Thinking Elixir Podcast

News includes Tidewave, a new Phoenix MCP server that helps AI-enabled editors access application runtime, Chris McCord teasing his AI-enabled Phoenix app with LiveView hosted IDE features, a new GitHub Action for submitting Elixir dependencies to enhance security, ExMeralda.chat, a community chatbot for querying Hex packages, updates on Software Mansion's LiveDebugger v0.2.0 coming in May, mix test.interactive for enhanced ExUnit testing workflows, and information about slopsquatting, a new malware technique targeting AI-assisted developers, and more!Template Show Notes online - http://podcast.thinkingelixir.com/252 [http://podcast.thinkingelixir.com/252] Elixir Community News * https://paraxial.io/ [https://paraxial.io/?utm_source=thinkingelixir&utm_medium=shownotes] – Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a limited time offer. * https://youtu.be/vGue4LtqeWg [https://youtu.be/vGue4LtqeWg?utm_source=thinkingelixir&utm_medium=shownotes] – Introduction video for Tidewave, a Phoenix/Rails MCP server that helps AI-enabled editors access your application's runtime. * https://github.com/hexpm/hexdocs/issues/49 [https://github.com/hexpm/hexdocs/issues/49?utm_source=thinkingelixir&utm_medium=shownotes] – Hexdocs PR enabling documentation context for Tidewave, allowing AI assistants to access app documentation without manual copying. * https://x.com/chris_mccord/status/1915017804937375896 [https://x.com/chris_mccord/status/1915017804937375896?utm_source=thinkingelixir&utm_medium=shownotes] – Chris McCord teasing his AI-enabled Phoenix app that writes code. * https://x.com/chris_mccord/status/1917002231322116298 [https://x.com/chris_mccord/status/1917002231322116298?utm_source=thinkingelixir&utm_medium=shownotes] – Chris McCord demonstrating an interactive LiveView hosted IDE with realtime terminal support synced across browsers/devices. * https://bsky.app/profile/theerlef.bsky.social/post/3lngay5chys22 [https://bsky.app/profile/theerlef.bsky.social/post/3lngay5chys22?utm_source=thinkingelixir&utm_medium=shownotes] – EEF announcement about the "mix-dependency-submission" GitHub Action for submitting Elixir/Mix dependencies. * https://github.com/erlef/mix-dependency-submission [https://github.com/erlef/mix-dependency-submission?utm_source=thinkingelixir&utm_medium=shownotes] – GitHub repo for the mix-dependency-submission tool that calculates dependencies for Mix and submits them to GitHub's API. * https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api [https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api?utm_source=thinkingelixir&utm_medium=shownotes] – GitHub documentation about the Dependency Submission API used by the mix-dependency-submission tool. * https://exmeralda.chat/chat/start [https://exmeralda.chat/chat/start?utm_source=thinkingelixir&utm_medium=shownotes] – ExMeralda.chat, a chatbot for hex.pm packages from bitcrowd.dev, using their Elixir RAG library. * https://bitcrowd.dev/exmeralda-a-community-chatbot-for-hex-packages/ [https://bitcrowd.dev/exmeralda-a-community-chatbot-for-hex-packages/?utm_source=thinkingelixir&utm_medium=shownotes] – Blog post explaining ExMeralda, a community chatbot for Hex packages that demonstrates RAG systems with LLMs. * https://www.reddit.com/r/elixir/comments/1k600mu/livedebugger_v020_upcoming_features_part_1/ [https://www.reddit.com/r/elixir/comments/1k600mu/livedebugger_v020_upcoming_features_part_1/?utm_source=thinkingelixir&utm_medium=shownotes] – Reddit post from Software Mansion about upcoming features in LiveDebugger v0.2.0, expected in early May. * https://www.youtube.com/watch?v=HNl-y49Ou7E [https://www.youtube.com/watch?v=HNl-y49Ou7E?utm_source=thinkingelixir&utm_medium=shownotes] – Full interview discussing LiveDebugger in more depth. * https://github.com/randycoulman/mix_test_interactive [https://github.com/randycoulman/mix_test_interactive?utm_source=thinkingelixir&utm_medium=shownotes] – mix test.interactive - an interactive test runner for ExUnit tests that enhances testing workflows. * https://x.com/jskalc/status/1916824204156035300 [https://x.com/jskalc/status/1916824204156035300?utm_source=thinkingelixir&utm_medium=shownotes] – Twitter post highlighting mix test.interactive's features including running tests by names, rerunning on file save, and more. * https://erlef.org/blog/eef/election-2025 [https://erlef.org/blog/eef/election-2025?utm_source=thinkingelixir&utm_medium=shownotes] – Information about upcoming Erlang Ecosystem Foundation board elections with important dates. * https://andrealeopardi.com/posts/async-tests-in-elixir/ [https://andrealeopardi.com/posts/async-tests-in-elixir/?utm_source=thinkingelixir&utm_medium=shownotes] – Andrea Leopardi's blog post about reworking singleton architecture to leverage async tests