Episode 121
Package Metadata Working Group with Andrew Nesbitt and Damián Vicino
16 October 2025
41 mins 7 secs
Your Host
Special Guests
About this Episode
Thank you to the folks at Sustain for providing the hosting account for CHAOSSCast!
CHAOSScast – Episode 121
In this episode of the CHAOSScast, host Alice Sowerby sits down with Andrew Nesbitt and Damián Vicino to discuss the formation and objectives of the new Package Metadata Working Group within the CHAOSS community. They discuss the complex issues surrounding package manager metadata, its interoperability challenges, and how the working group aims to address these through mapping and standardization efforts. They also touch upon the importance of these efforts for various stakeholders, including developers, researchers, and tool builders. The conversation highlights both the immediate and long-term goals of the group and provides information on how interested individuals can get involved. Hit download now to hear more!
[00:00:26] Introductions from Alice, Andrew, and Damián.
[00:02:36] Damián explains how the Package Metadata Working Group started.
[00:04:33] Andrew shares his experience building mappings across multiple package registries and how differing field names, schema structures, and metadata definitions complicate consistency.
[00:10:21] Alice asks about the group’s short and long term objectives and Andrew outlines some immediate goals.
[00:14:52] Damián elaborates on challenges in semantics and timelines. He emphasizes that even identically names fields may carry different meanings and shares an example.
[00:18:46] Alice summarizes Damián’s point saying the group’s role is to provide guidance and analysis rather than enforce standards, helping maintainers make informed metadata decisions.
[00:19:25] Andrew adds that most package managers evolve independently without referencing past ones. The working group’s documentation aims to prevent repeated mistakes and guide new ecosystems toward interoperable designs.
[00:23:06] Damián notes that modern software projects often depend on multiple ecosystems, making license tracking and dependency management exponentially harder without interoperability.
[00:25:02] Andrew explains how researchers waste time rebuilding metadata mapping from scratch across ecosystems and having unified references would accelerate research and tool development.
[00:27:58] Damián discusses how better metadata could support academic credit and funding by enabling easier citation and recognition of open source contributions tied to research projects.
[00:29:39] How can you get involved? Damián invites package manager developers and metadata tool builders to join, and Andrew encourages anyone working with SBOMs or package metadata tools to contribute war stories, mapping, or research use cases.
[00:33:01] Andrew mentions all the places you can join in on the meetings and to share where you are interested in working on.
Value Adds (Picks) of the week:
- [00:35:25] Alice’s pick is apples.
- [00:36:17] Damián’s pick is hockey.
- [00:37:04] Andrew’s pick is puppy training.
Panelist:
Alice Sowerby
Guests:
Andrew Nesbitt
Damián Vicino
Links:
CHAOSS
CHAOSS Project X
CHAOSScast Podcast
CHAOSS YouTube
podcast@chaoss.community
Alice Sowerby LinkedIn
Andrew Nesbitt Website
Andrew Nesbitt GitHub
Andrew Nesbitt Mastodon
Damián Vicino LinkedIn
Damián Vicino GitHub
CHAOSSWG: Package Metadata
CHAOSS Calendar
CHAOSS Slack