Interested in Dev/Contributing to GUAC?

Question

Interested in Dev/Contributing to GUAC?

lumjjb opened this issue 2 years ago · comments

Welcome! This thread is on expressing interest in contributing to GUAC! We are glad to welcome our fellow open source contributors! As the project is starting up, we will be creating issues that folks can pick up and work on. In the meantime, as the code base is forming up, we'd like to engage directly with our contributors!

BTW we now have a slack channel: https://openssf.slack.com/archives/C03U677QD46

If you are interested in contributing, it would be very helpful to provide the following details (copy and paste into your comment):

1. I am interested in contributing to:
- [ ] Development
- [ ] Documentation
- [ ] Issue triage and community
- [ ] Technical advisory (review [governance document](https://github.com/artifact-ff/artifact-ff/blob/main/GOVERNANCE.md#technical-advisory-members))

2. I am here because:
- [ ] Personal interest
- [ ] My company/orgs i work with are interested in this

3. What is your associated company/org if you're contributing in their capacity? _________

4. Depending on how things go, I may be interested in becoming a maintainer of the project
- [ ] Yes

5. (optional) I have expertise in:
- [ ] Neo4j
- [ ] Cypher
- [ ] GraphQL
- [ ] Intoto
- [ ] SPDX
- [ ] CycloneDX
- [ ] Others (fill in):

Chapman Pendery · Answer 1 · Fri Aug 05 2022 01:03:19 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity?
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Note: my company may be interested in the project and me contributing in their capacity, so I'll update this note if they approve that work

shafee · Answer 2 · Fri Aug 05 2022 18:50:05 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs I work with are interested in this

~~What is your associated company/org if you're contributing in their capacity? _________~~
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes
Maybe. Would be interested to stick with it so I can learn more about supply chain security 😃

(optional) I have expertise in:

Neo4j
Cypher
GraphQL (somewhat)
Intoto
SPDX
CycloneDX
Others (fill in): HTML, CSS, JavaScript, Node.js, React, SQL. Open to expand my contribution/learning if more work is needed in any area of this project

Jhon Baron · Answer 3 · Sat Aug 06 2022 04:29:28 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Shripad Nadgowda · Answer 4 · Wed Aug 17 2022 22:01:40 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _Intel
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Brandon Lum · Answer 5 · Fri Aug 19 2022 22:59:53 GMT+0800 (China Standard Time)

btw we have a slack channel now! https://openssf.slack.com/archives/C03U677QD46 come join

Matt Young · Answer 6 · Sat Aug 20 2022 04:43:14 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? ...stay tuned.
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Michael de Senna · Answer 7 · Fri Sep 30 2022 11:59:16 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Note: my company may be interested in the project and me contributing in their capacity, so I'll update this note if they approve that work.

NaveenKumar Namachivayam ⚡ · Answer 8 · Fri Oct 21 2022 02:23:11 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Jude · Answer 9 · Sat Oct 22 2022 04:28:45 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? https://haiphen.io__
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Daniel Haim · Answer 10 · Sat Oct 22 2022 14:01:02 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Satish Chintapalli · Answer 11 · Sat Oct 22 2022 20:55:13 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Asankhaya Sharma · Answer 12 · Sun Oct 23 2022 19:01:28 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? N/A
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Neo4j
Cypher
GraphQL
Intoto
SPDX
CycloneDX
Others (fill in):
We designed and implemented a similar Security Graph Language (SGL) @sourceclear.
The work was presented at IEEE SecDev 2018:
SGL Slides
SGL Paper

anthonyharrison · Answer 13 · Sun Oct 23 2022 21:51:13 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

salnewton · Answer 14 · Mon Oct 24 2022 01:26:42 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
[x ] Documentation
[x ] Issue triage and community
[x ] Technical advisory (review governance document)

I am here because:

[x ] Personal interest
[x ] My company/orgs I work with are interested in this

What is your associated company/org if you're contributing in their capacity? Intel_______
Depending on how things go, I may be interested in becoming a maintainer of the project

