Notices by Sovereign Tech Agency (sovtechfund@mastodon.social), page 3

Documentation is critical for #FOSS projects, helping to ensure long-term viability & sustainability of technologies. Want to improve your project's docs to guide new users and potential contributors? Apply for up to €300k in our #ContributeBackChallenges for strengthening open source infrastructure:
https://sovereigntechfund.de/en/challenges/

We’re glad to announce that the Sovereign Tech Fund is supporting independent security audits and developer tool enhancements as part of Drupal’s adoption of a new supply chain security model. Drupal is a globally utilized open source content management system.

https://sovereigntechfund.de/tech/drupal

@drupalassoc

“This is an important cultural shift in how governments invest in the long-term viability of OSS and digital public goods, and we hope to see more of this in the future.”

Reflecting on our investment in the @openjsf, @cosborne wrote a piece, which eloquently captures a lot of what the Sovereign Tech Fund is doing:

“While these are still early days, the STF can set a precedent and act as a model for other governments in Europe and elsewhere, which also seek to support the sustainability of open source digital infrastructure that powers and benefits diverse stakeholders across sectors and countries…"
https://linuxfoundation.eu/newsroom/stf-openjs

We're thrilled to announce the nine FOSS teams selected for the STF #ContributeBackChallenges! We received 70 applications from 20 countries, proposing 9.8m€ of work. Let's meet the projects who will receive a total of €1,363,600 for work in 3 areas.

Prefer to see all of them at once? 👉 https://sovereigntechfund.de/en/challenges/#selected-participants-first-round

Haskell Cabal https://www.haskell.org/cabal/

Cabal is the build system and package manager for the Haskell programming language. Creating maintainable architecture for Cabal and streamlining its build system strengthens the Haskell language ecosystem.

conda-store https://conda.store/en/latest/

conda-store is a FOSS tool for managing data science environments in collaborative teams. It provides flexible yet reproducible environments while enforcing best practices throughout an environment’s life cycle. Integrating conda-store into the conda ecosystem, adding multi-platform support, & improving maintenance & contribution workflows advance the long-term sustainability & accessibility of these essential resources for the broader Python community.

The first of the #ContributeBackChallenges is “Improving FOSS Developer Tooling” to contribute the development workflow for FOSS infrastructure projects.

Congratulations to the four teams for this area!

@openwebdocs https://openwebdocs.org/
compat-data

Open Web Docs helps to maintain open web documentation and the tools that support this documentation. By documenting accurate compatibility data for web technologies, web developers can more easily create websites that are compatible with many different web browsers.

The next of the #ContributeBackChallenges is “Securing FOSS Software Production,” working on securing the entire production of FOSS, from source code to binary distribution.

Congratulations to the three teams in this section!

RuntimeTypeInspector.js https://runtimetypeinspector.org

RuntimeTypeInspector.js is a tool that allows JavaScript projects of any kind to enable runtime type checking. Checking data types efficiently eliminates unseen runtime errors that can crash an application.

Securing Apache Airflow https://airflow.apache.org

Apache Airflow is a top-level Apache project and a pivotal component in the Python ecosystem. It is the go-to solution for workflow orchestration, enabling data scientists and engineers to schedule and execute complex data pipelines. Enhancing its security model will provide a safe, state-of-the-art workflow orchestration tool.

Nix ecosystem supply chain security https://nixos.org

Nix is an open source build system, configuration management system, and mechanism for deploying software, focused on reproducibility. With Nixpkgs and @nixos_org it supports the largest, most up-to-date free software repository in the world. Reinforcing the project’s security framework across the full software development life cycle provides safer defaults for users and eases industry adoption.

OpenPGP documentation for application developers

Repository: https://codeberg.org/heiko/openpgp-notes

OpenPGP serves as a building block for secure personal communication, including in email and messaging software. This project provides OpenPGP documentation for application developers, for the upcoming “OpenPGP crypto-refresh” version of the standard.

@hko

The third of the #ContributeBackChallenges is "FOSS Infrastructure Documentation," to create comprehensive documentation for the most critical and widely-used FOSS infrastructure projects.

Congratulations to the two teams working on better documentation!

Rusty SBOMs / CycloneDX Module for Rust (Cargo)
https://stackable.tech/

Repository: https://github.com/CycloneDX/cyclonedx-rust-cargo

For the Rust ecosystem and the CycloneDX standard, the cyclonedx-rust-cargo project is emerging as the standard for creating Software Bill of Materials (SBOMs). This project enhances software production security in the Rust ecosystem by contributing to the production-readiness of this common Software Bill of Materials generator.