| A | B | C | D | E | F | G | H | I | J | ||
|---|---|---|---|---|---|---|---|---|---|---|---|
1 | This is the proposed project list for the Open Source Technology Improvement Fund's 2021-2022 Managed Audit Program (MAP) | ||||||||||
2 | Projects are selected from a large number of criteria including Google's Criticality Score Project, the joint Census project with the Linux Foundation and Harvard University, and the Underproduction paper from the University of Washington. The larger list is then narrowed and prioritized. Links to sources below and in "Directory". | ||||||||||
3 | Funding Status | Funded By | Project | Short Description | Site | Github / Gitlab | Maintaining Organization | Monetization | Languages | License | |
4 | Funded | Google Open Source Security Team | Git | Version Control | https://git-scm.com/ | https://github.com/git/git (mirror) | Software Freedom Conservancy | Donation | C, Shell | GPLv2 | |
5 | Pending | Google Open Source Security Team | lodash | JS utility library | https://lodash.com/ | https://github.com/lodash/lodash | None | None | JS | MIT License | |
6 | Pending | Open Source Security Foundation (OpenSSF) | php symfony | PHP application framework | https://symfony.com/ | https://github.com/symfony/symfony | Sensio Labs | PHP | MIT License | ||
7 | Pending | Pending | Electron | Cross-platform apps development | https://www.electronjs.org/ | https://github.com/electron/electron | OpenJS Foundation | Donation | C++, TypeScript | MIT License | |
8 | Pending | Pending | systemd | System and Service Manager | https://systemd.io/ | https://github.com/systemd/systemd | None (Red Hat Developers) | None | C | GPLv2 | |
9 | Pending | Pending | rails | Database backed web application framework | https://rubyonrails.org/ | https://github.com/rails/rails | Basecamp / Shopify | ? | Ruby | MIT License | |
10 | Funded | Google Open Source Security Team | jackson-core | JSON for Java, Streaming API + more | None | https://github.com/FasterXML/jackson-core | None | Donation (TideLift) | Java | Apache-2.0 | |
11 | Funded | Google Open Source Security Team | jackson-databind | JSON for Java, Data binding package | None | https://github.com/FasterXML/jackson-databind | None | Donation (TideLift) | Java | Apache-2.0 | |
12 | Funded | Google Open Source Security Team | httpcomponents-core | Core components of Apache httpcomponents | None | https://github.com/apache/httpcomponents-client | Apache Foundation | Donation | Java | Apache-2.0 | |
13 | Funded | Google Open Source Security Team | httpcomponents-client | Client components of Apache httpcomponents | None | https://github.com/apache/httpcomponents-core | Apache Foundation | Donation | Java | Apache-2.0 | |
14 | Funded | Google Open Source Security Team | laravel | PHP Web App Framework | https://laravel.com/ | https://github.com/laravel/laravel | None | Donation | PHP, Blade | MIT License | |
15 | Funded | Google Open Source Security Team | slf4j | Logging Facade for Java | http://www.slf4j.org/ | https://github.com/qos-ch/slf4j | None | Enterprise Support Model | Java, HTML | MIT License | |
16 | Pending | Pending | logback-core | Logging framework for Java | http://logback.qos.ch/ | https://github.com/qos-ch/logback | None | Enterprise Support Model | Java, HTML | GPLv2.1, Eclipse PL | |
17 | Pending | Pending | drupal | Content Management System | https://www.drupal.org/home | https://git.drupalcode.org/project/drupal | Drupal.org | Referral / None | PHP, JS | GPLv2, GPLv3 | |
18 | Pending | Pending | joomla | Content Management System | https://www.joomla.org/ | https://github.com/joomla/joomla-cms | Joomla Foundation | Donation / Referral | PHP, JS | GPLv3, LGPL | |
