Community Resources
Open Source Community Highlights

Heralding a new way to improve contact tracing
Herald is an open source Bluetooth protocol, intended to improve the accuracy and efficacy of contact tracing. According to Adam Fowler, Herald’s maintainer, the utlimate goal is to make digital contact tracing so reliable that it negates the need for geographical lockdowns. Find out how a train to London made it all possible.

Musings on Software Supply Chain Security
There’s a class of security compromise or exploit commonly refered to as “remote root.” This is the worst kind of security flaw possible for it allows somebody, anybody to execute arbitrary code on your computer with elevated privileges. And yet, it's something that developers frequently use without thinking: the SUDO command. Is there another option? Tim Pepper proposes some options.

BuildKit CLI for kubectl
Here's a new open source Kubernetes CLI plugin for building container (OCI) images. This CLI, optimized for developers, implements a familiar UX within kubectl and uses an open source component called BuildKit to build Dockerfiles into images directly inside your Kubernetes cluster. Daniel Hiltgen gives us a tour.

History of Open Source and Free Software
Listen to a lively discussion featuring VMware's Chief Open Source Officer, Dirk Hohndel, as he talks about why anyone pursues open source and what it means to you. Go beneath the surface of the words "open source" and hear about the vision and ideology behind the movement and its history. Find out where it's headed tomorrow.

Navigating Open Source Risk
Nearly all modern software is based on open source - whether it's a small component or a provides significant feature or function. But before you adopt any open source code, assess the risk. In this blog series, Dawn Foster explains the different types of risk present in open source and how to manage it.

5 Steps to Finding Your Open Source Flow
The universe of open source is vast - with millions of projects, thousand of communities and infinite possibilities to get involved. So, how do you start? First - don't be intimidated, instead be curious! In this blog post, Program Manager Stefka Dimitrova gives you five steps towards finding your place in open source.
Featured VMware Originated Open Source Projects

Spring
Spring makes programming Java quicker, easier, and safer for everybody. Spring’s focus on speed, simplicity, and productivity has made it the world's most popular Java framework.
From configuration to security, web apps to big data—whatever the infrastructure needs of your application may be, there is a Spring Project to help you build it. Start small and use just what you need—Spring is modular by design.

Herald
Herald provides reliable Bluetooth communication and range finding across a wide range of mobile devices, wearables, and beacons enabling Contact Tracing and other applications to have regular and accurate information making them highly effective.
- Project Herald Joins LFPH to Add Non-GAEN Option for Exposure Notification Technologies
- From Idea to Open Source: A Journey of Innovation with Project Herald
- Why Herald exists, how to get the code, and how to integrate Herald in to your mobile app.
- COVIDSafe captures close contacts with the new Herald Protocol
- Herald on GitHub

Harbor
Harbor is an open source container image registry that secures images with role-based access control, scans images for vulnerabilities, and signs images as trusted.
- Harbor
- Harbor on GitHub
- Harbor Delivers a Trusted Cloud Native Registry
- Key Enterprise Features
- Harbor 2.0 Takes a giant leap in expanding supported artifacts with OCI support
- Collaborative Leadership: Transparency and Governance Beyond Company Affiliation
- Harbor is Extending its Reach with Distribution Features and Machine Learning

Tern
Tern gives you a deeper understanding of your container's bill of materials so you can make better decisions about your container based infrastructure, integration and deployment strategies. It's also a good tool if you are curious about the contents of the container images you have built.

RabbitMQ
RabbitMQ is the most widely deployed open source message broker and supports multiple messaging protocols. Lightweight and easy to deploy either on premises or in the cloud. RabbitMQ supports both distributed and federated configurations to meet high-scale, high-availability requirements.

Antrea
Antrea is an open source networking and security project for Kubernetes clusters. The project is designed using Kubernetes architecture and technologies from the ground up and aims to provide an open, flexible and performant networking and security solution for Kubernetes with a focus on operations and scale.

Pinniped
Pinniped is an authentication service for Kubernetes clusters. It’s simple, frictionless, and seamless and can be easily installed on most Kubernetes clusters.
- Pinniped: A Seal of Approval
- https://github.com/vmware-tanzu/pinniped
- Pinniped v0.5.0 release
- Diving Deep into Pinniped's Architecture
- Install and Try Pinniped

Octant
Octant is an open source developer-centric web interface for Kubernetes that lets you inspect a Kubernetes cluster and its applications.
Foundation Memberships

Linux Foundation
The Linux Foundation enables companies to drive global innovation by growing open technology ecosystems that transform industries.

Cloud Native Computing Foundation
Building sustainable ecosystems for cloud native software

Cloud Foundry Foundation
Founded to sustain the development, promotion and adoption of Cloud Foundry as the industry standard for delivering the best developer experience

Eclipse Foundation
Provides a global community with a mature, scalable, and business-friendly environment for open source software collaboration.

LF Data & AI
Supports and fosters open source innovation in artificial intelligence, machine learning, deep learning, and data.

FinOps
Advancing the discipline of FinOps and cloud financial management through best practices, education and standards.

LF Networking
Fostering collaboration and innovation across the entire open networking stack

Core Infrastructure Initiative
Funds and supports critical open source elements of the global information infrastructure.

OpenSSF
A cross-industry collaboration that gathers leaders to improve the security of open source software (OSS) by building a broader community, targeted initiatives, and best practices.

Open Container Initiative
Supports and maintains the creation of open industry standards around container formats and runtime.

LF Confidential Computing Consortium
Collaboration of hardware vendors, cloud providers, and software developers to accelerate the adoption of Trusted Execution Environment (TEE) technologies and standards

Open Infrastructure Foundation
Supports the development and adoption of open infrastructure globally by hosting open source projects and communities of practice.

Let's Encrypt
A free, automated, and open certificate authority (CA), run for public benefit.

Automated Compliance Tooling Project
Support development of open source tooling to enable license compliance, security, export control, pedigree and provenance workflow.

Software Heritage Foundation
Preserves software source code for present and future generations