Google has created a new “Open Source Maintenance Crew” who will help upstream maintainers of critical open-source projects to handle bugs and patching processes.
The new team is part of Google’s contribution to the White House’s push to improve cybersecurity in open source and protect software supply chains following the White House’s January summit with major tech vendors, including Microsoft, Google, IBM and Amazon Web Services.
Google I/O 2022
Back then, President Joe Biden signed an executive order that requires the government to provide a Software Bill of Materials (SBOM) that details supply chain relationships of components used in building software.
Google says the new maintenance crew consists of a dedicated team of Google engineers who will work with upstream maintainers of critical open-source projects.
“One issue frequently cited by open source maintainers is limited time. Since under-maintained, critical open source components are a security risk, Google is starting a new Open Source Maintenance Crew, a dedicated staff of Google engineers who will work closely with upstream maintainers on improving the security of