19 | Pending | Pending | webpack | Multi-language Asset Bundler | https://webpack.js.org/ | https://github.com/webpack/webpack | OpenJS Foundation | JavaScript | |||
20 | Pending | Pending | reprepro | Package Manager Repo | None | https://salsa.debian.org/brlink/reprepro | None | None | C | GPLv2 | |
21 | Pending | Pending | ceph | object, block and file storage platform | https://ceph.io/ | https://github.com/ceph/ceph | Linux Foundation (ceph foundation) | Membership | C++, Python | LGPL2.1, LGPL3 | |
22 | Pending | Pending | react native | Framework for Mobile App Development | https://reactnative.dev/ | https://github.com/facebook/react-native | Corporate Support | JS, Java, C++, More | MIT License | ||
23 | Pending | Pending | salt (saltstack) | IT Automation Platform | https://docs.saltproject.io/en/latest/ | https://github.com/saltstack/salt | VMWare | Corporate Support | Python | Apache-2.0 | |
24 | Pending | Pending | gatsby | Fast React Framework | https://www.gatsbyjs.com/ | https://github.com/gatsbyjs/gatsby | gatsbyjs.com | SAAS | JS, TypeScript | MIT License | |
25 | Pending | Pending | angular | Application Framework | https://angular.io/ | https://github.com/angular/angular | Corporate Support | TypeScript, JS | MIT License | ||
26 | Pending | Pending | ansible | IT Automation Platform | https://www.ansible.com/ | https://github.com/ansible/ansible | Red Hat | Corporate Support | Python, Powershell | GPLv3 | |
27 | Pending | Pending | guava | Java Framework | https://opensource.google/projects/guava | https://github.com/google/guava | Corporate Support | Java | Apache-2.0 | ||
28 | Pending | Pending | node.js | Javascript Runtime Environment | https://nodejs.org/en/ | https://github.com/nodejs/node | OpenJS Foundation | None | JS, C++, Python | MIT License | |
29 | |||||||||||
30 | Google's Criticality Score Project - https://docs.google.com/spreadsheets/d/1uahUIUa82J6WetAqtxCM_qgH-YJOagH84AFniIhlAbg | ||||||||||
31 | Linux Foundation and Harvard's Census II Project - https://www.coreinfrastructure.org/wp-content/uploads/sites/6/2020/02/census_ii_vulnerabilities_in_the_core.pdf | ||||||||||
32 | University of Washington Underproduction Paper - https://arxiv.org/pdf/2103.00352.pdf | ||||||||||
33 | Link to detailed proposal regarding the Managed Audit Program: | ||||||||||
34 | https://docs.google.com/document/d/1yNybIZxKq_V0In3pvOCD6mrttRBrslIeMURXP8bcDyo/edit | ||||||||||
35 | |||||||||||
36 | |||||||||||
37 | |||||||||||
38 | |||||||||||
39 | |||||||||||
40 | |||||||||||
41 | |||||||||||
42 | |||||||||||
43 | |||||||||||
44 | |||||||||||
45 | |||||||||||
46 | |||||||||||
47 | |||||||||||
48 | |||||||||||
49 | |||||||||||
50 | |||||||||||
51 | |||||||||||
52 | |||||||||||
53 | |||||||||||
54 | |||||||||||
55 | |||||||||||
56 | |||||||||||
57 | |||||||||||
58 | |||||||||||
59 | |||||||||||
60 | |||||||||||
61 | |||||||||||
62 | |||||||||||
63 | |||||||||||
64 | |||||||||||
65 | |||||||||||
66 | |||||||||||
67 | |||||||||||
68 | |||||||||||
69 | |||||||||||
70 | |||||||||||
71 | |||||||||||
72 | |||||||||||
73 | |||||||||||
74 | |||||||||||
75 | |||||||||||
76 | |||||||||||
77 | |||||||||||
78 | |||||||||||
79 | |||||||||||
80 | |||||||||||
81 | |||||||||||
82 | |||||||||||
83 | |||||||||||
84 | |||||||||||
85 | |||||||||||
86 | |||||||||||
87 | |||||||||||
88 | |||||||||||
89 | |||||||||||
90 | |||||||||||
91 | |||||||||||
92 | |||||||||||
93 | |||||||||||
94 | |||||||||||
95 | |||||||||||
96 | |||||||||||
97 | |||||||||||
98 | |||||||||||
99 | |||||||||||
100 | |||||||||||