GitHub Secure Open Source Fund
Securing the supply chain at scale
I participated in the latest round of GitHub Secure Open Source Fund as a maintainer for the Selenium project along with maintainers from 70 other prominent open source projects.
It was 3 weeks of pretty intense practical training for securing open source projects and supply chains. I learned a lot and it was cool to collaborate with 100+ other open source hackers. It really opened my eyes to the scale of security threats in the wild and the complexity of dealing with them.
Big thanks to the security team at GitHub for providing this training (and donating $10k to our project!)
More info: Securing the supply chain at scale: Starting with 71 important open source projects
You can follow my open source work at: github.com/cgoldberg
