Take the 2024 State of Open Standards survey today! START SURVEY

Search

    Join
    3 MIN READ

    Update from the LFX Development Team

    Shubhra Kar | 14 April 2020

    The world runs on open source, and projects need more than a version or source control system to scale

    The Linux Foundation has evolved a proven methodology to transform projects into category leaders. LFX operationalizes this approach, providing a suite of tools built to facilitate every aspect of open source development.

    Critical projects must have their finger on the pulse of their entire developer ecosystem, with tools tailored to key stakeholders driving project development, including maintainers, contributors, community managers, marketers, and more.

    LFX Crowdfunding

    Since inception, the funding platform has helped projects raise a total of $475K+ from 23 corporate and 355 individual sponsors and disbursed a total of ~$74K to contributors in various categories like projects and mentorships. Acceptance of projects on this platform is selective and prioritized for high impact (based on downstream dependencies, GitHub stars, forks, contributors) but underfunded projects. To apply your project for consideration or to support projects you use actively as an individual or corporate sponsor, please visit the LFX website.

    LFX EasyCLA

    EasyCLA is the only solution in the community which effectively manages both individual and corporate CLA agreements. Since inception, EasyCLA has made CLA management a breeze for 19 open source projects.

    Projects
    Using EasyCLA    		 Repositories
    Authorized    		 Total signed
    CLAs     		 CLA Managers Companies
    Signing CLAs
    19 872 13,947 1009 746

    To learn more about how EasyCLA works or try onboarding your project, please visit LFX EasyCLA website.

    LFX Security

    LFX Securit enables open source developers to move quickly and securely by automatically finding vulnerabilities in the code and suggesting remediation techniques. The LFX development team has collaborated with Snyk.io and other security partners to provide visibility into the security loopholes that get injected over time into the code base. This is how it works:

    • Vulnerability scans run daily on project repositories in GitHub or Git
    • Manifest files are deconstructed to determine the entire dependency chain of the project including transitive dependencies.
    • Issues detected are evaluated against the National Vulnerability Database (NVD) and security experts in the community.
    • Known CVEs and CWEs are linked to the issues if present.
    • Evidence of how to replicate the issue based on community artifacts like hacker reports, GitHub reports, Whitepapers etc are attached.
    • Remediation techniques and potential fixes are also suggested to the users.

    We recently started onboarding all Linux Foundation projects on this service and have started publishing vulnerability reports for maintainers to analyze and act on.

    LFX Mentorship

    LFX Mentorship helps you increase the number and diversity of developers contributing to your project by providing mentorships and internships. It is in essence a  matchmaking service which lets you:

    • Attract mentees by providing referrals to top companies committed to interviewing your candidates
    • Incentivize participation by offering free training, industry event passes and certifications
    • Expand your community of talented, diverse, and committed developers by offering paid internships with matching diversity grants
    • Attract funding, mentors, and mentees when you are listed on the mentorship leaderboard

    Since our launch last summer, the mentorship platform supported 12 projects with mentorships. 27 Mentees were selected from 750 Applicants and used the platform to get stipends. 128 potential Mentors applied and 52 Mentors were selected and onboarded onto the platform. To learn more about mentorships, or to enroll your project, please visit the LFX Mentorship website.
    Similar Articles
    Browse Categories

    2023 Compliance and Security Cloud Computing Projects Linux How-To Diversity & Inclusion Open Source Open Source Best Practices 2022 Training and Certification Cross Technology LF Research 2024 Newsletter LFX AI Legal Linux Foundation Research Topic: Data Blog Linux Networking and Edge cybersecurity Cloud Native Computing Foundation Data Governance LF Energy Open Mainframe Open Models OpenChain System Administration Topic: Security Topic: Sustainability eBPF generative AI human capital kernel license compliance maintainer openssf techtalentsurvey

    Stay Connected with the Linux Foundation