GitHub Secure Open Source Fund! #82
Comments
|
Sorry for missing this Mike. I must have dismissed this notification by accident. Wish we could have acted on this. We don't review the issues on this repo regularly since they are sparse. Rick & Matthias generally respond to every email, so that may be a better way to reach us in the future. |
|
Should I email [email protected] in the future? Or is there another secret email I should use? I do not see anything listed here |
|
@krassowski this is the right place. We just didn't have the capacity to respond last month. |
|
Re-opening this so we can track the application we submitted on 26 January 2025. |
|
I will just add that I would be happy to volunteer, if there is space. |
|
Noting here in writing that I also volunteer to be part of the GitHub Secure Open Source training program. Thank you @krassowski and @rpwagner for driving this (despite our late application)! |
|
I got an email from the organizer we met with this week asking for some details, to be shared with the selection committee by tomorrow morning:
I threw together a Google Doc and recorded a quick video, naming @krassowski, @dlqqq, and @RRosio as the intended participants. Apparently an email was sent earlier asking for this but I did not receive. If we're not selected, I'll take responsibility for my rushed video. I'm sure other project put together more exciting ones. |
And my sincere thanks to all three of you for having headshots on your GitHub profiles! |
krassowski
changed the title
|
@rpwagner Thank you for owning that! Let me know if I can help you with this program in any way; I appreciate your work. |
|
Thanks, @dlqqq! I love a good end-of-the-day deadline. Recording a video was a bonus challenge. |
|
We have been accepted!
@dlqqq @RRosio and @krassowski can you confirm your participation so we can officially accept? |
|
@rpwagner thank you! |
|
@rpwagner Thank you! I can confirm as well. cc @krassowski |
|
@RRosio and @dlqqq thanks for confirming. I'm going to submit your names in addition to @krassowski since my memory is that he wanted to participate if he could get internal support. I'd rather given him the first opportunity than miss out. |
|
Also, there's a kickoff meeting on Monday, March 3rd, from 9:00 am to 10:00 am PDT. I think others from the Security Council can attend if we're interested. I have a conflict and may only be able to make the start of it. |
|
Sorry, I was waiting until the last minute to see if anyone from JupyterHub could be interested, but as of now no takers. Yes, happy to participate, I should be able attend at least 80% of Tue-Thur sessions. Do we have dates for these sessions? |
|
@krassowski all I have is that the sessions will be every Tuesday and Thursday from 8-10am PDT. Since the kickoff meeting is March 3, I would assume the training will start sometime after that. I should have the complete timeline sometime tomorrow I hope. Also, we were asked not to post about the acceptance since GH will promote. We already have this issue going, but please don't post anything on social media or anywhere prominent. I didn't catch that in the email I received. |
|
Hey all! I was slow to pick up on this opportunity and just spoke with @krassowski in a Zulip thread. @rpwagner, if possible, @krassowski and I would like to swap out @krassowski and swap in me (focus on JupyterHub security). As the person who has led the application, it would be fine for you to say no to attempting this, but if you are okay with trying a swap, is there something I could help with? |
|
@consideRatio I don’t think this will be a problem. I’ll send the request to the organizer now. Thanks for being willing to participate! |
|
Thank you @rpwagner!! |
|
@consideRatio, @RRosio, and @dlqqq I just forwarded the calendar invites I received to you for the kickoff meetings and the weekly training. I expect you should get your own invites shortly. I've also provided your contact information (GitHub handle, email address) to the organizer so hopefully more information will go directly to you rather than through me. Still no word on the public announcement. |
|
As a part of the program, I am setting up my sponsors page but adding a note that funds should be provided to the organization via the organization's sponsors page as was recommended. Is https://github.com/sponsors/ipython the correct sponsors page to add? |
|
@RRosio My manager @ellisonbg has asked that I direct my share of the funds to the Linux Foundation that Project Jupyter is under. I just sent Gregg (program manager) a note asking about how I can do so. |
|
Thank you for sharing this with me @dlqqq! Since the Linux Foundation is not currently an option under fiscal hosts, what I gathered from the meeting today, is that maybe someone from the Linux Foundation could follow up with Github about becoming a supported fiscal host? Otherwise, there is the option to provide funding to the projects directly via the project's sponsors page.. but I will be interested to hear Gregg's recommendation! |
Nop. I opened jupyter-governance/ec-team-compass#52 many month ago as things still point to NumFocus, but as EC is unresponsive, I closed the issue, and this is something I brought up several time while we were applying to to program. I would suggest that the funds be directed to LF only if it is earmarked for security. |
|
I can resurface this issue with the EC. Any suggestions from Gregg on the right way to do this would be helpful. And I agree with @Carreau's point that any of these funds should be used towards security. Several of us (all?) from the EC will be meeting at an LF summit next week. That's probably the best time for us to sort this out. |
|
@RRosio Gregg replied and told us that somebody on the LF side needs to register LF as a fiscal host in GitHub Sponsors. I asked Brian for guidance on how to move forward on this, and he's asked that I write an email about this to the EC for action. I'll get started on that now and send it within the next hour. @rpwagner If you could bring this up at the LF summit next week, that would be super helpful. @Carreau I'll be sure to note your suggestion in my email as well. |
|
@dlqqq we’ve already started on this within the EC so need to send anything. I hope to have an answer later this week. |
The deadline is January 7th. Briefly, it is focused on addressing security debt; the funds are distributed via GitHub Sponsors.
https://github.blog/news-insights/company-news/announcing-github-secure-open-source-fund/
https://resources.github.com/github-secure-open-source-fund/
Cross-posting from jupyter-governance/ec-team-compass#80.
The text was updated successfully, but these errors were encountered: