Posts Tagged ‘technology’
AWS invests in strengthening open source infrastructure at the Eclipse Foundation
In our recent open letter and blog post on sustainable stewardship of open source infrastructure, we called on the industry to take a more active role in supporting the systems and services that drive today’s software innovation. Today, we’re excited to share a powerful example of what that kind of leadership looks like in action.
The Eclipse Foundation is pleased to announce that Amazon Web Services (AWS) has made a significant investment to strengthen the reliability, performance, and security of the open infrastructure that supports millions of developers around the world. This commitment will benefit multiple core services, including Open VSX Registry, the open source registry for Visual Studio Code extensions that powers AI-enabled development environments such as Kiro and other leading tools.
Sustaining the backbone of open source innovation
For more than two decades, the Eclipse Foundation has quietly maintained open infrastructure that forms the foundation of modern software creation for millions of software developers worldwide. Its privately hosted systems deliver more than 500 million downloads each month across services such as download.eclipse.org, the Eclipse Marketplace, and Open VSX. These platforms serve as the backbone for individuals, organisations, and communities that rely on open collaboration to build the technologies of the future.
AWS’s investment will help improve performance, reliability, and security across this infrastructure. The collaboration reflects a shared commitment to keeping open source systems resilient, transparent, and sustainable at global scale.
Open VSX: a model for sustainable open infrastructure
Open VSX is a vendor-neutral, open source (EPL-2.0) registry for Visual Studio Code extensions. It serves as the default registry for Kiro, Amazon’s AI IDE platform, and is relied upon by a growing global community of developers. The registry now hosts over 7,000 extensions from nearly 5,000 publishers and delivers in excess of 110 million downloads per month. As a leading registry serving developer communities worldwide, including JavaScript and AI development communities, Open VSX has become a vital piece of open source infrastructure that supports thousands of development teams worldwide.
By supporting Open VSX, AWS is helping to strengthen the foundations of this essential service and reinforcing the Eclipse Foundation’s ability to provide secure, reliable, and globally accessible infrastructure. Their contribution reflects the importance of collective investment in maintaining the resilience, openness, and security of the tools developers use every day.
This sponsorship highlights the shared responsibility that all organisations have in sustaining the technologies they depend on. It also sets a strong example of how industry leaders can contribute to ensuring that the services we all rely on remain trustworthy, scalable, and sustainable for the future.
Improving reliability, security, and trust
The AWS investment is helping strengthen security, ensuring fair access, and improving long-term service reliability. Ongoing work focuses on enhancing malware detection, improving traffic management, and expanding operational monitoring to ensure a stable and trusted experience for developers around the world.
As part of this collaboration, AWS is providing infrastructure and services that will improve availability, performance, and scalability across these systems. This support will accelerate key roadmap initiatives and help ensure that the platforms developers rely on remain secure, scalable, and trustworthy well into the future.
A shared commitment to open source sustainability
AWS’s contribution demonstrates how industry leaders can make strategic investments in sustaining the shared infrastructure their businesses depend on every day. By investing in the services that support open source development, AWS is helping to ensure that critical technologies remain open, reliable, and accessible to everyone.
The Eclipse Foundation continues to serve as an independent steward of open source infrastructure, maintaining the tools and systems that enable software innovation across industries. Together with supporters like AWS, we are building a stronger foundation for the future of open collaboration.
But this is only the beginning. The long-term health of open source infrastructure depends on collective action and shared responsibility. We encourage other organisations to follow AWS’s example and take an active role in sustaining the technologies that make modern development possible.
Learn how your organisation can make a difference through Eclipse Foundation membership or direct sponsorship opportunities. The future of open innovation depends on all of us; and together, we can keep it strong, secure, and sustainable.
The Cyber Resilience Act is Here
With the recent publication of the EU’s Cyber Resilience Act (CRA) in the EU official journal, a 3 year race now begins for compliance by the global technology industry. This legislation sets new cybersecurity requirements that manufacturers and the open source projects they rely upon must meet. The open source community via the Open Regulatory Compliance (ORC) Working Group, is working with numerous open source foundations, SMEs, and industry to establish processes to comply with this new regulatory landscape.