in ExUnit. * https://www.youtube.com/watch?v=KrAqMyjbkJQ [https://www.youtube.com/watch?v=KrAqMyjbkJQ?utm_source=thinkingelixir&utm_medium=shownotes] – ElixirConf US 2024 talk by Jason Stiebs on FLAME (Fleeting Lambda Application for Modular Execution). * https://www.youtube.com/watch?v=62OK9B4yRfg [https://www.youtube.com/watch?v=62OK9B4yRfg?utm_source=thinkingelixir&utm_medium=shownotes] – ElixirConf US 2024 talk by James Isenhart on 'OpenTelemetry: From Desire to Dashboard' * https://gridinsoft.com/blogs/slopsquatting-malware/ [https://gridinsoft.com/blogs/slopsquatting-malware/?utm_source=thinkingelixir&utm_medium=shownotes] – Article about slopsquatting, a new malware technique targeting AI-assisted developers by exploiting AI hallucinations of package names. Do you have some Elixir news to share? Tell us at @ThinkingElixir [https://twitter.com/ThinkingElixir] or email at show@thinkingelixir.com [show@thinkingelixir.com] Find us online * Message the show - Bluesky [https://bsky.app/profile/thinkingelixir.com] * Message the show - X [https://x.com/ThinkingElixir] * Message the show on Fediverse - @ThinkingElixir@genserver.social [https://genserver.social/ThinkingElixir] * Email the show - show@thinkingelixir.com [show@thinkingelixir.com] * Mark Ericksen on X - @brainlid [https://x.com/brainlid] * Mark Ericksen on Bluesky - @brainlid.bsky.social [https://bsky.app/profile/brainlid.bsky.social] * Mark Ericksen on Fediverse - @brainlid@genserver.social [https://genserver.social/brainlid] * David Bernheisel on Bluesky - @david.bernheisel.com [https://bsky.app/profile/david.bernheisel.com] * David Bernheisel on Fediverse - @dbern@genserver.social [https://genserver.social/dbern] Sponsored By: * Paraxial.io [https://paraxial.io/]: Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a limited time offer. [https://paraxial.io/]

News includes a critical Unauthenticated Remote Code Execution vulnerability in Erlang/OTP SSH, José Valim teasing a new project, Oban Pro v1.6's impressive new "Cascade Mode" feature, Semaphore CI/CD platform being open-sourced as a primarily Elixir application, new sandboxing options for Elixir code with Dune and Mini Elixir, BeaconCMS development slowing due to DockYard cuts, and a look at the upcoming W3C Device Bound Session Credentials standard that will impact all web applications, and more! Show Notes online - http://podcast.thinkingelixir.com/251 [http://podcast.thinkingelixir.com/251] Elixir Community News * https://paraxial.io/ [https://paraxial.io/?utm_source=thinkingelixir&utm_medium=shownotes] – Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a limited time offer. * https://x.com/ErlangDiscu/status/1914259474937753747 [https://x.com/ErlangDiscu/status/1914259474937753747?utm_source=thinkingelixir&utm_medium=shownotes] – Unauthenticated Remote Code Execution vulnerability discovered in Erlang/OTP SSH. * https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2 [https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2?utm_source=thinkingelixir&utm_medium=shownotes] – Official security advisory for the Erlang/OTP SSH vulnerability. * https://paraxial.io/blog/erlang-ssh [https://paraxial.io/blog/erlang-ssh?utm_source=thinkingelixir&utm_medium=shownotes] – Paraxial.io's detailed blog post addressing how the SSH vulnerability impacts typical Elixir systems. * https://elixirforum.com/t/updated-nerves-systems-available-with-cve-2025-32433-ssh-fix/70539 [https://elixirforum.com/t/updated-nerves-systems-available-with-cve-2025-32433-ssh-fix/70539?utm_source=thinkingelixir&utm_medium=shownotes] – Updated Nerves systems available with SSH vulnerability fix. * https://bsky.app/profile/oban.pro/post/3lndzg72r2k2g [https://bsky.app/profile/oban.pro/post/3lndzg72r2k2g?utm_source=thinkingelixir&utm_medium=shownotes] – Announcement of Oban Pro v1.6's new "Cascade Mode" feature. * https://oban.pro/articles/weaving-stories-with-cascading-workflows [https://oban.pro/articles/weaving-stories-with-cascading-workflows?utm_source=thinkingelixir&utm_medium=shownotes] – Blog post demonstrating Oban Pro's new Cascading Workflows feature used to create children's stories with AI. * https://bsky.app/profile/josevalim.bsky.social/post/3lmw5fvnyvc2k [https://bsky.app/profile/josevalim.bsky.social/post/3lmw5fvnyvc2k?utm_source=thinkingelixir&utm_medium=shownotes] – José Valim teasing a new logo with "Soon" message. * https://tidewave.ai/ [https://tidewave.ai/?utm_source=thinkingelixir&utm_medium=shownotes] – New site mentioned in José Valim's teasers, not loading to anything yet. * https://github.com/tidewave-ai [https://github.com/tidewave-ai?utm_source=thinkingelixir&utm_medium=shownotes] – New GitHub organization related to José Valim's upcoming announcement. * https://github.com/tidewave-ai/mcp_proxy_elixir [https://github.com/tidewave-ai/mcp_proxy_elixir?utm_source=thinkingelixir&utm_medium=shownotes] – The only public project in the tidewave-ai organization - an Elixir MCP server for STDIO. * https://x.com/chris_mccord/status/1913073561561858229 [https://x.com/chris_mccord/status/1913073561561858229?utm_source=thinkingelixir&utm_medium=shownotes] – Chris McCord teasing AI development with Phoenix applications. * https://ashweekly.substack.com/p/ash-weekly-issue-13 [https://ashweekly.substack.com/p/ash-weekly-issue-13?utm_source=thinkingelixir&utm_medium=shownotes] – Zach Daniel teasing upcoming Ash news to be announced at ElixirConf EU. * https://elixirforum.com/t/dune-sandbox-for-elixir/42480 [https://elixirforum.com/t/dune-sandbox-for-elixir/42480?utm_source=thinkingelixir&utm_medium=shownotes] – Dune - a sandbox for Elixir created by a Phoenix maintainer. * https://github.com/functional-rewire/dune [https://github.com/functional-rewire/dune?utm_source=thinkingelixir&utm_medium=shownotes] – GitHub repository for Dune, an Elixir code sandbox. * https://blog.sequinstream.com/why-we-built-mini-elixir/ [https://blog.sequinstream.com/why-we-built-mini-elixir/?utm_source=thinkingelixir&utm_medium=shownotes] – Blog post explaining Mini Elixir, another Elixir code sandbox solution. * https://github.com/sequinstream/sequin/tree/main/lib/sequin/transforms/minielixir [https://github.com/sequinstream/sequin/tree/main/lib/sequin/transforms/minielixir?utm_source=thinkingelixir&utm_medium=shownotes] – GitHub repository that contains Mini Elixir, an Elixir AST interpreter. * https://www.reddit.com/r/elixir/comments/1k27ekg/we_built_a_custom_elixir_ast_interpreter_for/ [https://www.reddit.com/r/elixir/comments/1k27ekg/we_built_a_custom_elixir_ast_interpreter_for/?utm_source=thinkingelixir&utm_medium=shownotes] – Reddit discussion about Mini Elixir AST interpreter. * https://github.com/semaphoreio/semaphore [https://github.com/semaphoreio/semaphore?utm_source=thinkingelixir&utm_medium=shownotes] – Semaphore CI/CD platform open-sourced under Apache 2.0 license - primarily an Elixir application. * https://semaphore.io/ [https://semaphore.io/?utm_source=thinkingelixir&utm_medium=shownotes] – Official website for Semaphore CI/CD platform. * https://docs.semaphoreci.com/CE/getting-started/install [https://docs.semaphoreci.com/CE/getting-started/install?utm_source=thinkingelixir&utm_medium=shownotes] – Installation guide for Semaphore Community Edition. * https://bsky.app/profile/markoanastasov.bsky.social/post/3lj5o5h5z7k2t [https://bsky.app/profile/markoanastasov.bsky.social/post/3lj5o5h5z7k2t?utm_source=thinkingelixir&utm_medium=shownotes] – Announcement from Marko Anastasov, co-founder of Semaphore CI, about open-sourcing their platform. * https://github.com/elixir-dbvisor/sql [https://github.com/elixir-dbvisor/sql?utm_source=thinkingelixir&utm_medium=shownotes] – GitHub repository for SQL parser and sigil with impressive benchmarks. * https://groups.google.com/g/elixir-ecto/c/8MOkRFAdLZc?pli=1 [https://groups.google.com/g/elixir-ecto/c/8MOkRFAdLZc?pli=1?utm_source=thinkingelixir&utm_medium=shownotes] – Discussion about SQL parser being 400-650x faster than Ecto for generating SQL. * https://bsky.app/profile/bcardarella.bsky.social/post/3lndymobsak2p [https://bsky.app/profile/bcardarella.bsky.social/post/3lndymobsak2p?utm_source=thinkingelixir&utm_medium=shownotes] – Announcement about BeaconCMS reducing development due to Dockyard cuts. * https://bsky.app/profile/did:plc:vnywtpvzgdgetnwea3fs3y6w [https://bsky.app/profile/did:plc:vnywtpvzgdgetnwea3fs3y6w?utm_source=thinkingelixir&utm_medium=shownotes] – Related profile for BeaconCMS announcement. * https://beaconcms.org/ [https://beaconcms.org/?utm_source=thinkingelixir&utm_medium=shownotes] – BeaconCMS official website. * https://github.com/BeaconCMS/beacon [https://github.com/BeaconCMS/beacon?utm_source=thinkingelixir&utm_medium=shownotes] – GitHub repository for BeaconCMS. Do you have some Elixir news to share? Tell us at @ThinkingElixir [https://twitter.com/ThinkingElixir] or email at show@thinkingelixir.com [show@thinkingelixir.com] Discussion Resources * Discussion about Device Bound Session Credentials, a W3C initiative being built into major browsers that will require minor changes to Phoenix for implementation. * https://w3c.github.io/webappsec-dbsc/ [https://w3c.github.io/webappsec-dbsc/?utm_source=thinkingelixir&utm_medium=shownotes] – W3C - Device Bound Session Credentials proposal * https://github.com/w3c/webappsec-dbsc/ [https://github.com/w3c/webappsec-dbsc/?utm_source=thinkingelixir&utm_medium=shownotes] – Device Bound Session Credentials explainer * https://developer.chrome.com/docs/web-platform/device-bound-session-credentials [https://developer.chrome.com/docs/web-platform/device-bound-session-credentials?utm_source=thinkingelixir&utm_medium=shownotes] – Device Bound Session Credentials (DBSC) on the Google Chrome developer blog * https://en.wikipedia.org/wiki/Trusted_Platform_Module [https://en.wikipedia.org/wiki/Trusted_Platform_Module?utm_source=thinkingelixir&utm_medium=shownotes] – Wikipedia article on Trusted Platform Module, relevant to Device Bound Session Credentials discussion. * https://www.grc.com/sn/sn-1021-notes.pdf [https://www.grc.com/sn/sn-1021-notes.pdf?utm_source=thinkingelixir&utm_medium=shownotes] – Other podcast show notes discussing Device Bound Session Credentials (DBSC). * https://twit.tv/shows/security-now/episodes/1021?autostart=false [https://twit.tv/shows/security-now/episodes/1021?autostart=false?utm_source=thinkingelixir&utm_medium=shownotes] – Security Now podcast episode covering Device Bound Session Credentials (time coded link to discussion). Find us online * Message the show - Bluesky [https://bsky.app/profile/thinkingelixir.com] * Message the show - X [https://x.com/ThinkingElixir] * Message the show on Fediverse - @ThinkingElixir@genserver.social [https://genserver.social/ThinkingElixir] * Email the show - show@thinkingelixir.com [show@thinkingelixir.com] * Mark Ericksen on X - @brainlid [https://x.com/brainlid] * Mark Ericksen on Bluesky - @brainlid.bsky.social [https://bsky.app/profile/brainlid.bsky.social] * Mark Ericksen on Fediverse - @brainlid@genserver.social [https://genserver.social/brainlid] * David Bernheisel on Bluesky - @david.bernheisel.com [https://bsky.app/profile/david.bernheisel.com] * David Bernheisel on Fediverse - @dbern@genserver.social [https://genserver.social/dbern] Sponsored By: * Paraxial.io [https://paraxial.io/]: Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a limited time offer. [https://paraxial.io/]

News includes EEF board elections with voting beginning May 9th, Gleam v1.10.0 enhancing security with SBoMs and SLSA build provenance, an AshAuthentication vulnerability with mitigation steps, the Elixir Secure Coding Training project finding a permanent home at the EEF, announcements for both ElixirConf US 2025 in Orlando and ElixirConfEU in Krakow with speaker lineup, and more! Show Notes online - http://podcast.thinkingelixir.com/250 [http://podcast.thinkingelixir.com/250] Elixir Community News * https://paraxial.io/ [https://paraxial.io/?utm_source=thinkingelixir&utm_medium=shownotes] – Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a limited time offer. * https://erlef.org/blog/eef/election-2025 [https://erlef.org/blog/eef/election-2025?utm_source=thinkingelixir&utm_medium=shownotes] – EEF board elections announced with important dates - candidacy submissions by May 8th, voting open May 9-16th. * https://x.com/TheErlef/status/1911847956308959650 [https://x.com/TheErlef/status/1911847956308959650?utm_source=thinkingelixir&utm_medium=shownotes] – Gleam v1.10.0 will ship with Build SBoMs and SLSA build provenance for all release artifacts and Docker images, improving visibility into dependencies and software supply chain security. * https://x.com/theerlef/status/1910348770514006242 [https://x.com/theerlef/status/1910348770514006242?utm_source=thinkingelixir&utm_medium=shownotes] – The "Elixir Secure Coding Training (ESCT)" project has been transferred to the Erlang Ecosystem Foundation for a more permanent home and maintainership. * https://bsky.app/profile/davelucia.com/post/3lmcqhzoc7c26 [https://bsky.app/profile/davelucia.com/post/3lmcqhzoc7c26?utm_source=thinkingelixir&utm_medium=shownotes] – Dave Lucia shares information about the ESCT project transfer from Podium to TvLabs and ultimately to the EEF. * https://github.com/erlef/elixir-secure-coding [https://github.com/erlef/elixir-secure-coding?utm_source=thinkingelixir&utm_medium=shownotes] – An interactive cybersecurity curriculum designed for enterprise use at software companies using Elixir. * https://github.com/phoenixframework/phoenix/pull/6184 [https://github.com/phoenixframework/phoenix/pull/6184?utm_source=thinkingelixir&utm_medium=shownotes] – Fix for Plug.Debugger screen which was showing ANSI codes in HTML. * https://github.com/phoenixframework/phoenix/pull/6194 [https://github.com/phoenixframework/phoenix/pull/6194?utm_source=thinkingelixir&utm_medium=shownotes] – Fix for the Phoenix installer's incorrect application of custom variants in tailwind v4. * https://github.com/team-alembic/ash_authentication/security/advisories/GHSA-3988-q8q7-p787 [https://github.com/team-alembic/ash_authentication/security/advisories/GHSA-3988-q8q7-p787?utm_source=thinkingelixir&utm_medium=shownotes] – AshAuthentication vulnerability published with mitigation steps - update packages, set require_interaction to true, and add confirm_route above auth_routes. * https://elixirconf.com/ [https://elixirconf.com/?utm_source=thinkingelixir&utm_medium=shownotes] – ElixirConf US 2025 is open for submitting talks and workshops in Orlando. Talk submissions due April 29, workshop submissions due April 15. * https://x.com/elixirconf/status/1907843035544826137 [https://x.com/elixirconf/status/1907843035544826137?utm_source=thinkingelixir&utm_medium=shownotes] – Announcement for ElixirConf US 2025 in Orlando with deadlines for talk and workshop submissions. * https://x.com/ElixirConfEU/status/1911747531953832323 [https://x.com/ElixirConfEU/status/1911747531953832323?utm_source=thinkingelixir&utm_medium=shownotes] – ElixirConfEU Speakers were announced for the upcoming conference in Krakow, Poland. * https://www.elixirconf.eu/#tickets [https://www.elixirconf.eu/#tickets?utm_source=thinkingelixir&utm_medium=shownotes] – Ticket information for ElixirConfEU - 250 Euros for virtual ticket, 600 Euros for in-person ticket. * https://www.elixirconf.eu/#keynotes [https://www.elixirconf.eu/#keynotes?utm_source=thinkingelixir&utm_medium=shownotes] – Keynote information for ElixirConfEU in Krakow, Poland, May 14-16 (training on May 14, regular sessions on May 15-16). Do you have some Elixir news to share? Tell us at @ThinkingElixir [https://twitter.com/ThinkingElixir] or email at show@thinkingelixir.com [show@thinkingelixir.com] Find us online * Message the show - Bluesky [https://bsky.app/profile/thinkingelixir.com] * Message the show - X [https://x.com/ThinkingElixir] * Message the show on Fediverse - @ThinkingElixir@genserver.social [https://genserver.social/ThinkingElixir] * Email the show - show@thinkingelixir.com [show@thinkingelixir.com] * Mark Ericksen on X - @brainlid [https://x.com/brainlid] * Mark Ericksen on Bluesky - @brainlid.bsky.social [https://bsky.app/profile/brainlid.bsky.social] * Mark Ericksen on Fediverse - @brainlid@genserver.social [https://genserver.social/brainlid] * David Bernheisel on Bluesky - @david.bernheisel.com [https://bsky.app/profile/david.bernheisel.com] * David Bernheisel on Fediverse - @dbern@genserver.social [https://genserver.social/dbern] Sponsored By: * Paraxial.io [https://paraxial.io/]: Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a limited time offer. [https://paraxial.io/]

News includes Phoenix 1.8.0-rc release with DaisyUI styled Tailwind components and magic link authentication, a new design pattern called "scopes", a new privacy-focused feature in Ecto for schema redaction, the Elixir Secure Coding Training project finding a new home at TvLabs, a helpful iex shell tip for multiline commands, and more! We interview Krzysztof Nalepa, the primary creator of LiveDebugger, discussing how this powerful tool helps debug LiveView states and structures, how the project originated, upcoming features, and more. Show Notes online - http://podcast.thinkingelixir.com/249 [http://podcast.thinkingelixir.com/249] Elixir Community News * https://paraxial.io/ [https://paraxial.io/?utm_source=thinkingelixir&utm_medium=shownotes] – Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a limited time offer. * https://phoenixframework.org/blog/phoenix-1-8-released [https://phoenixframework.org/blog/phoenix-1-8-released?utm_source=thinkingelixir&utm_medium=shownotes] – Phoenix 1.8.0-rc released with DaisyUI styled Tailwind components, magic link authentication, revised layouts, and new scopes pattern for data access and authorization. * https://elixirforum.com/t/phoenix-1-8-0-rc-0-released/70256 [https://elixirforum.com/t/phoenix-1-8-0-rc-0-released/70256?utm_source=thinkingelixir&utm_medium=shownotes] – Discussion forum post about the Phoenix 1.8.0-rc.0 release. * https://github.com/phoenixframework/phoenix/blob/b1c459943b3279f97725787b9150ff4950958d12/CHANGELOG.md [https://github.com/phoenixframework/phoenix/blob/b1c459943b3279f97725787b9150ff4950958d12/CHANGELOG.md?utm_source=thinkingelixir&utm_medium=shownotes] – Changelog detailing the few deprecations in Phoenix 1.8. * https://hexdocs.pm/phoenix/1.8.0-rc.0/scopes.html [https://hexdocs.pm/phoenix/1.8.0-rc.0/scopes.html?utm_source=thinkingelixir&utm_medium=shownotes] – New scopes guide in Phoenix 1.8, designed to make secure data access the default. * https://github.com/elixir-ecto/ecto/pull/4599 [https://github.com/elixir-ecto/ecto/pull/4599?utm_source=thinkingelixir&utm_medium=shownotes] – Privacy/security focused PR merged into Ecto adding a @schema_redact module attribute to make redacting fields easier. * https://bsky.app/profile/nezteb.net/post/3lm6nbpgelk2b [https://bsky.app/profile/nezteb.net/post/3lm6nbpgelk2b?utm_source=thinkingelixir&utm_medium=shownotes] – Bluesky post about the new Ecto schema redaction feature. * https://github.com/erlef/elixir-secure-coding [https://github.com/erlef/elixir-secure-coding?utm_source=thinkingelixir&utm_medium=shownotes] – Elixir