Applicants could receive up to €300,000 from the STF to explore new solutions and focus on implementing them over a four-month period. Our goal is to uncover, together with FOSS communities, the best ways to strengthen the ecosystem in three areas:
1. Improving FOSS Developer Tooling
2. Securing FOSS Software Production
3. FOSS Infrastructure Documentation
The STF focuses on long-term sustainability, maintenance, and security. For the Contribute Back Challenges program, we’ve borrowed a funding and procurement mechanism commonly used in Germany for what are known as “innovation competitions” to find new, faster ways to invest in the FOSS ecosystem. The advantage of adapting the competition format for this special program is that we were able to act quickly and streamline the application, selection, and contractual process. In less than two months from the application deadline, the selected projects were able to start work!
By structuring the Contribute Back Challenges this way, the STF is also highlighting pressing issues in the open source ecosystem, and engaging FOSS communities in the development and exploration of different ways to address these problems. The participants receive support to focus on advancing and refining their proposed solutions, and share what they have learned with the STF and the wider community. This approach will eventually lead to the development of more and better long-term solutions.
Overall, the STF received 70 Contribute Back Challenges applications from 20 countries, proposing a total of 9.8m€ of work. After a multi-stage evaluation process, reviewing applications on Criticality, Maturity, Sustainability, Benefit for the Public, and Feasibility, we’re thrilled to share the selected applications.
Here are the nine projects selected for the first round of the STF Contribute Back Challenges, who will receive a total of €1,363,600 for their work on FOSS developer tooling, securing software production, and documentation.
conda-store is an open source tool for managing data science environments in collaborative teams. It provides flexible yet reproducible environments while enforcing best practices throughout an environment’s life cycle. Integrating conda-store into the conda ecosystem, adding multi-platform support, and improving maintenance and contribution workflows advance the long-term sustainability and accessibility of these essential resources for the broader Python community.
Cabal is the build system and package manager for the Haskell programming language. Creating maintainable architecture for Cabal and streamlining its build system strengthens the Haskell language ecosystem.
Open Web Docs
Open Web Docs helps to maintain open web documentation and the tools that support this documentation. By documenting accurate compatibility data for web technologies, web developers can more easily create websites that are compatible with many different web browsers.
Nix ecosystem supply chain security
Nix is an open source build system, configuration management system, and mechanism for deploying software, focused on reproducibility. With Nixpkgs and NixOS it supports the largest, most up-to-date free software repository in the world. Reinforcing the project’s security framework across the full software development life cycle provides safer defaults for users and eases industry adoption.
Securing Apache Airflow
Apache Airflow is a top-level Apache project and a pivotal component in the Python ecosystem. It is the go-to solution for workflow orchestration, enabling data scientists and engineers to schedule and execute complex data pipelines. Enhancing its security model will provide a safe, state-of-the-art workflow orchestration tool.
Rusty SBOMs / CycloneDX Module for Rust (Cargo)
For the Rust ecosystem and the CycloneDX standard, the cyclonedx-rust-cargo project is emerging as the standard for creating Software Bill of Materials (SBOMs). This project enhances software production security in the Rust ecosystem by contributing to the production-readiness of this common Software Bill of Materials generator.
OpenPGP documentation for application developers
OpenPGP serves as a building block for secure personal communication, including in email and messaging software. This project provides OpenPGP documentation for application developers, for the upcoming "OpenPGP crypto-refresh" version of the standard.
p5.js Documentation Organization & Accessibility