Imagine you're in a Zoom meeting with Craig Newmark (yes, the Craigslist guy) talking about how to get S.4913 - Securing Open Source Software Act of 2022 to the President's desk and signed into law. That was my Friday afternoon. And yeah, I'm totally name-dropping because that is how excited I am. I have been in the open source sustainability game for a little over a decade, and I never thought policymakers and legendary entrepreneurs would ever care about the open source supply chain and community. But here we are.

With that said, we have a steep hill to climb. To become law, there will be a lot of work that the fine folks at Cyber Statecraft Initiative (Atlantic Council) are taking on. I hope they can convince our representatives that this isn't a partisan issue. If you live in the U.S., you are aware of the divisiveness present; it would be fantastic if we could all come together for this one issue since it affects all of our lives, whether we know it or not. I'm cautiously optimistic.

Whether it is S.4913 or another bill like it gets past, at least the glass ceiling has been broken. Before S.4913, there had never been a piece of legislation with "open source" in the title. That alone is a win, a small win, but still a win IMO.

This issue is dedicated to the team (that I've worked with) behind the Cyber Statecraft Initiative: Stewart Scott, Trey Herr, and Jen Roberts. Thank you for all of your hard work and invaluable non-code contributions.

💬 Discussions

A handy guide to financial support for open source | Hacker News

Your description for this link...

nayafia/lemonade-stand: A handy guide to financial support for open source

nayafia/lemonade-stand: A handy guide to financial support for open source

Oldie but goodie.

📰 Articles

Senators’ Plan to Secure Open Source Software Involves Agencies Using More of It

Senators’ Plan to Secure Open Source Software Involves Agencies Using More of It

The discovery of exploitable weaknesses in Log4j is resurfacing a 6-year-old push to save taxpayers money by calling on agencies to embrace open-source.

Open Source Dependencies: Is It the Holy Grail or a Can of Worms?

Open Source Dependencies: Is It the Holy Grail or a Can of Worms?

Do you ever wonder if you should include a third-party library in your code or not? Sometimes it’s worth it, but mostly it’s not. Here’s a quick way to tell: If the library is doing something you…

A New Linux Tool Aims to Guard Against Supply Chain Attacks

A New Linux Tool Aims to Guard Against Supply Chain Attacks

Security firm Chainguard has created a simple, open-source way for organizations to defend the cloud against some of the most insidious attacks.

Sponsoring dependencies: The next step in open source sustainability - Human Who Codes

Sponsoring dependencies: The next step in open source sustainability - Human Who Codes

When the JavaScript Standard Style (StandardJS) project1 decided to show ads during installation, the backlash was swift and harsh. The project is an opinionated JavaScript style guide, formatter, and linter all in one,...

🎙 Podcasts

Deciding what metrics to measure for community managers with Bri, Lori, and Victoria

Deciding what metrics to measure for community managers with Bri, Lori, and Victoria

Our conversations take us through finding out how everyone got their start in community, and what numbers mean for our brands and what they’ll mean for open source health.

A How-to Guide for Contributing to Open Source as an Employee, for Corporations

A How-to Guide for Contributing to Open Source as an Employee, for Corporations

Richard, Deb, Alyssa, Josep, and Duane go through work they presented at OSPOCon in Austin, furthering the Sustain Principles of Authentic Participation WG

Courtney Miller and Hongbo Fang on Toxicity and Information Flow in Open Source Communities

Courtney Miller and Hongbo Fang on Toxicity and Information Flow in Open Source Communities

Courtney Miller and Hongbo Fang, two PhD students at Carnegie Mellon with previous guest Bogdan Vasilescu, join us to talk about their research

Manuel Riel on PikaPods, a container hosting service for open source apps

Manuel Riel on PikaPods, a container hosting service for open source apps

Manu shares about running a container hosting service for open source apps

📽 Videos

I know it's sponsored but I have faith David Nalley will deliver.

The Non-Code Contributor - Issue #39