AI Meets Open Source: Automation & Governance at Scale The latest roundup of open source videos showcases a powerful trend: AI is no longer just a subject of open source projects, it’s increasingly used to manage open source itself. From OpenAI’s Codex speeding up finance workflows to FINOS’s demonstration of AI for OSPO risk management, … Read more
As part of the Build Small hackathon we are inviting our partners to share their knowledge on how to get the most out of the tiny models available today.
Today we are joined by OpenBMB who will walk us through some of the best real-world uses cases for their family of tiny models and answer any questions from the community!
—
Build Small Hackathon: https://huggingface.co/build-small-hackathon
We had a blast in NYC with talks on data pipelines using Kafka and ClickHouse, a deep dive on Cassandra 6 features, and more. Will we see you at the next one?
What can 10 years of open source release votes teach us about healthier communities? This talk analyzes 1,600+ Apache Incubator release vote threads from 2015 to 2025 across more than 160 projects to reveal how collaboration, governance, and project growth have evolved.
Discover how better documentation, mentoring, and automation transformed a stressful compliance process into a positive learning experience. Learn why projects now see fewer rejections, faster reviews, and a more collaborative culture.
We’ll also explore how release cadence can signal community health, plus early warning signs that a project may be slowing down. Perfect for maintainers, mentors, and contributors who want stronger open source workflows and communities.
FOSSASIA Summit 2026 held in Bangkok, is Asia’s leading Open Source tech conference featuring sessions on #AI, #Cloud, #DevOps, #Open Hardware, #Security, #Web #Mobile Technologies, #Web3, and #Databases. Learn more: http://summit.fossasia.org
Video by CNCF [Cloud Native Computing Foundation] via YouTube
Dominik Mayer, Chief of Staff at CUE Labs, shares how his team worked with the Perses project to give their users a schema for their tool. The two teams connected, worked through the challenge together, and published a blog documenting the process.
It’s a real example of what makes the cloud native community work.
Description:
SUDO Show 77, “The Promotion Paradox,” is all about what happens when the best nerd in the room gets handed a calendar full of 1:1s, budgets, and “peopleware” instead of terminals and tickets. Bill, Neal, and Noel swap stories about micromanagers, open office nightmares, open source maintainers, and why learning to lead humans is way harder—and ultimately more rewarding—than just being the fastest person at fixing servers.
Show Links:
The Manager’s Path – Camille Fournier
https://www.oreilly.com/library/view/the-managers-path/9781491973882/
An Elegant Puzzle: Systems of Engineering Management – Will Larson
https://www.goodreads.com/book/show/45303387-an-elegant-puzzle
Linus Torvalds & Dirk Hohndel – Open Source Summit North America 2026 keynote
Chapters:
00:00:00 Intro – The Promotion Paradox
00:00:31 The Peter Principle Meets Tech
00:01:33 From Sysadmin to Manager – The Identity Shift
00:04:45 Team Lead – The First Rung on the Ladder
00:06:52 Metrics, Micromanagement, and Identity Crisis
00:09:43 Promotion by Tenure – Why That Fails
00:11:37 Bill’s Journey – Letting Go of “Best Tech”
00:13:46 Imposter Syndrome in Management
00:14:40 Two Bosses – Upward and Downward Management
00:20:07 Neal – From Startups to Big Companies
00:21:45 Prioritize the First Hire
00:25:49 Effective Managers Know the Skills
00:27:48 What Is an MBA?
00:28:18 Open Offices, Power, and Culture Jokes
00:29:40 The Maintainer Trap – Linus, Dirk, and FOSS
00:31:41 Keeping Hands in the Code – Linus’s Approach
00:32:49 My AI Assistant Is Here
00:33:36 Recognition, Rewards, and Motivation
00:34:31 Decompressing as a Manager (with a Little AI)
00:36:19 AI Managers
00:40:12 The Governance of Managing People
00:43:43 Understanding Company Culture for Better Management
00:46:56 Everybody Fails – How Do You Handle It?