Secure Coding Training (ESCT) project, an interactive cybersecurity curriculum for Elixir teams, has found a new maintainer in TvLabs. * https://bsky.app/profile/davelucia.com/post/3llwjpgsrgs2u [https://bsky.app/profile/davelucia.com/post/3llwjpgsrgs2u?utm_source=thinkingelixir&utm_medium=shownotes] – Announcement about the ESCT project maintainership transition, with plans to eventually move it to the EEF. * https://bsky.app/profile/bobbby.online/post/3llwpqtwwf22r [https://bsky.app/profile/bobbby.online/post/3llwpqtwwf22r?utm_source=thinkingelixir&utm_medium=shownotes] – Tip for Elixir users - setting export VISUAL=your_editor_of_choice allows entering multiline commands in iex shell by pressing ESCAPE+o. * https://dep-mcp.9elements.com/ [https://dep-mcp.9elements.com/?utm_source=thinkingelixir&utm_medium=shownotes] – Daniel Hoelzgen created a new MCP Server that brings package repository awareness for Hex.pm and other package managers to code editors supporting Model Context Protocol. * https://x.com/brainlid/status/1909600607935381553 [https://x.com/brainlid/status/1909600607935381553?utm_source=thinkingelixir&utm_medium=shownotes] – Configuration instructions for using the dep-mcp server in Cursor. * https://elixirconf.com/ [https://elixirconf.com/?utm_source=thinkingelixir&utm_medium=shownotes] – ElixirConf US 2025 in Orlando is open for submitting talks (deadline Apr 29) and workshops (deadline Apr 15). * https://x.com/elixirconf/status/1907843035544826137 [https://x.com/elixirconf/status/1907843035544826137?utm_source=thinkingelixir&utm_medium=shownotes] – Announcement about ElixirConf US 2025 with information about joining the waitlist for pre-sale tickets. Do you have some Elixir news to share? Tell us at @ThinkingElixir [https://twitter.com/ThinkingElixir] or email at show@thinkingelixir.com [show@thinkingelixir.com] Discussion Resources * https://github.com/software-mansion/live-debugger [https://github.com/software-mansion/live-debugger?utm_source=thinkingelixir&utm_medium=shownotes] * https://elixirforum.com/t/livedebugger-tool-for-debugging-liveview-apps/69668 [https://elixirforum.com/t/livedebugger-tool-for-debugging-liveview-apps/69668?utm_source=thinkingelixir&utm_medium=shownotes] * https://blog.swmansion.com/introduction-to-livedebugger-a-tool-for-debugging-phoenix-liveview-apps-bf7e56ab00fb [https://blog.swmansion.com/introduction-to-livedebugger-a-tool-for-debugging-phoenix-liveview-apps-bf7e56ab00fb?utm_source=thinkingelixir&utm_medium=shownotes] * https://github.com/esl/MongooseIM [https://github.com/esl/MongooseIM?utm_source=thinkingelixir&utm_medium=shownotes] * https://swmansion.com/ [https://swmansion.com/?utm_source=thinkingelixir&utm_medium=shownotes] * https://membrane.stream/ [https://membrane.stream/?utm_source=thinkingelixir&utm_medium=shownotes] * https://react.dev/learn/react-developer-tools [https://react.dev/learn/react-developer-tools?utm_source=thinkingelixir&utm_medium=shownotes] * https://github.com/JohnnyCurran/TimeTravel [https://github.com/JohnnyCurran/TimeTravel?utm_source=thinkingelixir&utm_medium=shownotes] * https://github.com/ash-project/igniter/ [https://github.com/ash-project/igniter/?utm_source=thinkingelixir&utm_medium=shownotes] Guest Information * https://x.com/swmansion [https://x.com/swmansion?utm_source=thinkingelixir&utm_medium=shownotes] – Software Mansion on Twitter/X * https://bsky.app/profile/swmansion.com [https://bsky.app/profile/swmansion.com?utm_source=thinkingelixir&utm_medium=shownotes] – Software Mansion on Bluesky * https://github.com/software-mansion/live-debugger [https://github.com/software-mansion/live-debugger?utm_source=thinkingelixir&utm_medium=shownotes] – LiveDebugger on Github * https://blog.swmansion.com/ [https://blog.swmansion.com/?utm_source=thinkingelixir&utm_medium=shownotes] – Software Mansion Site * https://x.com/kraleppa [https://x.com/kraleppa?utm_source=thinkingelixir&utm_medium=shownotes] – Krzysztof on Twitter/X * https://bsky.app/profile/kraleppa.bsky.social [https://bsky.app/profile/kraleppa.bsky.social?utm_source=thinkingelixir&utm_medium=shownotes] – Krzysztof on Bluesky * https://github.com/kraleppa [https://github.com/kraleppa?utm_source=thinkingelixir&utm_medium=shownotes] – Krzysztof on Github Find us online * Message the show - Bluesky [https://bsky.app/profile/thinkingelixir.com] * Message the show - X [https://x.com/ThinkingElixir] * Message the show on Fediverse - @ThinkingElixir@genserver.social [https://genserver.social/ThinkingElixir] * Email the show - show@thinkingelixir.com [show@thinkingelixir.com] * Mark Ericksen on X - @brainlid [https://x.com/brainlid] * Mark Ericksen on Bluesky - @brainlid.bsky.social [https://bsky.app/profile/brainlid.bsky.social] * Mark Ericksen on Fediverse - @brainlid@genserver.social [https://genserver.social/brainlid] * David Bernheisel on Bluesky - @david.bernheisel.com [https://bsky.app/profile/david.bernheisel.com] * David Bernheisel on Fediverse - @dbern@genserver.social [https://genserver.social/dbern] Sponsored By: * Paraxial.io [https://paraxial.io/]: Paraxial.io is sponsoring today's show! Sign up for a free trial of Paraxial.io today and mention Thinking Elixir when you schedule a demo for a limited time offer. [https://paraxial.io/]

