Tools and datasets to support, sustain, and secure critical digital infrastructure.

Ben Nickolls and Andrew Nesbitt tell us about Ecosystem Funds, their one-stop-shop for funding open source dependencies

I recently chatted with Andrew Nesbitt about his project, Ecosyste.ms. Ecosyste.ms catalogs open source projects by tracking packages, dependencies, repositories, and more. With this dataset Andrew is...

10 Simple Rules for making your code last beyond your current job This is a draft: the goal is a preprint on ORCID, and then to submit a version of this to PLoS. All suggestions or comments are welcom...

Today Open Source Collective and ecosyste.ms are launching Funds supporting 291 Open Source Ecosystems. Unsurprisingly, we call them Ecosystem Funds.

Today Open Source Collective and ecosyste.ms are launching Funds supporting 291 Open Source Ecosystems. Unsurprisingly, we call them Ecosystem Funds.

**Today Open Source Collective and ecosyste.ms are launching Funds supporting 291 Open Source Ecosystems. Unsurprisingly, we call them Ecosystem Funds.** A few, short weeks before the holidays we announced Ecosystem Funds; a collaboration between Open Source Collective and ecosyste.ms that makes it easier to support your critical software dependencies. ### What are Ecosystem Funds? Using billions of data points from ecosyste.ms we’ve packaged millions of the most critical open source components into a few hundred Funds centred on a language, framework, or package, turning a process that can take months into a five minute conversation with your CTO. ### What have we been up to? We launched with a $67,500 commitment from Sentry to the Rust, Python, Django and Javascript Ecosystems. We’ve since distributed over 80% of the funds in 375 individual payments to 136 projects. We’ve sent money to projects on GitHub Sponsors, Patreon, BuyMeACoffee, Ko-fi, and of course Open Collective. We contacted hundreds maintainers, asking them to update their ‘funding.yml’ so anyone could support them, for those who didn’t we paid maintainers directly, again through Open Collective. We’re hoping to distribute the remaining funds this month which is why we’re launching Ecosystem Funds to the general public today. ### How does it work? Once again for those in the back: Sponsor the technology you depend upon, we’ll do the rest. Find an ecosystem using our search and donate a single or recurring sponsorship. We handle everything else. We’ll direct your money (minus a 10% management fee) to maintainers, using the tools they have chosen to manage their finances. We allocate 100% of the donations in every fund with a balance of $1,000 or more, on a monthly basis. Every donation and payment is traceable through both Ecosystem Funds and Open Collective. Donations can be made directly through funds.ecosyste.ms or, if you have an account, on Open Collective. Companies who wish to make a large donation, or start a Fund of their own, can request an Invoice from Open Source Collective — who are already an approved vendor to most large open-source-supporting organisations. ### What’s next? While we’re launching with nearly three hundred Funds we’re certain that we’ll have missed more than a few ecosystems around your favourite framework, tool, or package, and we’re happy to add them. Just get in touch and we’ll do some data wrangling to add it — note that we’re not going to include a Fund for just the projects you work on, that’s what GitHub Sponsors is for. We’re also hugely aware of the limitations of our approach. We’re missing all the standards bodies, documentation projects, and foundations who support open source outside of the dependency graph. We’re also missing domain-specific Funds, there’s no climate, marine, aviation, or space-exploration based Funds to support. To address this we’ll be building ways for communities (and corporations) to package their own Ecosystem Fund, and support it. ### … Just one more thing While building a service to support thousands of the most critical software components might be enough for some, it’s not for us. Over the coming months we’ll be building a tool to track all your open source ‘investments’, to better understand the impact your money is having on the projects you depend on most.

I got to chat with Lars about a new CI/CD system he’s been working on called Ambient. It sounds really cool and does some very clever things today, with even more things planned in the future. We also...

Hello! Welcome to the February newsletter—now known as Ruby Central’s OSS Changelog. As mentioned in our previous newsletter, we will now be sending out separate updates for the Open Source Program…

When I started Open Source Security HeroDevs reached out and asked if I wanted to have a chat. I was pretty interested in this discussion because the work HeroDevs does today is very similar to the wo...

YouTube video by OpenUK

When I started Open Source Security I knew one of those topics that could use more attention was the security of CI/CD systems. All the talk about securing the supply chain seems to almost exclusively...

Very recently the Node.js project filed a few CVE IDs for end of life products. For vulnerability nerds this is exciting because historically EOL things didn’t get CVE IDs just for being EOL. And as o...

Climate downscaling using CMIP6 data. Contribute to carbonplan/cmip6-downscaling development by creating an account on GitHub.

Our companies feast year after year at the Open Source table. It's time to settle up.

Building an open science funding revolution for open source climate action.

Talk accepted, looks like I’m going to FOSDEM 🤩

What's Changed YJIT: Add --yjit-mem-size option by k0kubun · Pull Request #11810 [DOC] Tweaks for Array#permutation by BurdetteLamar · Pull Request #11802 [DOC] Tweaks for Array#pop by BurdetteLam...