sb-eu logo
Story image

GitHub launches fund to sponsor open source developers

24 May 2019

Open source is powering more software projects than ever – open source community GitHub says that 99% of new software projects rely on open source code, which demonstrates how open source is now at the forefront of technology development.

To support the next generation of open source, the company has announced a new donation-based initiative to help communities contribute to open source, and to support developers financially.

“The open source approach to software development, and the use of open source platforms across teams is becoming increasingly popular because it helps organisations speed up innovation and increase collaboration across all areas of a business, not just within tech teams,” says GitHub’s APAC vice president, Sam Hunt.

That initiative, called GitHub Sponsors, is a new way to financially support the developers who build the open source software people and organisations use every day.

It is designed to fund all work that advances open source software. Anyone who contributes to open source is eligible for sponsorship.

“Open source is the heart of GitHub. The developers who build our shared digital infrastructure are what make this community so strong,” writes GitHub’s Devon Zuegel in a blog. 

“As a thank you for these valuable contributions, GitHub Sponsors charges zero platform fees when you support the work of other developers. We’ll also cover payment processing fees for the first 12 months of the program to celebrate the launch. 100% of your sponsorship goes to the developer.”

GitHub supports donations in every country where it does business. It has also integrated sponsorship directly into workflows. Users can check out a developer’s profile or hover over their profile to sponsor their work. 

GitHub is launching the GitHub Sponsors Matching Fund to support the initiative. GitHub will match all contributions up to $5,000 during a developer’s first year in GitHub Sponsors.

GitHub has also announced enhanced security tools, as well as new features for GitHub Enterprise.

Enhanced security tools include partnerships and features designed to help developers secure code.

  • GitHub has acquired and integrated Dependabot into its platform.With the help of Dependabot, GitHub will monitor dependencies for known security vulnerabilities and automatically open pull requests to update them to the minimum required version.
  • Security vulnerability alerts now with WhiteSource data: a new partnership with WhiteSource data broadens GitHub’s coverage of potential security vulnerabilities in open source projects and provides increased detail to assess and remediate vulnerabilities.
  • Token scanning is now generally available and supports more token formats including those from Alibaba Cloud, Mailgun, and Twilio to make sure accidental check-ins don’t turn into data breaches.

GitHub Enterprise has added improvements, including more granular administrative controls and flexibility for interconnected organisations (operating on GitHub.com and via a private GitHub Enterprise environment).

GitHub Enterprise developers can now easily implement internal repositories, allowing companies to easily adopt innersourcing principles. Other additions include new roles and permissions for maintainers and administrators to have greater access controls.

Story image
Kaseya acquires RocketCyber to bring SOC solutions to more businesses
"With this acquisition, we've doubled down on our security investments to provide our customers with access to experts who can continuously monitoring their IT environments without the cost and complexity of disparate tools.”More
Link image
Why strong authentication is passwordless in 2021
Passwordless authentication is not only good practice, it is also increasingly becoming a regulated standard. Here's why robust solutions, like True Passwordless Authentication, are the way of the future.More
Story image
Check Point launches security gateways to protect SMBs against threats
The range of six gateways sets new standards of protection against the most advanced cyber attacks for SMBs, giving greater ease of deployment and management.More
Story image
Latest Tenable launch provides holistic approach to vulnerability management
Tenable.ep is reportedly the industry’s first, all-in-one, risk-based vulnerability management platform designed to scale as dynamic compute requirements change.More
Story image
Organisations investing significant time modifying web application firewalls to keep ahead of cybersecurity threats
"The sheer amount of traffic and potential threats can ensnare resources and impact the ability to introduce greater precision to those key systems."More
Story image
CIOs massively underestimate Secure Shell risks - study
While CIOs say they are concerned about the security risks SSH machine identities pose, Venafi data indicates they seriously underestimate the scope of these risks. More