00:48:57 Even Linux Has Had Catastrophic Management Failures
00:50:46 Management Pays Off If You Learn the Lessons Along the Way
00:53:04 Start Teaching Leadership Skills at a Young Age
00:55:16 We Need to Talk More About Education
00:56:03 What Are Our SUDO Solutions?
01:02:06 Outro
Connect with the Hosts:
Bill – @ctlinux on Mastodon
Neal – @neal@social.gompa.me on Mastodon
Noel – https://github.com/noelmiller
Mark Paulsen (Head of the Open Source Program Office at TD Bank) and Harry Toor explore how financial institutions can leverage generative AI and machine-readable policies to automate OSPO risk management. They deliver a live demonstration showing how AI can pinpoint compliance red flags, end-of-life dependencies, and licensing conflicts in seconds.
🇬🇧 Join us in London! Catch the latest on OSPO Strategy and Risk Management at OSFF London on June 25, 2026: https://hubs.ly/Q041YV9Z0 (Use Code: 26YTOSFFLN20C)
🕒 Timestamps:
0:00 Introduction: Managing OSPO Risk via AI
0:59 TD Bank’s Scale and Open Source Footprint
1:30 Three Key Questions: OSPO, Risks, and AI
1:44 What is an OSPO? Right-Sized Governance
2:31 Understanding Complex Corporate Software Risks
3:07 Leveraging Open Sourced Corporate Policies
3:45 Ingress, Egress, and Internal Control Points
4:45 How AI Comprehends and Problem-Solves Policy
5:37 Inside Control Point: SBoM and Dependency Decisions
6:25 Egress Control Point: Automated Code and Contribution Reviews
7:10 License Classification and Sheldon Cooper’s Dilemma
7:55 Practical Step: Translating Bank Policies into Machine-Readable Formats
10:12 Live Demo: Appeasing the Demo Gods
11:06 Live Walkthrough: Reviewing Open Source Licenses with AI
13:35 Analyzing the Output: Red Flags and Archived Repositories
15:00 Case Study: Kamunda 7 and the End-of-Life Tracking Problem
16:57 Audience Q&A: Overcoming AI Hallucinations via Human-in-the-Loop Architecture
📊 The Problem: The Manual License Review Bottleneck Open source software is inside every modern bank, whether leadership realizes it or not. However, managing compliance at banking scale involves handling massive volumes of Software Bills of Materials (SBOMs), complex license classifications, and security reviews. Relying purely on manual checks means multiple cross-departmental alignment sessions with compliance, legal, and cyber security, which drastically slows down engineering velocity.
🏗️ The Solution: Machine-Readable Policies & Automated Reviews
Mark Paulsen demonstrates how to apply generative AI to bridge the gap between high-level policy and automated execution:
* The Three-Point Framework: Constructing specialized AI automated guardrails at the three critical bank touchpoints: Ingress (code entering), Egress (contributions going out), and Internal (code already inside).
* Machine-Readable Taxonomy: Converting prose-heavy legal text into structured formats (like JSON) that LLMs can accurately parse against external open-source codebases.
* Automated Risk Triaging: Giving AI clear policy guidance to automatically highlight critical non-compliance indicators, such as unmaintained or archived GitHub repositories.
⚙️ Why This Matters for Financial Engineering
* Deterministic Audit Trails: By forcing the AI to output its explicit rationale alongside its decision, banks generate a clear, documented audit trail that satisfies internal risk and regulatory compliance bodies.
* Superpowered Efficiencies: Moving from weeks of review meetings to a multi-second initial screening allows risk teams to focus exclusively on highly nuanced edge cases.
🌐 More about FINOS: https://www.finos.org/
📧 Join our newsletter: https://www.finos.org/sign-up
🎙️ Listen to our Open Source in Finance Podcast: https://www.youtube.com/@FINOS/podcasts
LinkedIn: https://www.linkedin.com/company/finosfoundation
Support us on Patreon and get an ad-free RSS feed with some early episodes. https://www.patreon.com/LateNightLinux
A new Firefox release confuses Félim, Plex makes no sense in a world where Jellyfin exists, Will considers paying for the Kagi search engine, and another small Android tablet for your wall. Plus what we learned at the recent Ubuntu Summit.
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