News includes a new Elixir case study about Cyanview's camera shading technology used at major events like the Olympics and Super Bowl, Oban Pro 1.6 with 20x faster queue partitioning, the openid_connect package reaching version 1.0, Supabase's new Postgres Language Server for developer tooling, and ElixirEvents.net as a community resource. Plus, we interview Michael Lubas, founder of Paraxial.io, about web application security in Elixir, what's involved in a security audit, and how his Elixir-focused security company is helping teams and businesses in the community. Show Notes online - http://podcast.thinkingelixir.com/248 [http://podcast.thinkingelixir.com/248] Elixir Community News * https://elixir-lang.org/blog/2025/03/25/cyanview-elixir-case/ [https://elixir-lang.org/blog/2025/03/25/cyanview-elixir-case/?utm_source=thinkingelixir&utm_medium=shownotes] – New Elixir case study about Cyanview, a Belgian company whose Remote Control Panel for camera shading is used at major events like the Olympics and Super Bowl. Their Elixir-powered solution enables remote camera control across challenging network conditions. * https://oban.pro/docs/pro/1.6.0-rc.1/changelog.html [https://oban.pro/docs/pro/1.6.0-rc.1/changelog.html?utm_source=thinkingelixir&utm_medium=shownotes] – Oban Pro 1.6 released with subworkflows, improved queue partitioning (20x faster), and a new guide explaining different job composition approaches. * https://oban.pro/docs/pro/1.6.0-rc.1/composition.html [https://oban.pro/docs/pro/1.6.0-rc.1/composition.html?utm_source=thinkingelixir&utm_medium=shownotes] – New Oban Pro guide explaining when to use chains, workflows, chunks, or batches for job composition. * https://github.com/DockYard/openid_connect [https://github.com/DockYard/openid_connect?utm_source=thinkingelixir&utm_medium=shownotes] – The Elixir package 'openid_connect' reached version 1.0, providing client library support for working with various OpenID Connect providers like Google, Microsoft Azure AD, Auth0, and others. * https://hexdocs.pm/openid_connect/readme.html [https://hexdocs.pm/openid_connect/readme.html?utm_source=thinkingelixir&utm_medium=shownotes] – Documentation for the newly released openid_connect 1.0 package. * https://bsky.app/profile/davelucia.com/post/3llqwsbyutc2z [https://bsky.app/profile/davelucia.com/post/3llqwsbyutc2z?utm_source=thinkingelixir&utm_medium=shownotes] – Announcement that openid_connect is maintained by tvlabs. * https://bsky.app/profile/germsvel.com/post/3llee5lyerk2b [https://bsky.app/profile/germsvel.com/post/3llee5lyerk2b?utm_source=thinkingelixir&utm_medium=shownotes] – PhoenixTest v0.6.0 has been released with significant changes, including a breaking change. * https://github.com/germsvel/phoenix_test [https://github.com/germsvel/phoenix_test?utm_source=thinkingelixir&utm_medium=shownotes] – GitHub repository for PhoenixTest. * https://hexdocs.pm/phoenix_test/upgrade_guides.html#upgrading-to-0-6-0 [https://hexdocs.pm/phoenix_test/upgrade_guides.html#upgrading-to-0-6-0?utm_source=thinkingelixir&utm_medium=shownotes] – Upgrade guide for updating to PhoenixTest v0.6.0 with its breaking change. * https://hexdocs.pm/phoenix_test/changelog.html#0-6-0 [https://hexdocs.pm/phoenix_test/changelog.html#0-6-0?utm_source=thinkingelixir&utm_medium=shownotes] – Changelog for PhoenixTest v0.6.0. * https://supabase.com/blog/postgres-language-server [https://supabase.com/blog/postgres-language-server?utm_source=thinkingelixir&utm_medium=shownotes] – Supabase has released a new Postgres Language Server for developers, providing IDE intellisense and autocomplete for PostgreSQL. * https://marketplace.visualstudio.com/items?itemName=Supabase.postgrestools [https://marketplace.visualstudio.com/items?itemName=Supabase.postgrestools?utm_source=thinkingelixir&utm_medium=shownotes] – VSCode extension for Supabase's new Postgres developer tools. * https://github.com/supabase-community/postgres-language-server [https://github.com/supabase-community/postgres-language-server?utm_source=thinkingelixir&utm_medium=shownotes] – GitHub repository for Supabase's Postgres Language Server. * https://pgtools.dev/ [https://pgtools.dev/?utm_source=thinkingelixir&utm_medium=shownotes] – Official website for Postgres Tools with documentation and features. * https://pgtools.dev/checking_migrations/ [https://pgtools.dev/checking_migrations/?utm_source=thinkingelixir&utm_medium=shownotes] – Feature in Postgres Tools that lints database migrations to check for problematic schema changes. * https://github.com/fly-apps/safe-ecto-migrations [https://github.com/fly-apps/safe-ecto-migrations?utm_source=thinkingelixir&utm_medium=shownotes] – Resource for ensuring safe Ecto migrations. * https://fly.io/phoenix-files/safe-ecto-migrations/ [https://fly.io/phoenix-files/safe-ecto-migrations/?utm_source=thinkingelixir&utm_medium=shownotes] – Article about safe Ecto migrations posted on Fly.io. * https://elixirevents.net/ [https://elixirevents.net/?utm_source=thinkingelixir&utm_medium=shownotes] – Community resource created by Johanna Larsson for tracking, sharing, and learning about Elixir events worldwide. * https://bsky.app/profile/elixirevents.net [https://bsky.app/profile/elixirevents.net?utm_source=thinkingelixir&utm_medium=shownotes] – Bluesky account for ElixirEvents.net for following Elixir community events. Do you have some Elixir news to share? Tell us at @ThinkingElixir [https://twitter.com/ThinkingElixir] or email at show@thinkingelixir.com [show@thinkingelixir.com] Discussion Resources * https://paraxial.io/ [https://paraxial.io/?utm_source=thinkingelixir&utm_medium=shownotes] * https://paraxial.io/blog/index [https://paraxial.io/blog/index?utm_source=thinkingelixir&utm_medium=shownotes] – Blog with posts about security for Elixir, Rails, and the Paraxial service * https://www.cnn.com/2025/03/18/tech/google-wiz-acquisition/index.html [https://www.cnn.com/2025/03/18/tech/google-wiz-acquisition/index.html?utm_source=thinkingelixir&utm_medium=shownotes] * https://podcast.thinkingelixir.com/93 [https://podcast.thinkingelixir.com/93?utm_source=thinkingelixir&utm_medium=shownotes] – Our last discussion was 3 years ago in episode 93! Titled "Preventing Service Abuse with Michael Lubas" * https://www.amazon.com/Innovators-Dilemma-Revolutionary-Change-Business/dp/0062060244 [https://www.amazon.com/Innovators-Dilemma-Revolutionary-Change-Business/dp/0062060244?utm_source=thinkingelixir&utm_medium=shownotes] * https://www.merriam-webster.com/dictionary/Kafkaesque - having a nightmarishly complex, bizarre, or illogical quality [https://www.merriam-webster.com/dictionary/Kafkaesque%20-%20having%20a%20nightmarishly%20complex,%20bizarre,%20or%20illogical%20quality?utm_source=thinkingelixir&utm_medium=shownotes] * https://paraxial.io/blog/oban-pentest [https://paraxial.io/blog/oban-pentest?utm_source=thinkingelixir&utm_medium=shownotes] – Completed a Security Audit of Oban Pro - this is after ObanPro went free and OpenSource * https://paraxial.io/blog/elixir-best [https://paraxial.io/blog/elixir-best?utm_source=thinkingelixir&utm_medium=shownotes] – Elixir and Phoenix Security Checklist: 11 Best Practices * https://paraxial.io/blog/rails-command-injection [https://paraxial.io/blog/rails-command-injection?utm_source=thinkingelixir&utm_medium=shownotes] – Ruby on Rails Security: Preventing Command Injection * https://paraxial.io/blog/paraxial-three [https://paraxial.io/blog/paraxial-three?utm_source=thinkingelixir&utm_medium=shownotes] – Paraxial.io v3 blog post Guest Information * Michael Lubas, Paraxial.io Founder - michael@paraxial.io [michael@paraxial.io] * https://x.com/paraxialio [https://x.com/paraxialio?utm_source=thinkingelixir&utm_medium=shownotes] – on Twitter/X * https://x.com/paraxialio [https://x.com/paraxialio?utm_source=thinkingelixir&utm_medium=shownotes] – on Twitter/X * https://github.com/paraxialio/ [https://github.com/paraxialio/?utm_source=thinkingelixir&utm_medium=shownotes] – on Github * https://www.youtube.com/@paraxial5874 [https://www.youtube.com/@paraxial5874?utm_source=thinkingelixir&utm_medium=shownotes] – Paraxial.io channel on YouTube * https://genserver.social/paraxial [https://genserver.social/paraxial?utm_source=thinkingelixir&utm_medium=shownotes] – on Fediverse * https://paraxial.io/ [https://paraxial.io/?utm_source=thinkingelixir&utm_medium=shownotes] – Blog Find us online * Message the show - Bluesky [https://bsky.app/profile/thinkingelixir.com] * Message the show - X [https://x.com/ThinkingElixir] * Message the show on Fediverse - @ThinkingElixir@genserver.social [https://genserver.social/ThinkingElixir] * Email the show - show@thinkingelixir.com [show@thinkingelixir.com] * Mark Ericksen on X - @brainlid [https://x.com/brainlid] * Mark Ericksen on Bluesky - @brainlid.bsky.social [https://bsky.app/profile/brainlid.bsky.social] * Mark Ericksen on Fediverse - @brainlid@genserver.social [https://genserver.social/brainlid] * David Bernheisel on Bluesky - @david.bernheisel.com [https://bsky.app/profile/david.bernheisel.com] * David Bernheisel on Fediverse - @dbern@genserver.social [https://genserver.social/dbern]