PodcastsEducationThinking Elixir Podcast

Thinking Elixir Podcast

ThinkingElixir.com
Thinking Elixir Podcast
Latest episode

309 episodes

  • Thinking Elixir Podcast

    309: The Final Episode

    23/06/2026 | 44 mins.
    The final episode of Thinking Elixir after six incredible years of weekly episodes! We send things off in style with a packed news segment covering Phoenix LiveView 1.2's new colocated CSS powered by the @scope at-rule, the retirement of the long-standing Earmark Markdown library and why you should migrate to MDEx, a major Sagents v0.8.0 release bringing durable interrupts, and structured extraction, PostgreSQL 19's exciting new features including graph queries, SpaceX's jaw-dropping $60 billion acquisition of Cursor, and more! Finally, David shares his new role on the Erlang Ecosystem Foundation board, and Mark talks about what's next for Sagents and his exciting new AI-native startup. Thank you for six wonderful years. We're so glad you were here along the way and now for the final episode!

    Elixir Community News

    https://paraxial.io/ – Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a special offer.

    https://x.com/elixirphoenix/status/2065623059365540146 – Phoenix LiveView 1.2 announced, introduces colocated CSS for components.

    https://phoenixframework.org/blog/phoenix-liveview-1-2-released – Official LiveView 1.2 release blog post.

    https://developer.mozilla.org/en-US/docs/Web/CSS/Reference/At-rules/@scope – MDN reference for the @scope CSS at-rule used by LiveView 1.2.

    https://css-tricks.com/almanac/rules/s/scope/ – CSS-Tricks explanation of @scope for scoped component styles.

    https://caniuse.com/?search=%40scope – Browser compatibility table for @scope.

    https://bsky.app/profile/tylerayoung.com/post/3mnxeflr3k22w – LiveView 1.2 additions including formatter support and new JS client docs.

    https://bsky.app/profile/ftes.de/post/3mnyjd5oa6c27 – LiveView 1.2 now emits telemetry events for exceptions in LiveComponent renders.

    https://x.com/germsvel/status/2066817890519548175 – German Velasco announces the ex_crap library for CRAP metrics.

    https://ex-crap.hexdocs.pm/readme.html – HexDocs for ExCrap, calculates Change Risk Anti-Patterns scores from cyclomatic complexity and test coverage.

    https://hex.pm/packages/earmark – Earmark is retired with known security vulnerabilities.

    https://x.com/leandrocesquini/status/2067577879563583649 – Leandro announces a migration guide from Earmark to MDEx.

    https://mdex.hexdocs.pm/earmark_to_mdex.html – Official MDEx migration guide from Earmark.

    https://x.com/leandrocesquini/status/2066951591391899900 – Hex.pm package pages now generated by MDEx and Lumis with better Markdown and themes.

    https://x.com/leandrocesquini/status/2064395634098962575 – MDEx 0.13 announced; syntax highlighting now disabled by default.

    https://github.com/leandrocp/mdex_native – New mdex_native package for direct Comrak calls without Rustler.

    https://github.com/leandrocp/mdex/blob/main/CHANGELOG.md#0130-2026-06-09 – MDEx 0.13 changelog detailing breaking changes and fixes.

    https://mdex.hexdocs.pm/syntax_highlight.html – MDEx docs on re-enabling syntax highlighting after the 0.13 change.

    https://bsky.app/profile/brainlid.bsky.social/post/3monfsjlkfs2v – Mark's Bluesky post announcing Sagents v0.8.0.

    https://www.postgresql.org/docs/19/release-19.html – Official PostgreSQL 19 release notes.

    https://x.com/alxshp/status/2065094274799296684 – Notable PostgreSQL 19 features highlighted.

    https://www.snowflake.com/en/blog/engineering/postgresql-19-features-beta/ – Snowflake blog covering PostgreSQL 19 beta features.

    https://www.msn.com/en-us/news/technology/spacex-agrees-to-buy-ai-coding-agent-cursor-for-60-billion/ar-AA25MgA4 – SpaceX agrees to acquire AI coding tool Cursor for $60 billion.

