Improving Open Source security with the new GitHub Secure Open Source Fund

Improving Open Source security with the new GitHub Secure Open Source Fund

Favorite The Open Source community underpins much of today’s software innovation, but with this power comes responsibility. Security vulnerabilities, unclear licensing, and a lack of transparency in software components pose significant risks to software supply chains. Recognizing this challenge, GitHub recently announced the GitHub Secure Open Source Fund—a transformative initiative aimed at bolstering the security…

Celebrating 5 years at the Open Source Initiative: a journey of growth, challenges, and community engagement

Celebrating 5 years at the Open Source Initiative: a journey of growth, challenges, and community engagement

Favorite Reaching the five-year mark at the Open Source Initiative (OSI) has been a huge privilege. It’s been a whirlwind of progress, personal growth, and community engagement—filled with highs, great challenges, and plenty of Open Source celebrations. As I reflect on this milestone, it’s impossible not to feel both gratitude and excitement for what lies…

The Open Source Initiative and the Eclipse Foundation to Collaborate on Shaping Open Source AI (OSAI) Public Policy

Favorite BRUSSELS and WEST HOLLYWOOD, Calif.  – 14 November 2024 – The Eclipse Foundation, one of the world’s largest open source foundations, and the Open Source Initiative (OSI), the global non-profit educating about and advocating for the benefits of open source and steward of the Open Source Definition, have signed a Memorandum of Understanding (MOU)…

ClearlyDefined v2.0 adds support for LicenseRefs

Favorite One of the major focuses of the ClearlyDefined Technical Roadmap is the improvement in the quality of license data. As such, we are excited to announce the release of ClearlyDefined v2.0 which adds over 2,000 new well-known licenses it can identify. You can see the complete list of new non-SPDX licenses in ScanCode LicenseDB. A little historical background, when…

ClearlyDefined at SOSS Fusion 2024: a collaborative solution to Open Source license compliance

Favorite This past month, the Open Source Security Foundation (OpenSSF) hosted SOSS Fusion in Atlanta, an event that brought together a diverse community of leaders and innovators from across the digital security spectrum. The conference, held on October 22-23, explored themes central to today’s technological landscape: AI security, diversity in technology, and public policy for…

The Open Source Initiative Announces the Release of the Industry’s First Open Source AI Definition

Favorite RALEIGH, N.C., Oct. 28, 2024 — ALL THINGS OPEN 2024 — After a year-long, global, community design process, the Open Source Definition (OSAID) v.1.0 is available for public use. The release of version 1.0 was announced today at All Things Open 2024, an industry conference focused on common issues of interest to the worldwide Open Source community. The…

ClearlyDefined’s Steering and Outreach Committees Defined

Favorite We are excited to announce the newly elected leaders for the ClearlyDefined Steering and Outreach Committees! What is ClearlyDefined? ClearlyDefined is an Open Source project dedicated to improving the clarity and transparency of Open Source licensing and security data. By harvesting, curating, and sharing essential metadata, ClearlyDefined helps developers and organizations better understand their…

Rahmat Akintola: Voices of the Open Source AI Definition

Rahmat Akintola: Voices of the Open Source AI Definition

Favorite The Open Source Initiative (OSI) is running a blog series to introduce some of the people who have been actively involved in the Open Source AI Definition (OSAID) co-design process. The co-design methodology allows for the integration of diverging perspectives into one just, cohesive and feasible standard. Support and contribution from a significant and…

The Open Source Initiative Supports the Open Source Pledge

Favorite As businesses rely more heavily on Open Source software (OSS), the strain on maintainers to provide timely updates and security patches continues to grow – often without fair compensation for their crucial work. Recent high-profile security incidents like XZ and Log4Shell have put a spotlight on the security challenges developers face against a backdrop…