[x ] Yes
[x ] Co-Maintainer

(optional) I have expertise in:

Neo4j
Cypher
GraphQL
Intoto
SPDX
CycloneDX
[x ] Others (fill in):
[x ] Policy
[x ] Policy Shifted Left
[x ] SDLC Requirements
[x ] Risk Management
[x ] Compliance through SDLC
[x ] NIST 800-218
[x ] Smart aggregation turning data into meaning

GreyXor · Answer 15 · Mon Oct 24 2022 21:43:11 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity?
Morphysm
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

blaz Ocepek · Answer 16 · Mon Oct 24 2022 23:37:18 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Ragha Vema · Answer 17 · Tue Oct 25 2022 01:17:14 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? FannieMae
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Randall · Answer 18 · Wed Oct 26 2022 00:58:13 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Theofilos Petsios · Answer 19 · Thu Oct 27 2022 02:52:57 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? Crash Override
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

MALLA RAVINDRA ADITYA · Answer 20 · Thu Oct 27 2022 08:28:46 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _NA
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Justin Abrahms · Answer 21 · Thu Oct 27 2022 23:33:44 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? eBay
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

JonZeolla · Answer 22 · Thu Oct 27 2022 23:53:34 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs I work with are interested in this

What is your associated company/org if you're contributing in their capacity? Seiso - cloud native security consulting. https:/sei.so
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

xavier zebier · Answer 23 · Mon Oct 31 2022 16:46:41 GMT+0800 (China Standard Time)

I am interested in contributing to:

[ x ] Development
[ x ] Documentation
[ ] Issue triage and community
Technical advisory (review governance document)

I am here because:

[ X ] Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Andy Raj · Answer 24 · Tue Nov 01 2022 01:01:24 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
[X ] Documentation
[ X] Issue triage and community
[ X] Technical advisory (review governance document)

I am here because:

[ X] Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

[X ] Yes

(optional) I have expertise in:

Zach Probst · Answer 25 · Wed Nov 02 2022 05:24:54 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? Intuit
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

As one final note, my team is building an application that is much in the same vein as yours. We have a fairly mature project for modeling the infrastructure side. We are beginning to build new features around ingesting SBOM data and artifacts.

Raj Joshi · Answer 26 · Thu Nov 03 2022 00:08:19 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Alex Floyd Marshall · Answer 27 · Thu Nov 03 2022 18:47:51 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? Raft
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Rajesh Jain · Answer 28 · Fri Nov 04 2022 01:32:37 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Brandon Lum · Answer 29 · Fri Nov 04 2022 03:51:03 GMT+0800 (China Standard Time)

Hi all! Thanks for expressing interest, we will probably be starting a series of community meetings soon! Information will be put here when they start - stay tuned! In the meantime, thanks for joining us!

Stephan · Answer 30 · Fri Nov 04 2022 20:55:08 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

peter-thomas-db · Answer 31 · Sat Nov 05 2022 01:16:30 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? Deutsche Bank
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

siranen · Answer 32 · Sat Nov 05 2022 02:24:02 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Alex Vanderpot · Answer 33 · Wed Nov 09 2022 06:43:15 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? LunaSec
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

LunaSec's LunaTrace project produces SBOM and VEX documents that could be consumed by the graph. LunaTrace is similar to GUAC in that it uses a graph data structure to reason about dependencies.

