39] Dirkjan uses PyO3 to
create Python bindings for Rust libraries. [00:15:31] Richard
wonders why projects become unmaintained and Dirkjan responds that
people have life events, job changes, or shifting interests.
[00:17:11] How are unmaintained projects flagged? Dirkjan uses the
RustSec Advisory DB to detect projects with no active maintainers.
[00:18:47] Dirkjan avoids burnout as a maintainer by keeping the
scope narrow, only responds to PRs, doesn’t overcommit, and focuses
on high-efficiency, low-effort maintenance. [00:19:51] Rust has a
strong system, built-in unit tests, great CI support, and Dirkjan
encourages atomic commits to simplify code review. [00:21:28]
Dirkjan speaks about languages that are more maintainer safe.
[00:22:18] Richard brings up attack vectors and the ‘left-pad
incident.’ Dirkjan shares how he builds trust via his public GitHub
record. [00:24:17] We hear Dirkjan’s offboarding and succession
planning as he explains handing off projects like Askama and
promoting multiple maintainers to reduce bus factor. [00:26:08]
Dirkjan’s long-term vision for OSS sustainability is he hopes to
move higher in the stack and wants to make high-quality software
easier to build. [00:27:38] Dirkjan explains why he prefers to do
asynchronous collaboration over pair programming. [00:28:52]
Dirkjan discusses Rust’s long-term ecosystem stability. [00:31:09]
Find out where you can follow Dirkjan on the web. Quotes [00:03:23]
“You call it abandonware and I call it a dependency that has a
million users.” [00:19:02] “[When I take on a project], I don’t
take on the burden of proactively improving the project.”
[00:19:11] “I will be there when someone submits a PR." [00:20:37]
“I ask folks to make small changes: atomic commits.” Spotlight
[00:31:37] Richard’s spotlight is Allan Day. [00:32:20] Dirkjan’s
spotlight is Xilem. Links SustainOSS (https://sustainoss.org/)
podcast@sustainoss.org (mailto:podcast@sustainoss.org)
richard@sustainoss.org (mailto:richard@sustainoss.org) SustainOSS
Discourse (https://discourse.sustainoss.org/) SustainOSS Mastodon
(https://mastodon.social/tags/sustainoss) SustainOSS Bluesky
(https://bsky.app/profile/sustainoss.bsky.social) SustainOSS
LinkedIn (https://www.linkedin.com/company/sustainoss/) Open
Collective-SustainOSS (Contribute)
(https://opencollective.com/sustainoss) Richard Littauer Socials
(https://www.burntfen.com/2023-05-30/socials) Dirkjan Ochtman
(https://www.linkedin.com/in/dochtman/?originalSubdomain=nl)
Dirkjan Ochtman Blog (https://dirkjan.ochtman.nl/) Dirkjan Ochtman
Mastodon (https://hachyderm.io/@djc) Dirkjan Ochtman GitHub
(https://github.com/djc) Dirkjan Ochtman Bluesky
(https://bsky.app/profile/djc.ochtman.nl) Rust
(https://www.rust-lang.org/) Rustls
(https://github.com/rustls/rustls) Hickory DNS
(https://github.com/hickory-dns/hickory-dns) Quinn
(https://github.com/quinn-rs/quinn) Internet Security Research
Group (ISRG) (https://www.abetterinternet.org/) Let’s Encrypt
(https://letsencrypt.org/) Automatic Certificate Management
Environment
(https://en.wikipedia.org/wiki/Automatic_Certificate_Management_Environment)
PyO3 user guide (https://pyo3.rs/v0.15.1/) Sustain Podcast-Episode
108: Sarah Gran and Josh Aas: Sustainable Digital Infrastructure
with Memory Safe Code (https://podcast.sustainoss.org/108) Sustain
Podcast-Episode 148: Ali Nehzat of thanks.dev and OSS Funding
(https://podcast.sustainoss.org/148) Tidelift
(https://tidelift.com/) RustSec Advisory Database-GitHub
(https://github.com/RustSec/advisory-db) Askama
(https://docs.rs/askama/latest/askama/) Allan Day’s GNOME Blog
(https://blogs.gnome.org/aday/) Xilem (https://xilem.dev/) Credits
Produced by Richard Littauer (https://www.burntfen.com/) Edited by
Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/)
Show notes by DeAnn Bahr Peachtree Sound
(https://www.peachtreesound.com/) Special Guest: Dirkjan Ochtman.
Weitere Episoden
34 Minuten
vor 9 Monaten
46 Minuten
vor 9 Monaten
40 Minuten
vor 9 Monaten
38 Minuten
vor 10 Monaten
Kommentare (0)
Melde Dich an, um einen Kommentar zu schreiben.