Jan 18, 2022
Adam Baldwin (@adam_baldwin)
Amélie Koran (@webjedi)
https://logging.apache.org/log4j/2.x/license.html
https://www.theregister.com/2021/12/14/log4j_vulnerability_open_source_funding/
https://www.zdnet.com/article/security-firm-blumira-discovers-major-new-log4j-attack-vector/
F/OSS developer deliberately bricks his software in retaliation for
big companies not supporting OSS.
https://twitter.com/BleepinComputer/status/1480182019854327808
Faker.js - https://www.npmjs.com/package/faker
Generate massive amounts of fake contextual data
Colors.js - https://www.npmjs.com/pafaker
- npm package/colors get color and style in your node.js
console
https://abc7ny.com/suspicious-package-queens-astoria-fire/6425363/
Should OSS teams expect payment for giving their time/code away for free? What are their expectations
Should open source projects be aware of how popular they are? What happens when they reach a certain level of popularity?
OSS Sustainability - https://github.blog/2019-01-17-lets-talk-about-open-source-sustainability/
https://webjedi.net/2022/01/03/security-puppy/
Apparently, “Hobbyists” were the bane of a young Bill Gates: (can you https://en.wikipedia.org/wiki/Open_Letter_to_Hobbyists
https://en.wikipedia.org/wiki/History_of_free_and_open-source_software
History of open source
Licensing Overview: https://youtu.be/Eu_GvrSlShI (this was a talk I gave for Splunk on this --AK)
https://libraries.io/
Libraries.io monitors 5,039,738 open source packages across 32
different package managers, so you don't have to.