    Find us online

    Mark Ericksen on X - @brainlid

    Mark Ericksen on Bluesky - @brainlid.bsky.social

    David Bernheisel on Bluesky - @david.bernheisel.com
  • Thinking Elixir Podcast

    308: Elixir Goes Gradually Typed

    16/06/2026 | 32 mins.
    Elixir v1.20 has officially landed, marking a huge milestone as the language is now officially a gradually typed language, type checking every single line of code without requiring developer annotations, and even prompting some developers to drop Dialyzer entirely. HexDocs is rolling out per-package subdomains for improved browser security isolation, the Erlang Ecosystem Foundation has launched an Ecosystem Registry to help answer "who uses this?" for Erlang, Elixir, and Gleam companies, and the Lua library for Elixir is approaching its v1.0 release with a brand new pure-Elixir Lua 5.3 VM. On the security front, a sophisticated self-replicating worm called Miasma compromised 73 Microsoft GitHub repos by exploiting legitimate OIDC tokens and valid SLSA provenance, even weaponizing AI coding tools like Claude Code and Cursor, raising fresh questions about supply chain safety and whether Hex might benefit from a cooldown mechanism like the one Ruby just shipped, and more!

    Elixir Community News

    https://paraxial.io/ – Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a special offer.

    https://x.com/josevalim/status/2062248428898254957 – José Valim announced the release of Elixir v1.20, highlighting it as now officially a gradually typed language.

    https://elixir-lang.org/blog/2026/06/03/elixir-v1-20-0-released/ – Official Elixir v1.20.0 release announcement

    https://bsky.app/profile/david.bernheisel.com/post/3mnkuwjup6c2g – David removing Dialyzer from a project

    https://x.com/TheErlef/status/2061525571226554684 – The Erlang Ecosystem Foundation announced the new HexDocs per-package subdomain URLs.

    https://hex.pm/blog/hexdocs-per-package-subdomains

    https://x.com/davydog187/status/2061938751257911316 – Dave Lucia announced the Lua library v1.0.0 RC

    https://x.com/davydog187/status/2062540335679422641 – Dave Lucia announced deflua.com

    https://deflua.com/ – The official website for Lua

    https://marketing.erlef.org/news/registry-announce.html – The Erlang Ecosystem Foundation announced the new Ecosystem Registry for companies

    https://registry.erlef.org/ – The ERLEF Ecosystem Registry

    https://x.com/gleamlang/status/2061800462530076748 – Gleam announced the release of version 1.17.0.

    https://gleam.run/news/single-file-gleam-beam-programs-with-escript/ – Gleam 1.17.0 release notes

    https://x.com/codebeamio/status/2065089786675601785 – Code BEAM Europe 2026 speakers have been announced.

    https://codebeameurope.com/#speakers – The Code BEAM Europe 2026 speakers lineup and talk topics.

    https://github.com/microsoft/pg_durable – Microsoft's pg_durable GitHub repo

    https://microsoft.github.io/pg_durable/ – Official documentation site for Microsoft's pg_durable Postgres extension.

    https://blog.rubygems.org/2026/06/03/cooldown-let-new-gems-be-vetted.html – Bundler's new cooldown feature

    https://linuxiac.com/arch-linux-aur-malware-campaign-hits-multiple-user-contributed-packages/ – Malware campaign affecting over 400 Arch Linux AUR packages

    https://cloudsmith.com/blog/miasma-worms-path-of-destruction – Cloudsmith's detailed write-up on the Miasma self-replicating malware worm

    https://www.microsoft.com/en-us/security/blog/2026/06/02/preinstall-persistence-inside-red-hat-npm-miasma-credential-stealing-campaign/ – Microsoft Security's blog post on the Miasma campaign
  • Thinking Elixir Podcast

    307: Trust Nothing, Sort Everything

    09/06/2026 | 24 mins.
    Mark shares a bittersweet housekeeping update — the Thinking Elixir Podcast is winding down, with the final episode airing June 23rd, 2026, closing the book on over six years of weekly shows. On the news front, Ecto 3.14 lands with long-awaited UUIDv7 support (time-sortable UUIDs for better index performance) along with a host of other improvements, Oban Pro adds a “human approval” workflow step that lets jobs pause mid-execution and resume on a signal without holding a database connection open, Hologram v0.9 arrives with a new Realtime feature enabling pure-Elixir WebSocket push from server to browser, Dashbit shares a behind-the-scenes look at how they designed Git integration in Tidewave Web across three developer personas, and the NSA drops new Zero Trust Implementation Guidelines that pair nicely with the Erlang Ecosystem Foundation's own security hardening document, and more!

