The GitHub Podcast

In this year-in-review episode of The GitHub Podcast, Cassidy and Abby are joined by Helen Hou-Sandí, GitHub’s engineering manager for the Accessibility Engineering team and lead developer in the WordPress project.They dig into Maintainer Tiny Wins, a series of two week long timeboxed improvements that save millions of developer minutes a day, from smarter PR reviewers panels and one-click merge conflict resolution to long-awaited WebP support. Helen shares how accessibility issues often spark broader UX improvements, and why fixing “just” a border color can evolve into deeply impactful changes at GitHub’s scale. They also explore the rise of the Model Context Protocol (MCP) as an open standard, GitHub’s new open source accessibility scanner action, supporting non-code contributors and AI as the “over-eager new contributor.Whether you’re a maintainer, a contributor, or just love a good Furby-powered keynote, this episode is a love letter to the tiny details that make open source better for everyone.Links mentioned in the episode:GitHub Accessibility Scanner ActionProject BluefinGitHub Universe 2025 – Day Two KeynoteUnlocking the Power of MCP2025 Octoverse ReportRefined GitHub Browser ExtensionGit History CleanerOpen Source Accessibility Summit Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this episode guest host Greg Cochran from the GitHub Secure Open Source Fund brings together four maintainers who are helping secure the open source projects we all depend on: Christian (Log4j/Log4Shell), Carlos (GoReleaser), Michael (EVCC), and Camila (ScanAPI) to unpack what it really looks like to level up security in critical OSS.They share how the Fund’s three-week security sprint, ongoing check-ins, and tight-knit community helped them move from “we don’t know what we don’t know” to concrete wins: hardened GitHub Actions pipelines, incident response plans, better reporting processes, and SBOMs that actually include dependency licenses. They also talk candidly about asking “dumb” questions in a trusted space and the ripple effect when one project’s security posture improves across its dependents. Finally, the group dives into AI security: using fuzzing, GitHub Copilot, and tools like the Secure Code Game both to find vulnerabilities faster and to keep up with attackers who now have AI on their side too.Links mentioned in the episode: GitHub Secure Open Source Fund overviewAnnouncing GitHub Secure Open Source FundInside the breach that broke the internet: The untold story of Log4ShellLog4j / Log4Shell video (castle interview with Christian)EVCC – open source EV charging & energy management GoReleaser – release engineering automationScanAPI – automated API testing & live documentationGitHub Security LabSecure Code Game (GitHub Security Lab)GitHub Copilot – AI coding assistant Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Abby sits down with Angie Jones, VP of Engineering at Block, live at GitHub Universe to talk about Goose, Block’s open source AI agent and reference implementation of the Model Context Protocol (MCP). Angie shares how Goose went from an internal tool to an open source project that lets the community drive features like multimodel support, and how Block’s 12,000 employees across 15+ job functions (not just engineers) now use agents every day. They dig into practical, non-hype uses of AI agents: detecting when students are struggling, triaging open source issues, segmenting 80k+ sales leads, and even letting a salesperson “vibe code” a feature on the train. Angie also talks about trust and control when giving AI access to codebases, why developers are tired of flashy demos, and how her new AI Builder Fellowship is designed to support the next generation of native AI builders. Links mentioned in the episode: https://angiejones.techhttps://github.com/block/goosehttps://github.com/blockhttps://github.com/modelcontextprotocolhttps://github.com/features/copilothttps://testautomationu.applitools.comhttps://www.selenium.devhttps://playwright.devhttps://www.cypress.iohttps://code.visualstudio.comhttps://www.salesforce.comhttps://github.com/martinwoodward/pyfluff Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this episode, recorded live at GitHub Universe 2025, Andrea sits down with Frank “Frenck” Nijhof, a GitHub Star and project lead for Home Assistant, one of the most active open source projects on the platform. They unpack how millions of households run privacy-first automations locally (no cloud required), why the Open Home Foundation exists to prevent vendor lock-in and e-waste, and how this famously welcoming community scaled to 21k+ contributors. Frank also shares insights about the development of “Assist,” an open, local-first voice assistant (with optional AI), as well as the new “Home Assist Green” hardware device, plus practical ways non-coders can meaningfully contribute to the project, too.Links mentioned in the episode:https://github.com/frenckhttps://www.home-assistant.iohttps://www.home-assistant.io/greenhttps://www.home-assistant.io/voicehttps://www.home-assistant.io/assisthttps://www.esphome.iohttps://github.com/home-assistanthttps://www.raspberrypi.com Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Andrea and Kedasha sit down with data whisperer Jeff Luszcz, one of the wizards behind GitHub’s annual Octoverse report, to unpack this year’s biggest shifts. They get into why TypeScript overtook Python on GitHub, how AI-assisted “vibe coding” and agentic workflows are reshaping everyday engineering, and what it means that more than one new developer joins GitHub every second. From 1.12B open source contributions and 518M merged PRs to COBOL’s unexpected comeback, global growth (hello India, Brazil and Indonesia), and “security by default” with CodeQL and Dependabot, this episode turns the numbers into next steps for your career and your open source projects.Links mentioned in the episode:https://octoverse.github.comhttps://github.com/jeffrey-luszczhttps://github.com/features/copilothttps://codeql.github.comhttps://docs.github.com/code-security/dependabothttps://docs.github.com/code-security/secret-scanning/introduction/about-secret-scanninghttps://www.typescriptlang.orghttps://www.python.orghttps://nextjs.orghttps://vitejs.devhttps://marketplace.visualstudio.com/items?itemName=GitHub.copilothttps://www.home-assistant.iohttps://code.visualstudio.comhttps://github.com/explore Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.