After meeting with US President Joe Biden a few weeks ago, Google has pledged to invest $100 million in funding to improve the security of open source projects such as Git and Laravel. Today, the technology giant revealed that it will work with the Open Source Technology Improvement Fund (OSTIF) to promote this work. The two parties will work together to launch the Management Audit Program (MAP) to enhance the security review and audit depth of open source projects that are widely used by people all over the world.
At present, Google has promised to manage security priorities and help fix the defects in the following eight open source projects:
- Git
- Lodash
- Laravel
- Slf4j
- Jackson-core
- Jackson-databind
- Httpcomponents-core
- Httpcomponents-client
At the same time, OSFIT commented:
Thanks to the Google open source security team for helping us expand our influence, which not only helps to find bugs, but also fixes problems in the entire open source ecosystem. After the launch, we hope to significantly develop related businesses in the next few years and provide support for hundreds of projects. At the same time, rely on the support of the infrastructure community to improve relevant data. Finally, we believe that these joint efforts will bring a safer open source environment for everyone.
Finally, in the first 24 projects of MAP, projects such as Electron, React Native, Rails, Joomla, and Angular are also included. It is believed that after funds are raised, they will also be included in the subsequent rounds of MAP.