248: Security Insights with Paraxial

News includes a new Elixir case study about Cyanview's camera shading technology used at major events like the Olympics and Super Bowl, Oban Pro 1.6 with 20x faster queue partitioning, the openid_connect package reaching version 1.0, Supabase's new Postgres Language Server for developer tooling, and ElixirEvents.net as a community resource. Plus, we interview Michael Lubas, founder of Paraxial.io, about web application security in Elixir, what's involved in a security audit, and how his Elixir-focused security company is helping teams and businesses in the community.

Show Notes online - http://podcast.thinkingelixir.com/248

Elixir Community News

• https://elixir-lang.org/blog/2025/03/25/cyanview-elixir-case/ – New Elixir case study about Cyanview, a Belgian company whose Remote Control Panel for camera shading is used at major events like the Olympics and Super Bowl. Their Elixir-powered solution enables remote camera control across challenging network conditions.
• https://oban.pro/docs/pro/1.6.0-rc.1/changelog.html – Oban Pro 1.6 released with subworkflows, improved queue partitioning (20x faster), and a new guide explaining different job composition approaches.
• https://oban.pro/docs/pro/1.6.0-rc.1/composition.html – New Oban Pro guide explaining when to use chains, workflows, chunks, or batches for job composition.
• https://github.com/DockYard/openid_connect – The Elixir package 'openid_connect' reached version 1.0, providing client library support for working with various OpenID Connect providers like Google, Microsoft Azure AD, Auth0, and others.
• https://hexdocs.pm/openid_connect/readme.html – Documentation for the newly released openid_connect 1.0 package.
• https://bsky.app/profile/davelucia.com/post/3llqwsbyutc2z – Announcement that openid_connect is maintained by tvlabs.
• https://bsky.app/profile/germsvel.com/post/3llee5lyerk2b – PhoenixTest v0.6.0 has been released with significant changes, including a breaking change.
• https://github.com/germsvel/phoenix_test – GitHub repository for PhoenixTest.
• https://hexdocs.pm/phoenix_test/upgrade_guides.html#upgrading-to-0-6-0 – Upgrade guide for updating to PhoenixTest v0.6.0 with its breaking change.
• https://hexdocs.pm/phoenix_test/changelog.html#0-6-0 – Changelog for PhoenixTest v0.6.0.
• https://supabase.com/blog/postgres-language-server – Supabase has released a new Postgres Language Server for developers, providing IDE intellisense and autocomplete for PostgreSQL.
• https://marketplace.visualstudio.com/items?itemName=Supabase.postgrestools – VSCode extension for Supabase's new Postgres developer tools.
• https://github.com/supabase-community/postgres-language-server – GitHub repository for Supabase's Postgres Language Server.
• https://pgtools.dev/ – Official website for Postgres Tools with documentation and features.
• https://pgtools.dev/checking_migrations/ – Feature in Postgres Tools that lints database migrations to check for problematic schema changes.
• https://github.com/fly-apps/safe-ecto-migrations – Resource for ensuring safe Ecto migrations.
• https://fly.io/phoenix-files/safe-ecto-migrations/ – Article about safe Ecto migrations posted on Fly.io.
• https://elixirevents.net/ – Community resource created by Johanna Larsson for tracking, sharing, and learning about Elixir events worldwide.
• https://bsky.app/profile/elixirevents.net – Bluesky account for ElixirEvents.net for following Elixir community events.

Do you have some Elixir news to share? Tell us at @ThinkingElixir or email at show@thinkingelixir.com

Discussion Resources

• https://paraxial.io/
• https://paraxial.io/blog/index – Blog with posts about security for Elixir, Rails, and the Paraxial service
• https://www.cnn.com/2025/03/18/tech/google-wiz-acquisition/index.html
• https://podcast.thinkingelixir.com/93 – Our last discussion was 3 years ago in episode 93! Titled "Preventing Service Abuse with Michael Lubas"
• https://www.amazon.com/Innovators-Dilemma-Revolutionary-Change-Business/dp/0062060244
• https://www.merriam-webster.com/dictionary/Kafkaesque - having a nightmarishly complex, bizarre, or illogical quality
• https://paraxial.io/blog/oban-pentest – Completed a Security Audit of Oban Pro - this is after ObanPro went free and OpenSource
• https://paraxial.io/blog/elixir-best – Elixir and Phoenix Security Checklist: 11 Best Practices
• https://paraxial.io/blog/rails-command-injection – Ruby on Rails Security: Preventing Command Injection
• https://paraxial.io/blog/paraxial-three – Paraxial.io v3 blog post

Guest Information

• Michael Lubas, Paraxial.io Founder - michael@paraxial.io
• https://x.com/paraxialio – on Twitter/X
• https://x.com/paraxialio – on Twitter/X
• https://github.com/paraxialio/ – on Github
• https://www.youtube.com/@paraxial5874 – Paraxial.io channel on YouTube
• https://genserver.social/paraxial – on Fediverse
• https://paraxial.io/ – Blog

Find us online

• Message the show - Bluesky
• Message the show - X
• Message the show on Fediverse - @ThinkingElixir@genserver.social
• Email the show - show@thinkingelixir.com
• Mark Ericksen on X - @brainlid
• Mark Ericksen on Bluesky - @brainlid.bsky.social
• Mark Ericksen on Fediverse - @brainlid@genserver.social
• David Bernheisel on Bluesky - @david.bernheisel.com
• David Bernheisel on Fediverse - @dbern@genserver.social