Episode 268

Maintainer Month 2025 with Dirkjan Ochtman on Sustaining Critical Rust Libraries

Download Subscribe
00:00:00
/
00:34:18
RSS Feed Download (63.7 MB) Link with Timestamp

May 9th, 2025

34 mins 18 secs

Link with Timestamp

Download MP3 (63.7 MB)

Your Host
Special Guest

About this Episode

Guest

Dirkjan Ochtman

Panelist

Richard Littauer

Show Notes

In this special Maintainer Month episode of Sustain, host Richard speaks with Dirkjan Ochtman, a long-time open source contributor and Rust advocate. They dive deep into what it's like maintaining critical infrastructure libraries, the motivations behind taking over "abandonware," and how funding ecosystems like GitHub Sponsors and thanks.dev help sustain low-level dependencies. Dirkjan also reflects on how Rust’s design lends itself well to long-term maintainability and shares thoughts on the challenges of burnout, context switching, and ensuring project continuity. Hit the download button now!

[00:01:33] Dirkjan explains how he chooses which projects he’s maintaining, being passionate about memory safety via Rust, and maintaining tools like Rustls, Hickory DNS, and Quinn.

[00:03:14] Dirkjan describes his motivation for maintaining abandonware and sees it as providing value to the community.

[00:04:23] ISRG funds Dirkjan’s work on memory-safe DNS and TLS libraires, and they are replacing C-based libraires with Rust equivalents.

[00:05:33] Dirkjan uses thanks.dev to help fund maintainers through the full dependency graph and revenue is limited but promising.

[00:08:06] Richard brings up Tidelift and Dirkjan mentions it’s not yielding results for Rust projects yet because the Rust ecosystem is smaller.

[00:09:30] We hear Dirkjan’s journey into Rust, starting in Python but frustrated by lack of type safety and performance, and creating his own compiler before appreciating Rust’s complexity.

[00:12:20] Dirkjan talks about his transition from Python to Rust.

[00:13:39] Dirkjan uses PyO3 to create Python bindings for Rust libraries.

[00:15:31] Richard wonders why projects become unmaintained and Dirkjan responds that people have life events, job changes, or shifting interests.

[00:17:11] How are unmaintained projects flagged? Dirkjan uses the RustSec Advisory DB to detect projects with no active maintainers.

[00:18:47] Dirkjan avoids burnout as a maintainer by keeping the scope narrow, only responds to PRs, doesn’t overcommit, and focuses on high-efficiency, low-effort maintenance.

[00:19:51] Rust has a strong system, built-in unit tests, great CI support, and Dirkjan encourages atomic commits to simplify code review.

[00:21:28] Dirkjan speaks about languages that are more maintainer safe.

[00:22:18] Richard brings up attack vectors and the ‘left-pad incident.’ Dirkjan shares how he builds trust via his public GitHub record.

[00:24:17] We hear Dirkjan’s offboarding and succession planning as he explains handing off projects like Askama and promoting multiple maintainers to reduce bus factor.

[00:26:08] Dirkjan’s long-term vision for OSS sustainability is he hopes to move higher in the stack and wants to make high-quality software easier to build.

[00:27:38] Dirkjan explains why he prefers to do asynchronous collaboration over pair programming.

[00:28:52] Dirkjan discusses Rust’s long-term ecosystem stability.

[00:31:09] Find out where you can follow Dirkjan on the web.

Quotes

[00:03:23] “You call it abandonware and I call it a dependency that has a million users.”

[00:19:02] “[When I take on a project], I don’t take on the burden of proactively improving the project.”

[00:19:11] “I will be there when someone submits a PR."

[00:20:37] “I ask folks to make small changes: atomic commits.”

Spotlight

  • [00:31:37] Richard’s spotlight is Allan Day.
  • [00:32:20] Dirkjan’s spotlight is Xilem.

Links

Credits

Support Sustain