Ecosyste.ms — Identify, Secure, and Sustain Critical, Open Source Components
Open Source Collective is building shared infrastructure for a growing community of researchers, policymakers, developers, and funders seeking to identify, secure, and sustain critical open source components.
Today we are excited to announce that Open Source Collective, with financial support from Plaintext Group at Schmidt Futures, is making a commitment to the world’s effort to sustain and secure open source software for the future.
For the past decade, we have witnessed an increasing appreciation of the value that open source software provides, despite increasingly frequent reminders of the challenges we face in a world where ‘open source has won’.
Thankfully we have seen a corresponding increase in the number of policymakers, thinkers, industry leaders, and entrepreneurs prepared to face those challenges head-on. Underlying their efforts is a shared foundation of knowledge about the state of the open source ecosystem. With this knowledge we can now take action in response to questions about the most widely used tools, the most under-resourced areas of the ecosystem, and where to focus our combined efforts.
Last month’s announcement from the Linux Foundation and the OSSF confirmed that we’re not alone in our convictions. As their White House Mobilization Plan states:
A major challenge to objectively determining which open source software is actually “critical” is that usage, download, and dependency data is often considered a proprietary advantage by the software distribution channels who are able to collect that data.
Open Source Collective and Plaintext Group are addressing this issue with a set of free and open resources we are calling Ecosystems. Ecosystems will provide:
- a comprehensive, structured, and open dataset about free and open source software, its usage and authorship;
- a set of tools and services to resolve software dependency information quickly, to reason about the usage, creation and potential impact on the ecosystem, and;
- a support structure for those who are looking to work with and build upon these services.
Ecosystems will combine data from package registries, software repositories, vulnerability databases, container systems, and operating systems. We are uniquely focused on building infrastructure for researchers, policymakers, developers, and funders, to provide the foundation for others to build upon.
Our initial support will provide the framework to develop and launch Ecosystems, and to work in partnership with a small number of our intended users to co-design and exemplify the utility of the services we provide. Development has already begun and we are on track to launch to the public later this year.
For more information about Ecosystems you can:
- Read our proposal
- Check out our code, roadmap and development log
If you’re interested in using Ecosystems: get in touch with the team at hello@ecosyste.ms.
Who’s Who?
Open Source Collective is a non-profit fiscal host to over 3,000 open source projects on the Open Collective Platform. Open Source Collective is both the coordinator and fiscal sponsor to Ecosystems, providing the financial and legal infrastructure necessary to support the project into the future.
Plaintext Group is a nonpartisan, technology innovation policy initiative being developed by Schmidt Futures. Schmidt Futures' incubation of Plaintext Group is part of our effort to take on important public problems where systemic solutions may be available, by creating interdisciplinary institutions of exceptional people.