    Show Notes online - http://podcast.thinkingelixir.com/307

    Elixir Community News

    https://paraxial.io/ – Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a special offer.

    The Thinking Elixir Podcast ends June 23rd, 2026 — over 6 years weekly, ~9 years of Elixir podcasting.

    Episode recorded ahead of time; major news that dropped after recording will be covered next episode.

    https://x.com/ryanwinchester/status/2057905815160258709 – Tweet announcing Ecto 3.14 with UUIDv7 support.

    https://github.com/elixir-ecto/ecto – Ecto GitHub repository.

    https://github.com/elixir-ecto/ecto/blob/master/CHANGELOG.md – Ecto v3.14 changelog — UUIDv7, reorder_assoc/2, HOT upserts, Ecto.Type.trim/2, Decimal v3, and more.

    https://hexdocs.pm/ecto/Ecto.UUID.html – Ecto.UUID docs — how to opt in to UUIDv7 or UUIDv7 monotonic via @primary_key.

    https://oban.pro/docs/pro/changelog.html – Oban Pro changelog — jobs can pause mid-execution for human approval via await_signal/1.

    https://x.com/bart_blast/status/2059830682143305781 – Tweet announcing Hologram v0.9 with new Realtime feature.

    https://hologram.page/blog/hologram-v0-9 – Hologram v0.9 blog post — full-stack Elixir framework adds server-to-browser WebSocket push in pure Elixir.

    https://x.com/josevalim/status/2060076009261515134 – José Valim tweets about Tidewave's new Git integration article.

    https://tidewave.ai/blog/designing-git-integration – Dashbit article on Tidewave's Git integration design — commits, push, PRs, and three developer personas.

    https://www.nsa.gov/Cybersecurity/ZIG/ – NSA Zero Trust Implementation Guidelines (ZIG) — comprehensive least-privilege access guidelines.

    https://www.nsa.gov/Cybersecurity/ZIG/Technology-Mapping/ – NSA ZIG Technology Mapping — capabilities and associated risks table.

    https://security.erlef.org/secure_coding_and_deployment_hardening/ – ERLEF Security WG's Secure Coding and Deployment Hardening guide.

    https://github.com/dashbitco/nimble_zta – nimble_zta — Dashbit's open-source Zero Trust Authentication library for Cloudflare, GCP, and Tailscale.

    Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

    Find us online

    Message the show - Bluesky

    Message the show - X

    Message the show on Fediverse - @ThinkingElixir@genserver.social

    Email the show - show@thinkingelixir.com

    Mark Ericksen on X - @brainlid

    Mark Ericksen on Bluesky - @brainlid.bsky.social

    Mark Ericksen on Fediverse - @brainlid@genserver.social

    David Bernheisel on Bluesky - @david.bernheisel.com

    David Bernheisel on Fediverse - @dbern@genserver.social
  • Thinking Elixir Podcast

    306: Don't Exhaust Your Atoms

    02/06/2026 | 27 mins.
    Security takes center stage this week as the EEF's Jonatan Männchen highlights that atom exhaustion accounts for roughly one tenth of all CVEs in the BEAM ecosystem and Sobelow can help catch it before it hits production. Hackney users get an urgent nudge to upgrade to v4.0.3, which patches 9 CVEs including high-severity issues and fixes missing HTTP/3 certificate verification, thanks in part to Peter Ullrich's AI-assisted vulnerability research. On the exciting side, the new Elixir 1.20-rc.6 type system is proving its worth in the real world, with Tyler Young reporting it caught ~500 issues, including outright bugs, that 1.19 completely missed. Dannote releases "vibe", an ambitious BEAM-native coding agent for Elixir/OTP projects featuring a TUI, LiveView web console, subagents, and more!

