The Modern .NET Show

This episode of The Modern .NET Show is supported, in part, by RJJ Software's Strategic Technology Consultation Services. If you're an SME (Small to Medium Enterprise) leader wondering why your technology investments aren't delivering, or you're facing critical decisions about AI, modernization, or team productivity, let's talk.

"You actually cannot do proper vertical slice if you are bounded to controllers. Because there are some additional dependencies that you can download, like Ardalis [ApiEndpoints] or like Fast Endpoints that will give you actually what Minimal API is giving you. But with the standard controller-based approach you are not able to do the full vertical slice, because every time you'll need to take this, let's say presentation layer, outside your slice because it needs to be, just as you said, in the class that is inheriting from Controller and doing all the actions and stuff like this."— Kajetan Duszyński

Hey everyone, and welcome back to The Modern .NET Show; the premier .NET podcast, focusing entirely on the knowledge, tools, and frameworks that all .NET developers should have in their toolbox. I'm your host Jamie Taylor, bringing you conversations with the brightest minds in the .NET ecosystem.

Today, we're joined by Kajetan Duszyński to talk about some of the new things that are coming up in .NET 10. We cover some of the big things that you might have missed, some of the optimisations you can make by removing code (listen up for one in a few moments), and we also talk about his new book ".NET 10 Revealed."

"So you all need to remember that if you are using Minimal APIs and you've used the extension method WithOpenAPI(), which created a proper OpenAPI schema. Right now it won't be used, so you'll need to delete every usage of this method from your whole application, because it will be um added by default in the pipeline of creating, of starting up the application."— Kajetan Duszyński

Along the way we talked about allocations, the importance of learning MSIL (what your C# and F# code is compiled to), memory management, how fast .NET is moving and when we're likely to see the first public preview of .NET 11, and the vertical slice architecture.

One of the biggest things that I think will cause some head scratching in .NET 10 is the new local self-signed TLS certificate. I've linked to an article by the folks at Duende about this, and it'll be worth adding it to your reading list. It's a great addition to .NET 10, but it'll catch some folks out.

Before we jump in, a quick reminder: if The Modern .NET Show has become part of your learning journey, please consider supporting us through Patreon or Buy Me A Coffee. Every contribution helps us continue bringing you these in-depth conversations with industry experts. You'll find all the links in the show notes.

Anyway, without further ado, let's sit back, open up a terminal, type in `dotnet new podcast` and we'll dive into the core of Modern .NET.

The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at: https://dotnetcore.show/season-8/building-on-net-10-a-chat-with-kajetan-duszynsk-author-of-net-10-revealed

• Ardalis ApiEndpoints
• REPR pattern
• Fast Endpoints
• Why You Should Be Using .NET 10's New TLS Certificate
• Kajetan's .NET school
• Kajetan on LinkedIn
• .NET 10 Revealed
• Supporting the show:
  • Leave a rating or review
  • Buy the show a coffee
  • Become a patron
• Getting in touch:
  • via the contact page
  • joining the Discord
• Podcast editing services provided by Matthew Bliss
• Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show
• Editing and post-production services for this episode were provided by MB Podcast Services

• Leave a rating or review
• Buy the show a coffee
• Become a patron

• Via the contact page
• Joining the Discord

Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend.

And don't forget to reach out via our Contact page. We're very interested in your opinion of the show, so please get in touch.

You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast.

Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show.

Editing and post-production services for this episode were provided by MB Podcast Services.

Thank you, Matt, the editor, for putting this together so quickly. Anyway, on with the episode.

I'm not even going to do the dotnet new podcast thing. It's that important.

The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at: https://dotnetcore.show/season-8/hayden-barnes-and-cve-2025-55315

• Understanding CVE-2025-55315: What CISOs, security engineers, and sysadmins should know
• ASP.NET Security Feature Bypass Vulnerability
• Funky chunks: abusing ambiguous chunk line terminators for request smuggling
• Understanding the worst .NET vulnerability ever: request smuggling and CVE-2025-55315

• on X
• on YouTube
• on LinkedIn

• on X
• on LinkedIn
• on his blog

• Leave a rating or review
• Buy the show a coffee
• Become a patron

• via the contact page
• joining the Discord

• Podcast editing services provided by Matthew Bliss
• Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show
• Editing and post-production services for this episode were provided by MB Podcast Services

Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend.

And don't forget to reach out via our Contact page. We're very interested in your opinion of the show, so please get in touch.

You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast.

Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show.

Editing and post-production services for this episode were provided by MB Podcast Services.

This episode of The Modern .NET Show is supported, in part, by RJJ Software's Strategic Technology Consultation Services. If you're an SME (Small to Medium Enterprise) leader wondering why your technology investments aren't delivering, or you're facing critical decisions about AI, modernization, or team productivity, let's talk.

