There are many webpages but only one webbpage and it's mine. Welcome to Paul Anthony Webb's home on the 'Net.

GraphQL: i don't like Facebook but bless them for creating GraphQL. Holy moly, can you imagine using REST for everything? Yuck.

🎯

julian.digital weblog

Status of Secure Open Source Rewards program

The Secure Open Source (SOS) program was established as a program to address the very long tail of open source security. The idea was simple: create financial incentives to find and fix security issues in all open source projects. After 24 months in action, the program disbursed $353,000 for 189 improvements. We are particularly grateful to all the contributors for their efforts. 

Although these results were positive, they also made clear that this approach will not scale to the problem at hand; therefore the SOS program has been decommissioned because alternative approaches exist: The Linux Foundation & Google continue to support individual security work through scaled approaches through the Linux Foundation’s Alpha-Omega project and individual rewards through Google’s Patch Rewards Program. 

The Patch Rewards Program has been around since 2013 and seeks to reward patches (or pull requests) that improve the security of an in-scope project. The Alpha-Omega project mission is to protect society by catalyzing sustainable security improvements to the most critical open source software projects and ecosystems. Since 2022, Alpha-Omega has disbursed over $8M in grants to improve open source security. For more information please visit the Patch Rewards Program and Alpha-Omega websites respectively.