September 17, 2021
Google has published details of eight projects it will support after pledging $100 million to teams that manage open source security priorities and help fix vulnerabilities.
These eight projects include Git, a control program that forms the basis for platforms like GitHub and GitLab developed by Linux Kernel creator Linus Torvalds.
While Git appears to be the largest of the eight audits, it is considered “the second-most critical application in C,” with the other seven projects including important JavaScript and Java tools and frameworks for web development.
The projects include Lodash, a modern JavaScript utility library for web development used in Chrome and other browsers; Laravel, a PHP Web Application Framework; SLF4J (Simple Logging Facade for Java); the Jackson core JSON for Java and the Jackson database package; and Httpcomponents-core and Httpcomponents-client.
According to Kaylin Trychon, Security Comms Manager on the Google Open Source Security Team, “The eight libraries, frameworks, and apps that were selected for this round are those that would benefit the most from security improvements and make the largest impact on the open-source ecosystem that relies on them.”
For more information, read the original story in ZDNet.
