Introducing self-service SBOMs
Developers and compliance teams get a new SBOM generation tool for cloud repositories.
We are open sourcing our own OSPO policies, tools, and guides to help other OSPOs get started.
Hello fellow open source enthusiasts! We are thrilled to announce the release of an open source repository to help organizations build up their own Open Source Program Office (OSPO), github-ospo!
For those who are unfamiliar with the term, an OSPO is a dedicated team or individual responsible for managing a company’s open source strategy, policies, and processes. At GitHub, we take open source seriously, and we have an established OSPO to help us do just that.
github-ospo is a collection of tools, processes, and best practices that our own OSPO team uses to help us manage our open source initiatives. We are excited to release this project and share it with the wider community to help other organizations navigate the world of open source.
Open source usage is on the rise! We’ve seen that 90% of businesses today rely on open source software. It’s everywhere, even if we don’t always realize it. That ubiquity comes with a responsibility for keeping it secure. Security vulnerabilities in open source software rose 4% in 2022 alone. OSPOs give companies an opportunity not only to use open source software, but also to be good stewards of it. That is why It’s becoming increasingly important for companies to be more thoughtfully involved in open source. For a deeper understanding, check out “Five reasons why organizations should invest in open source.”
We believe that open source is an essential part of the software industry and we are committed to making it more accessible to everyone. By open sourcing github-ospo, we hope to contribute to the ever growing movement of companies that are embracing open source and giving back to the community.
In the repository, there are materials you can use to help build your own OSPO:
We invite you to check out the github-ospo repository on GitHub and join us in contributing to this exciting new project. Feel free to open an issue or discussion to get started. Let’s work together to build a more open, collaborative, and sustainable future for open source everywhere!