Personal blog built with Jekyll and hosted on GitHub Pages.
I write about package management, software supply chain security, and open source infrastructure. I'm building Ecosyste.ms, a collection of open datasets and tools for understanding and improving critical open source infrastructure.
- Will AI Make Package Managers Redundant?
- Zig and the M×N Supply Chain Problem
- The Dependency Layer in Digital Sovereignty
- The C-Shaped Hole in Package Management
- Introducing Package Chaos Monkey
- PkgFed: ActivityPub for Package Releases
- Rewriting git-pkgs in Go
- Package Management is a Wicked Problem
- A Protocol for Package Management
- An AI Skill for Skeptical Dependency Management
![[email protected]](/andrew/nesbitt.io/blob/master/hire-me%402x.png){kind=link}