Imagine you're in a Zoom meeting with Craig Newmark (yes, the Craigslist guy) talking about how to get S.4913 - Securing Open Source Software Act of 2022 to the President's desk and signed into law. That was my Friday afternoon. And yeah, I'm totally name-dropping because that is how excited I am. I have been in the open source sustainability game for a little over a decade, and I never thought policymakers and legendary entrepreneurs would ever care about the open source supply chain and community. But here we are.
With that said, we have a steep hill to climb. To become law, there will be a lot of work that the fine folks at Cyber Statecraft Initiative (Atlantic Council) are taking on. I hope they can convince our representatives that this isn't a partisan issue. If you live in the U.S., you are aware of the divisiveness present; it would be fantastic if we could all come together for this one issue since it affects all of our lives, whether we know it or not. I'm cautiously optimistic.
Whether it is S.4913 or another bill like it gets past, at least the glass ceiling has been broken. Before S.4913, there had never been a piece of legislation with "open source" in the title. That alone is a win, a small win, but still a win IMO.
This issue is dedicated to the team (that I've worked with) behind the Cyber Statecraft Initiative: Stewart Scott, Trey Herr, and Jen Roberts. Thank you for all of your hard work and invaluable non-code contributions.
Your description for this link...
Oldie but goodie.
The discovery of exploitable weaknesses in Log4j is resurfacing a 6-year-old push to save taxpayers money by calling on agencies to embrace open-source.
Do you ever wonder if you should include a third-party library in your code or not? Sometimes it’s worth it, but mostly it’s not. Here’s a quick way to tell: If the library is doing something you…
Security firm Chainguard has created a simple, open-source way for organizations to defend the cloud against some of the most insidious attacks.
Our conversations take us through finding out how everyone got their start in community, and what numbers mean for our brands and what they’ll mean for open source health.
Richard, Deb, Alyssa, Josep, and Duane go through work they presented at OSPOCon in Austin, furthering the Sustain Principles of Authentic Participation WG
Courtney Miller and Hongbo Fang, two PhD students at Carnegie Mellon with previous guest Bogdan Vasilescu, join us to talk about their research
Manu shares about running a container hosting service for open source apps