This charter describes operations as an OSSF Technical Initiative. The Focus section below describes what is in and out of scope, and Governance section describes how our operations are consistent with OSSF policies with links to more detailed documents.
Mission: TODO
Open Source Software has long suffered from a "tragedy of the commons" problem. Organizations large and small make use of OSS every day, but many projects are struggling for the time, resources and attention they need.
This is a resource allocation problem - and we can help solve it together. We need ways to connect critical projects we all rely on with organizations that can provide them with support.
Whether it is dedicated help from specialized experts or simply grant money or cloud credits, we recognize that no two projects are the same, and support can come in many shapes. We intend to work with upstream maintainers to understand what help and support they need, and then develop scalable processes to make this help available.
To the best of our efforts, the goals of the working group are:
- Identify projects critical to the open-source supply chain.
- Secure projects critical to the open-souce supply chain.
- Provide tools and novel solutions for critical open-source projects.
WG-Securing-Critical-Projects operations are consistent with standard operating guidelines provided by the OSSF Technical Advisory Committee TAC.
Meetings will all be published on the OSSF Community Calendar.
We have a public email list available here: https://groups.google.com/g/wg-securing-critical-projects
Meeting Notes and Agendas are available on Google Drive. (Join the group above to edit.)
Meeting Recordings are available on Youtube at: https://www.youtube.com/playlist?list=PLVl2hFL_zAh-cAfx6y4k-fODfbHeQzb_O.
Full details of process and roles are linked from governance README.