Event

Recent years have seen an increase in stress and pressure resulting from both actor and non-actor harms due to the pivot in how we manage our OSS communities in digital spaces. To better equip the broader OSS community with how to document, detect, and handle these issues we need to threat model and abusability test common governance and community frameworks and publish relevant guidance.

In this session, we are starting with Phase 1: building communication norms. This is because the work that follows carries inherent risk as we identify, research, and model these frameworks. We'll also publish our recommended communications practices regarding sensitive information in open source.

Github: https://github.com/nivenly/securing-open-source-communities-wg/

Presentation @ 11:00 Day 4: https://events.ccc.de/congress/2025/hub/event/detail/how-to-keep-open-source-open-without-leaving-our-communities-open-to-threats