    Show Notes online - http://podcast.thinkingelixir.com/306

    Elixir Community News

    https://paraxial.io/ – Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a special offer.

    The Thinking Elixir Podcast is ending June 23rd, 2026, after 6 years of weekly episodes.

    https://x.com/maennchen_/status/2059586280711651745 – Jonatan Männchen of the EEF notes that 35% of EEF CVEs are uncontrolled resource consumption, with atom exhaustion as a recurring cause.

    https://erlef.org/blog/security/atom-exhaustion – EEF blog post — atom exhaustion accounts for roughly one tenth of all BEAM ecosystem CVEs, yet it's well understood and preventable.

    https://cna.erlef.org/common-weaknesses – EEF CNA Common Weaknesses page showing the current CVE category distribution.

    https://hex.pm/packages/sobelow – Sobelow is a great Elixir security scanner that detects atom exhaustion and other issues — easy to add to CI.

    https://x.com/benoitc/status/2058909986084819267 – Announcement of hackney 4.0.1, a security release fixing vulnerabilities across HTTP/1.1, HTTP/2, HTTP/3, and WebSocket.

    https://github.com/benoitc/hackney/releases/tag/4.0.1 – hackney 4.0.1 release — fixes 9 CVEs (1 low, 4 medium, 4 high); upgrade to v4.0.3 for HTTP/3 certificate verification too.

    https://github.com/benoitc/hackney/blob/master/NEWS.md – hackney changelog with full details on all security fixes in 4.0.1 through 4.0.3.

    https://www.linkedin.com/posts/pjullrich_elixirlang-share-7464694254557237248-sICM/ – Peter Ullrich urges upgrading hackney to 4.0.1 ASAP after he and two others reported the vulnerabilities using AI-assisted research.

    https://cna.erlef.org/cves/ – EEF CNA CVE listing page referenced by Peter Ullrich in his hackney disclosure post.

    https://bsky.app/profile/tylerayoung.com/post/3mmwal5yrkc2y – Tyler Young upgraded to Elixir 1.20-rc.6 and the new type system found ~500 issues 1.19 missed, including real bugs.

    https://x.com/dan_note/status/2057966143369777407 – Dannote announces "vibe", a new BEAM-native coding agent for Elixir/OTP projects.

    https://github.com/elixir-vibe/vibe – vibe GitHub repo — a local OTP app with TUI, LiveView console, subagents, plugins, and project-aware Elixir eval. Experimental.

    https://bsky.app/profile/tylerayoung.com/post/3mmrla7tqrs2d – Tyler Young releases jump_credo_checks v0.3.0 with a new UnusedLiveViewAssign check.

    https://x.com/claudedevs/status/2059385239781384341 – Anthropic ships a free security-guidance plugin for Claude Code that reviews code at three levels; saw 30-40% fewer security PR comments internally.

    https://x.com/ogrizkov/status/2059417410940145689 – A user tested the Claude Code security plugin — it immediately blocked eval() and a dangerous regex with OWASP explanations.

    Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

    Find us online

    Message the show - Bluesky

    Message the show - X

    Message the show on Fediverse - @ThinkingElixir@genserver.social

    Email the show - show@thinkingelixir.com

    Mark Ericksen on X - @brainlid

    Mark Ericksen on Bluesky - @brainlid.bsky.social

    Mark Ericksen on Fediverse - @brainlid@genserver.social

    David Bernheisel on Bluesky - @david.bernheisel.com

    David Bernheisel on Fediverse - @dbern@genserver.social
  • Thinking Elixir Podcast

    305: Eleven Minutes to Mayhem

    26/05/2026 | 32 mins.
    News includes Elixir 1.20.0-rc.6 arriving as likely the final release candidate before v1.20.0 ships, completing a ~15-week roadmap and delivering full type inference across applications and dependencies. The EEF 2026 election results are in with 3 returning and 1 new board member, LiveStash v0.3.0 lands with a Redis adapter and auto-stashing for Phoenix LiveView state recovery on WebSocket reconnects, a call goes out for BEAM ecosystem companies to step up and support the EEF’s critical security work, and GitHub suffered a significant breach when a hijacked VS Code extension quietly exfiltrated ~3,800 internal repositories in just 11 minutes, and more!