"There's a good chance it's not gonna flag for you that, you, know your point of sale system is on .NET six and is now vulnerable, you know. So to a certain extent, companies often aren't even aware and this is something I've learned to be in this space. They're not aware. If they are aware, they know they need to upgrade. They're not sure, you know, when they're gonna find the resources, the time, the capital to upgrade"— Hayden Barnes

Hey everyone, and welcome back to The Modern .NET Show; the premier .NET podcast, focusing entirely on the knowledge, tools, and frameworks that all .NET developers should have in their toolbox. I'm your host Jamie Taylor, bringing you conversations with the brightest minds in the .NET ecosystem.

Today, we're joined by Hayden Barnes to talk about HeroDevs and their Never Ending Support offering; a service where HeroDevs backport security fixes from later versions of dependencies, allowing companies to hold off on upgrading their important dependencies until they are ready to.

"In some cases we simply hire the upstream developer or the upstream development team and they can continue to work on new features and the latest versions while maintaining the post-EOL versions and backporting those security updates. In some cases, we hire that library maintainer on contract."— Hayden Barnes

Along the way, we talked about how the release schedule for .NET (one year per major release, with rolling support for up to 36 months) is a little to agile for some enterprise companies, and how HeroDevs can help. We also talked about how, where possible, HeroDevs actually hire the open source maintainers for packages to do the backporting, feeding funding back into the open source ecosystem.

We also mentioned that this support doesn't just apply to post-end-of-life for versioned software. We also talk about the very unfortunate position where a developer is suddenly unable to support their work. An example that I bring up is previous guest on the show Jon P Smith, who in 2024 was diagnosed with dementia; meaning that at some point his libraries will need to be passed on to other open source developers. During the recording, I couldn't remember Jon's name, and for that I apologise. Jon has a very in depth blog post about the start of his journey with dementia called "How to update a NuGet library once the author isn't available." Please go read his blog post when you have the chance.

Before we jump in, a quick reminder: if The Modern .NET Show has become part of your learning journey, please consider supporting us through Patreon or Buy Me A Coffee. Every contribution helps us continue bringing you these in-depth conversations with industry experts. You'll find all the links in the show notes.

Anyway, without further ado, let's sit back, open up a terminal, type in `dotnet new podcast` and we'll dive into the core of Modern .NET.

The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at: https://dotnetcore.show/season-8/hayden-barnes-on-net-nes-why-we-need-a-new-approach-to-open-source-maintenance/

• How to update a NuGet library once the author isn't available
• HeroDevs
  • on X
  • on YouTube
  • on LinkedIn
• Hayden
  • on X
  • on LinkedIn
  • on his blog

• Leave a rating or review
• Buy the show a coffee
• Become a patron

• Via the contact page
• Joining the Discord

Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend.

And don't forget to reach out via our Contact page. We're very interested in your opinion of the show, so please get in touch.

You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast.

Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show.

Editing and post-production services for this episode were provided by MB Podcast Services.

This episode of The Modern .NET Show is supported, in part, by RJJ Software's Strategic Technology Consultation Services. If you're an SME (Small to Medium Enterprise) leader wondering why your technology investments aren't delivering, or you're facing critical decisions about AI, modernization, or team productivity, let's talk.

"It's not just guessing. It's not just saying, "oh, there's something to log in. I think we'll call the button login." It actually knows the button is called Login, it's seen it. So that makes a big difference and makes it much more resilient. So that's definitely a big change, right? It's not just guessing. So definitely you should try it out."— Debbie O'Brien

Hey everyone, and welcome back to The Modern .NET Show; the premier .NET podcast, focusing entirely on the knowledge, tools, and frameworks that all .NET developers should have in their toolbox. I'm your host Jamie Taylor, bringing you conversations with the brightest minds in the .NET ecosystem.

Today, we're joined by Debbie O'Brien to talk about both Playwright and the Playwright MCP server. We started with an introduction to Playwright, and talked about how both it and the MCP server for it can help you to automate both the writing and running of tests for your applications.

Pro tip: If you've been using the Swagger UI in your applications, you've been using Open API.

"And that's where the Playwright MCP comes In because it can automate a browser, it can basically go to the website, it can navigate, it can click, it can hover, it can do everything that you are doing in your tests."— Debbie O'Brien

Along the way, we talked about how Playwright's MCP server can help you to find test cases that you might not have thought of initially. As a perfect example of this while recording this episode, Debbie found a bug in the app that I use to record episodes of the show, and talked about how Playwright MCP would help to recreate and debug the issue.

It's worth pointing out that we recorded this in early August 2025, and that AI quite literally moves very rapidly. Whilst Playwright and MCP servers are not likely to change too much between recording the episode an when it went out, it'll be worth bearing that in mind as we talk about some of the AI stuff.

Before we jump in, a quick reminder: if The Modern .NET Show has become part of your learning journey, please consider supporting us through Patreon or Buy Me A Coffee. Every contribution helps us continue bringing you these in-depth conversations with industry experts. You'll find all the links in the show notes.

Anyway, without further ado, let's sit back, open up a terminal, type in `dotnet new podcast` and we'll dive into the core of Modern .NET.

