The Linux Foundation Projects
Skip to main content

GRANT RECIPIENTS

Grant recipients provide monthly updates through the public GitHub repository.

VIEW THEIR PROGRESS

2024 ALPHA GRANT RECIPIENTS

FreeBSD

FreeBSD–the operating system and the global community that develops it–has a reputation gained over 30 years for reliability, stability, and security. The focus will be on two projects: a Code Audit of up to two key subsystems and a development
Process Audit.

Node.js

As an asynchronous event-driven JavaScript runtime, Node.js is designed to build scalable network applications.

OpenRefactory

A scope focusing on Python projects. OpenRefactory will collect the top 10,000 projects from PyPI based on the number of downloads over the last year. In
addition, generating attestations, and working with Python Software Foundation to create a mechanism that end users can consume the results.

Ruby Central

RubyGems is the package management system for the Ruby programming language, used by every Ruby developer and company to create, share, and use gems (Ruby packages). The focus is to improve security for the Ruby language package ecosystem.

2023 ALPHA GRANT RECIPIENTS

Eclipse Foundation

The Eclipse Foundation is the leading open source foundation in the Java ecosystem, in addition to hosting significant projects in other areas such as developer tools, IoT/edge and automotive.

In 2022 The Eclipse Foundation was granted $400,000 for the purpose of automation and implementation of security best practices to its hosted projects.

VIEW PROGRESS

Node.js

As an asynchronous event-driven JavaScript runtime, Node.js is designed to build scalable network applications.

In 2022 Node.js was granted $275,000 for the purpose of implementing a Security Support Role.

VIEW PROGRESS

OpenRefactory

The mission of OpenRefactory is to use artificial intelligence to verify that digital systems are free of critical bugs and vulnerabilities that expose organizations to significant financial and reputational risk.

In 2023 OpenRefactory was granted $50,000 for the purpose of reporting security vulnerabilities at scale in open source projects and work with the maintainers to get the vulnerabilities fixed

VIEW PROGRESS

Prossimo

The mission of the  Prossimo project is, which focuses on bringing memory safety to critical open source infrastructure

In 2023 ISRG was granted $530,000 for the purpose of moving the most critical software on the Internet to memory safe code.

VIEW PROGRESS

OpenSSL

OpenSSL is a globally distributed cryptography library touching nearly every industry in the world.

In 2023 OpenSSL was granted $127,000 for the purpose of assessments that will be performed by teams of Trail of Bits security consultants for a total of eight engineer-weeks of effort. The secure code review, including fuzzing enhancements, will be performed over a four calendar-week period, for a total of eight engineer-weeks.

VIEW PROGRESS

Homebrew

Homebrew is the predominant package manager for macOS, with millions of daily users and hundreds of active contributors. Homebrew is also widely used on Linux and preinstalled on GitHub Actions’ hosted runners.

The goal of this project is to add province and package signing to the ecosystem.

VIEW PROGRESS

2022 ALPHA GRANT RECIPIENTS

Eclipse Foundation

The Eclipse Foundation is the leading open source foundation in the Java ecosystem, in addition to hosting significant projects in other areas such as developer tools, IoT/edge and automotive.

In 2022 The Eclipse Foundation was granted $550,000 for the purpose of automation and implementation of security best practices to its hosted projects.

VIEW PROGRESS

jQuery

jQuery is a fast, small, and feature-rich JavaScript library. It makes things like HTML document traversal and manipulation, event handling, animation, and Ajax much simpler with an easy-to-use API that works across a multitude of browsers. With a combination of versatility and extensibility, jQuery has changed the way that millions of people write JavaScript.

In 2022 JQuery was granted $350,000 for the purpose of securing the consumer web, reducing potential security incidents for jQuery by modernizing its consumers and its code.

VIEW PROGRESS

Node.js

As an asynchronous event-driven JavaScript runtime, Node.js is designed to build scalable network applications.

In 2022 Node.js was granted $300,000 for the purpose of implementing a Security Support Role.

Python Software Foundation

The mission of the Python Software Foundation is to promote, protect, and advance the Python programming language, and to support and facilitate the growth of a diverse and international community of Python programmers.

In 2022 Python was granted $400,000 for the purpose of funding a security audit and the creation of a new Security Developer-in-Residence role.

Rust Foundation

Rust is a multi-paradigm, high-level, general-purpose programming language. Rust emphasizes performance, type safety, and concurrency.

In 2022 Rust was granted $460,000 for the purpose of facilitating collaborative work with corporate participants for the benefit of the whole Rust ecosystem.

VIEW PROGRESS