Siddhant Khare · Answer 34 · Sat Nov 12 2022 11:05:44 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Ryan Craig · Answer 35 · Tue Nov 15 2022 08:38:20 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Jhon Baron · Answer 36 · Tue Nov 15 2022 10:09:55 GMT+0800 (China Standard Time)

btw we have a slack channel now! https://openssf.slack.com/archives/C03U677QD46 come join

could you please share another link ? I´m not able to join to this channel :(

robh-snyk · Answer 37 · Wed Nov 23 2022 02:16:17 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity?
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Kumar Abhishek Shahi · Answer 38 · Wed Nov 23 2022 15:19:53 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? Not Applicable_____
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

gth999 · Answer 39 · Mon Nov 28 2022 05:37:15 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? Not Applicable
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Brandon Lum · Answer 40 · Wed Dec 07 2022 08:27:01 GMT+0800 (China Standard Time)

Hi All! We are having our first community meeting next week! Looking forward to meeting everyone!!

https://calendar.google.com/calendar/event?action=TEMPLATE&tmeid=MWc4aDR2cG80dXIyMmRkM[…]7576484474ebefce57c47d1eaeb02d6%40group.calendar.google.com

Google Meet link: meet.google.com/zpf-pfkj-ywd

@cpendery @shafeeshafee @Jhooomn @nadgowdas @halcyondude @desenna @QAInsights @JudeSafo @danielhaim1 @scpli3 @codelion @anthonyharrison @sallienewton @GreyXor @cepix1234 @rvema @ran-dall @nettrino @ralav @justinabrahms @JonZeolla @tixu @raj-andy1 @zprobst @raj-riskone @apmarshall @rjain15 @s-spindler @peter-thomas-db @AndrzejRPiotrowski @ajvpot @Siddhant-K-code @ryancraig @robh-snyk @KumarAbhishekShahi @gth999

Jude · Answer 41 · Wed Dec 07 2022 23:54:58 GMT+0800 (China Standard Time)

What date and time? FYI: Unable to join the slack channel thus far.

…

Ross McEwan · Answer 42 · Thu Dec 08 2022 00:30:43 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Mihai Maruseac · Answer 43 · Thu Dec 08 2022 01:26:12 GMT+0800 (China Standard Time)

What date and time? FYI: Unable to join the slack channel thus far.
…

Monday, 12th of December, 8 am Pacific Time, 11 am East Coast time

Jude · Answer 44 · Mon Dec 12 2022 11:09:00 GMT+0800 (China Standard Time)

Hi Mihai, Thanks for providing the date and time. Do you mind also providing the Google Meet link or zoom link to the meeting tomorrow? (The link provided in the original thread just pops open an empty calendar template). Sorry for the noise everyone, once I'm on the slack channel I'm sure it will be easier to communicate. On Wed, Dec 7, 2022, 12:26 PM Mihai Maruseac ***@***.***> wrote:

…

Rewanth Tammana · Answer 45 · Mon Dec 12 2022 16:32:14 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? Freelancer
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Neo4j
Cypher
GraphQL
Intoto
SPDX
CycloneDX
Others (fill in): Nmap GSoC, Trivy Operator, Kubectl krew plugins, Damn Vulnerable Bank, containers-from-scratch, sigstore-the-easy-way, Golang, & many more. I'm willing to learn more whenever required.

Blog - https://blog.rewanthtammana.com/
Portfolio - https://rewanthtammana.com/

Brandon Lum · Answer 46 · Mon Dec 12 2022 16:49:38 GMT+0800 (China Standard Time)

@JudeSafo here's the meet link: meet.google.com/zpf-pfkj-ywd

Batuhan Apaydın · Answer 47 · Tue Dec 13 2022 02:24:38 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? Trendyol
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Neo4j
Cypher
GraphQL
Intoto
SPDX
CycloneDX
Others (fill in): Golang, Sigstore, SBOM, Tekton, Tekton Chains, SPIFFE, cosign, ko, Docker Buildx, Buildpacks, Kyverno, Flux, Helm, regclient, zot, OCI, Vault

Furkan Türkal · Answer 48 · Tue Dec 13 2022 15:48:23 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? Trendyol
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Brandon Lum · Answer 49 · Tue Dec 13 2022 20:36:53 GMT+0800 (China Standard Time)

Recording from the inaugural GUAC community meeting on 12 Dec (https://drive.google.com/file/d/1u1O6RSYeZT2w6u9jxeSj9X9Z1uqtD1Vn/view)

Hemil K · Answer 50 · Wed Dec 21 2022 02:52:41 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? Yahoo
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Hossein Siadati · Answer 51 · Fri Dec 23 2022 04:55:36 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Alfred Tom · Answer 52 · Fri Jan 06 2023 05:45:36 GMT+0800 (China Standard Time)

The distributed energy grid might be able to use this so I'd like to get involved. Two questions:

do I need to be a member of OpenSSF to join the Slack channel?
what/who is going to host the database that stores all this data?

