Ian Dunbar-Hall
Ian Dunbar-Hall
# Increase Participation of Public Sector Organizations Outcome and Key Result #1 for 2024. ## Description Increase participation of Public Sector organizations in the Open Source community as measured by...
# Increase Participation of Public Sector Organizations Outcome and Key Result #2 for 2024. ## Description Increase thought leadership within this space through two related, but separate focuses 1. Release...
# Increase Participation of Public Sector Organizations Outcome and Key Result for 2024. ## Description Increase active participation of Public Sector companies in project contributions. ## Measurement 1. Have at...
Requesting [bomctl](https://github.com/bomctl/bomctl) be added to oss-fuzz. [bomctl](https://github.com/bomctl/bomctl) is a open source project under the OpenSSF Security Tooling Working Group and tries to solve the issue of working with multiple Software...
Ref https://github.com/ossf/sbom-everywhere/blob/main/reference/sbom_naming.md > 2. Directory Structure: > > Store SBOM files in a dedicated directory, separate from the source code. This might be a top-level directory in the repository named...
Question that came up around adding SBOM checks to Scorecard. > How do we determine if the project should create an SBOM or not, depending on the type of release...
During the 2023 OpenSSF Secure Open Source Software Summit, an action item was create to help open source and standardize simple sbom manipulate tooling. A time table was also proposed....
Public Sector CNCF Members are seeing Government Customer focus on securing software supply chains and receiving attestations. These attestations need to be signed and have provenance bridge across multiple company...
The __bomctl__ project was developed as an experiment within the Security Tooling WG as a response to a [2023 Secure Open Source Software Summit item](https://github.com/ossf/wg-security-tooling/issues/61). We are seeking admission to...
[Bomctl](https://github.com/bomctl/bomctl) is seeking Sandbox Project Entry into the OpenSSF under the Security Tools WG. In following the [Sandbox Process](https://github.com/ossf/tac/blob/main/process/project-lifecycle.md#submission-process) - the bomctl maintainers are requesting the "one-time IP policy and...