    Show Notes online - http://podcast.thinkingelixir.com/305

    Elixir Community News

    https://paraxial.io/ – Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a special offer.

    https://elixirforum.com/t/elixir-v1-20-0-rc-6-released/75448 – Elixir v1.20.0-rc.6 released on the ElixirForum - the likely final release candidate before v1.20.0 final, completing the ~15 week type inference roadmap. Includes tips for profiling compile times before and after upgrading.

    https://github.com/elixir-lang/elixir/releases/tag/v1.20.0-rc.6 – GitHub release page for Elixir v1.20.0-rc.6. Highlights include full type inference across applications and type inference across deps.

    https://erlef.org/blog/eef/election-2026-results – EEF 2026 election results - David Bernheisel, Francesco Cesarini, Amos King, and Alistair Woodman were elected.

    https://x.com/swmansionelixir/status/2054945784148201684 – Software Mansion announces LiveStash v0.3.0, featuring a new Redis Adapter and Auto-Stashing for Phoenix LiveView state recovery on WebSocket reconnects.

    https://github.com/software-mansion-labs/live-stash – GitHub repo for LiveStash - a library providing a reliable API to stash and recover Phoenix LiveView assigns when socket connections are interrupted or re-established.

    https://x.com/ZachSDaniel1/status/2057517360060522872 – A call to action for companies generating revenue on the BEAM ecosystem to support the EEF. The EEF maintains a CNA and coordinates security across the ecosystem including hex.pm, but the current effort is no longer sustainable.

    https://hauleth.dev/post/writing-tests/ – A solid blog post on writing better Elixir tests. Covers using a @subject module attribute, grouping tests with describe, preferring dependency injection over mocking, avoiding factory libraries in favor of calling context functions directly, and using property-based testing with StreamData.

    https://x.com/github/status/2056884788179726685 – GitHub's official tweet confirming unauthorized access to their internal repositories. No confirmed evidence of impact to customer data outside GitHub's internal repos at time of posting.

    https://x.com/intcyberdigest/status/2056970677668770117 – Report that GitHub was compromised by TeamPCP via a poisoned VS Code extension on an employee device, resulting in ~3,800 internal repositories being exfiltrated and sold on a cybercrime forum.

    https://x.com/star_knight12/status/2056977944334266428 – Detailed breakdown of the GitHub hack - the Nx Console VS Code extension (2.2M installs) was hijacked with a credential stealer hidden in an orphan commit. It harvested tokens from GitHub, npm, AWS, Kubernetes, and 1Password. The poisoned version was live for only 11 minutes before detection.

    Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

    Find us online

    Message the show - Bluesky

    Message the show - X

    Message the show on Fediverse - @ThinkingElixir@genserver.social

    Email the show - show@thinkingelixir.com

    Mark Ericksen on X - @brainlid

    Mark Ericksen on Bluesky - @brainlid.bsky.social

    Mark Ericksen on Fediverse - @brainlid@genserver.social

    David Bernheisel on Bluesky - @david.bernheisel.com

    David Bernheisel on Fediverse - @dbern@genserver.social
More Education podcasts
About Thinking Elixir Podcast
The Thinking Elixir podcast is a weekly show where we talk about the Elixir programming language and the community around it. We cover news and interview guests to learn more about projects and developments in the community. Whether you are already experienced with Elixir or just exploring the language, this show is created with you in mind. We discuss community news, Functional Programming, transitioning from OOP, coding conventions, and more. Guests visit the show to help challenge our assumptions, learn about new developments and grow in the process. Subscribe to join us on this journey!
Podcast website

Listen to Thinking Elixir Podcast, 6 Minute English and many other podcasts from around the world with the radio.net app

Get the free radio.net app

  • Stations and podcasts to bookmark
  • Stream via Wi-Fi or Bluetooth
  • Supports Carplay & Android Auto
  • Many other app features