The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at: https://dotnetcore.show/season-8/testing-made-easy-debbie-obrien-explains-playwright-and-its-game-changing-mcp-server

• Playwright
• Jamie's "small" open source project
• Playwright VSCode extension
• Playwright on GitHub
  • Playwright's tests on GitHub... written with Playwright
• Debbie's Movies App website
• GitHub Spark
• Debbie's website
• Debbie on LinkedIn
• Playwright Docs
• Playwright YouTube Channel
• playwright Discord Server
• Supporting the show:
  • Leave a rating or review
  • Buy the show a coffee
  • Become a patron
• Getting in touch:
  • via the contact page
  • joining the Discord
• Podcast editing services provided by Matthew Bliss
• Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show
• Editing and post-production services for this episode were provided by MB Podcast Services

Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend.

And don't forget to reach out via our Contact page. We're very interested in your opinion of the show, so please get in touch.

You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast.

Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show.

Editing and post-production services for this episode were provided by MB Podcast Services.

This episode of The Modern .NET Show is supported, in part, by RJJ Software's Strategic Technology Consultation Services. If you're an SME (Small to Medium Enterprise) leader wondering why your technology investments aren't delivering, or you're facing critical decisions about AI, modernization, or team productivity, let's talk.

"And we talk about that contract. We say, "this is your contract. This Open API definition that you have is the contract for your service." And in the end, that's how customers interact with Azure is through APIs. And so it's important to have that contract so that customers know how things work, how to use them, hopefully how to use them easily, right?"— Mike Kistler

Hey everyone, and welcome back to The Modern .NET Show; the premier .NET podcast, focusing entirely on the knowledge, tools, and frameworks that all .NET developers should have in their toolbox. I'm your host Jamie Taylor, bringing you conversations with the brightest minds in the .NET ecosystem.

Today, we're joined by Mike Kistler to talk about two topics (we usually only tackle one topic per episode, so you're getting a bonus with this episode): Open API and both MCP and the MCP SDK for C#.

We started our conversation by focussing on Open API, as this is a passion of Mike's. We talked about what it is, how you've likely already been using it with any ASP .NET Core WebAPIs that you've worked on, and how the latest versions of ASP .NET Core can generate a lot of the Open API specification for you without having to add lots and lots of metadata an attributes.

Pro tip: If you've been using the Swagger UI in your applications, you've been using Open API.

"And when the LLM decides that it wants to use an MCP tool or access an MCP resource, it doesn't go and do that directly. It comes back to the MCP host and asks the MCP host to call a tool with a particular set of parameters, or to access an MCP resource. And at first, when I saw this in the MCP architecture, I thought, "boy, that's clunky. Why not have the LLM just call these things directly?" And there's a deliberate reason why it was done this way."— Mike Kistler

We then pivoted over to talking about MCP (or Model Context Protocol) which is a rapidly evolving standard for creating your own agents and applications which can communicate with or be instructed by, LLMs. We talked about how the MCP standard works, and how the standard is written in such a way that there's always a human in the loop. We also talked about how you can build your own MCP servers using the MCP SDK for C#.

It's worth pointing out that both MCP and Open API are evolving standards. While Open API tends to evolve with a much more relaxed pace, the MCP standard (having not even reached a year old when we recorded) uses the date as it's version number. And Mike actually references the latest version of the MCP spec in our conversation, which will give you a clue as to when we recorded it.

Before we jump in, a quick reminder: if The Modern .NET Show has become part of your learning journey, please consider supporting us through Patreon or Buy Me A Coffee. Every contribution helps us continue bringing you these in-depth conversations with industry experts. You'll find all the links in the show notes.

Anyway, without further ado, let's sit back, open up a terminal, type in `dotnet new podcast` and we'll dive into the core of Modern .NET.

The full show notes, including links to some of the things we discussed and a full transcription of this episode, can be found at: https://dotnetcore.show/season-8/building-the-future-of-apis-mike-kistlers-insights-on-openapi-and-mcp

• OpenAPI
• API Blueprint
• RAML
• ProducesResponseType attribute
• Minimal API
• TypedResults
• S07E16 - From Code to Cloud in 15 Minutes: Jason Taylor's Expert Insights And The Clean Architecture Template
• GitHub MCP Server
• MCP Transports
• MCP C# SDK
• Current version of the MCP spec as of the date of recording (aka version 2025-06-18)
• Microsoft MCP Servers List
• Mike on LinkedIn
• .NET Community Standup

• Leave a rating or review
• Buy the show a coffee
• Become a patron

• Via the contact page
• Joining the Discord

Remember to rate and review the show on Apple Podcasts, Podchaser, or wherever you find your podcasts, this will help the show's audience grow. Or you can just share the show with a friend.

And don't forget to reach out via our Contact page. We're very interested in your opinion of the show, so please get in touch.

You can support the show by making a monthly donation on the show's Patreon page at: https://www.patreon.com/TheDotNetCorePodcast.

Music created by Mono Memory Music, licensed to RJJ Software for use in The Modern .NET Show.

Editing and post-production services for this episode were provided by MB Podcast Services.