GitHub announces GitHub Secure Open Source Fund. This program is intended to improve security in open source by supporting projects with a funding fund totaling $1.25 million to support 125 projects. This fund is supported by American Express, Microsoft, Shopify, etc.
Each project can receive up to $10,00, training for 3 weeks, access to a GitHub security team, access to tools, etc.
The publisher also published a report on open source financing. The conclusions are as follows:
-
The organizations surveyed invest $1.7 billion in open source annually. It is therefore estimated that around $7.7 billion is invested each year across the entire open source ecosystem.
-
86% of investments take the form of labor contributions by employees and contractors working for the funding organization, with the remaining 14% being direct financial contributions.
-
Organizations generally know how and where they contribute (65%) but lack precise visibility into their contributions (38%).
-
Security efforts focus on bugs and maintenance; only a few organizations (6%) consider comprehensive security audits a priority.
Announcing: https://github.blog/news-insights/company-news/announcing-github-secure-open-source-fund/
