InfoQ

OpenSSF Publishes Security Baseline for Open-Source Projects

Waiting for them to become available in the future, project maintainers are suggested to use a self-attestation such as "As of April 31, 2025, this project complies with OSPS Baseline version ...
Dark Reading

OpenSSF Sets Minimum Security Baselines for Open Source Projects

The Open Source Security Foundation (OpenSSF), a Linux Foundation entity, has announced a new initiative to establish minimum security requirements for open source software. The Open Source Project ...

For open-source programs, AI coding tools are a mixed blessing

AI coding tools have enabled a flood of bad code that threatens to overwhelm many projects. Building new features is easier ...
ZDNet

Did maintainers abandon your critical open-source tool? This rescue plan offers a lifeline

EmeritOSS provides a new lease of life for three open-source projects. The tool adds a way to patch otherwise abandoned programs. More open-source projects will be added if there's demand. Chainguard ...

How Boards Can Turn Open Source Into A Winning Business Strategy

Open-source risk is often simplistically reduced to security headlines about the latest vulnerability or bug count. Security matters, of course, but it is only one dimension of a broader risk surface ...