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? Lumian.org and SunSpec.org
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Brandon Lum · Answer 53 · Fri Feb 03 2023 06:14:47 GMT+0800 (China Standard Time)

Hi fellow GUAC community members!

We have some exciting updates and announcements for the GUAC project!

Community Updates!

We are having our next community meeting on 16 February! This will be a monthly recurring meeting! Calendar Invite here (located under Communication in README)
We created a community mailing list! (located under Communication in README)

GUAC Beta v0.1

We have a GUAC Beta v0.1 planned coming up. Besides a deployable services, this also marks a milestone in the development of a GraphQL which will eventually mature to the v1.0 API. The GUAC Beta is planned for end of March.
We had the first maintainer summit since the initial formation of the project. The focus of the workshop was to discuss and get consensus on the open issues/design docs, as well as get some clarity around the proposed GUAC Beta v0.1. The summit notes are made available here (located under Additional References in README).

Lots of changes coming! Including some breaking ones!

During this transition to the new API, there will be a LOT of code refactors and breaking changes within the next 3 months of project development.
To ensure that folks can still try out the initial POC, we have created a tag for v0.0.1 to pin to the demo.
We understand that this will impact contributors that want to contribute code to the project, since there are many moving pieces during this time, there is a chance that certain files within will be refactored or deprecated. For those wanting to contribute, we encourage discussing with a maintainer through issues or slack about the topic first before picking up an issue or opening a PR!

Cheers
GUAC Maintainers

Brandon Lum · Answer 54 · Thu Feb 09 2023 00:22:35 GMT+0800 (China Standard Time)

@alftom

do I need to be a member of OpenSSF to join the Slack channel?

no, anyone can join it.

what/who is going to host the database that stores all this data?

for the attestations and the blob themselves this would be from the repo/storage that they reside in. For the graph DB, currently, we store the linkage and metadata in neo4j. However, this backend is extensible.

In terms of document storage, we have chatted about potentially have a collector that handles this for you (e.g. if you point it to a http endpoint, it will keep a copy of the documents it collects), and these are exposed through the SourceInformation field within the nodes/edges.

Would you mind creating a separate issue if you'd like further expansion so it will be better searchable! Thanks!

Dejan Bosanac · Answer 55 · Mon Feb 13 2023 16:48:24 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? Red Hat
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Kanchan Dhamane · Answer 56 · Fri Mar 10 2023 20:20:19 GMT+0800 (China Standard Time)

I am interested in contributing to:

Development
Documentation
Issue triage and community
Technical advisory (review governance document)

I am here because:

Personal interest
My company/orgs i work with are interested in this

What is your associated company/org if you're contributing in their capacity? _________
Depending on how things go, I may be interested in becoming a maintainer of the project

Yes

(optional) I have expertise in:

Parth Patel · Answer 57 · Fri Mar 10 2023 20:28:43 GMT+0800 (China Standard Time)

Hello everyone! Please join our slack channel: https://openssf.slack.com/archives/C03U677QD46. If you are interested or looking to contribute and can't find an issue to work on, please reach out to us and we will be happy to point you to issues that need tackling!

Brandon Lum · Answer 58 · Fri Apr 28 2023 23:35:04 GMT+0800 (China Standard Time)

Hi all! Now that we are close to our GUAC v0.1 beta launch (in a few weeks). Part of that is closing this issue! And pointing everyone over to the new contributing page that we've updated and fleshed out! So please do take a look there!

We have additional information on how to contribute and also a contributor ladder as well!