The Race to Compliance
The CRA defines clear targets and timelines, marking the start of a sustained compliance journey. This effort will require time, energy, and resources and the ORC Working Group is here to support the open source ecosystem. Our mission is to guide open source participants and adopters in aligning with CRA requirements through practical frameworks and expertise to support their regulatory journey from start to finish.
How the ORC Working Group Supports Open Source Compliance
The many foundations and other stakeholders which are members of the ORC Working Group are dedicated to guiding the open source community toward successful CRA compliance. Through active community engagement, we’re creating practical resources and adaptable frameworks that empower projects to meet regulatory standards, while preserving open source values. As a community, we have identified the following 4 pillars to guide this effort:
- Bridging the Knowledge Gap: The ORC Working Group prioritises education and training to empower the community with tools to adopt compliant development practices. By creating resources, like cyber resilience guidelines for example, and continuously updating them to align with emerging regulations, we simplify CRA compliance for open source maintainers, projects, communities, and foundations.
- Establishing Compliance Frameworks: We’re defining best practices, processes, and tools that can be translated into specifications addressing regulatory needs. These frameworks prioritise security and compliance for open source projects. Additionally, we will work with standardisation bodies to ensure that open source perspectives help shape global regulatory standards.
- Institutional Engagement: Collaboration with regulatory authorities is central to effective compliance. The ORC Working Group is committed to engaging with these institutions, gathering feedback, and supporting the adoption of community-driven compliance frameworks. This ensures our work aligns with both industry standards and regulatory expectations.
- Strengthening Community Support: Community engagement drives this effort. Through events, workshops, and comprehensive documentation, we keep members informed and prepared for CRA compliance. In the coming months, the ORC will launch additional guidance initiatives to ensure that the open source community is supported every step of the way.
Ultimately, the CRA provides the community and industry an opportunity to deliver more secure products while making open source more sustainable. It will be a new challenge for our community. However, by working together on practices and standards to facilitate compliance we will achieve its laudable goal: making the digital products that are so prevalent in our lives more secure.
Join the Effort
Joining ORC is your opportunity to contribute directly to a compliance strategy that not only upholds cybersecurity requirements but also supports ongoing open source innovation. Early involvement with the ORC Working Group offers a chance to contribute to the foundational compliance framework that will guide our community and influence how standards are implemented industry-wide. Join us in shaping how the CRA is implemented to set the open source community up for success under these new regulations.
Introducing Our Keynote Speakers at OCX 2024
As we approach the Open Community Experience (OCX), scheduled to take place from 22-24 October in Mainz, Germany, my anticipation and excitement continues to build. This event marks a new chapter for our community, with a fresh conference format that I believe will bring even more value to all of us. The focus on collocated events is something I’m particularly enthusiastic about, as it allows us to explore a broader range of topics including automotive and Java, while EclipseCon remains at the heart of this experience.
Whether you’re a regular EclipseCon attendee or joining us from one of the many communities that make up our “community of communities,” I look forward to connecting with you. For me, our flagship conference is more than just an event—it’s a yearly highlight where I get to reconnect with old friends, make new ones, and engage in the meaningful conversations that drive our collective work forward.
I’m honoured to be delivering the keynote on “The State of the Eclipse Foundation” this year. I’ll be sharing key updates, our vision for the future, and how we plan to continue driving innovation in the open source space. As we celebrate the Eclipse Foundation’s 20th anniversary, it’s a pivotal moment for us, and I’m excited to take you along on this journey.
But it’s not just me you’ll hear from. We’ve lined up a stellar group of keynote speakers, each bringing their unique expertise and deep expertise in their respective fields. Prepare to be inspired by some of the brightest minds in the industry:
- Haibo Chen from Huawei will deliver an exciting session titled “Empowering a Connected Intelligent World With OpenHarmony and Oniro.” This talk will explore how OpenHarmony and Oniro, both open source initiatives, are driving the connected intelligent future.
- Cédric Dumont, an extreme sports athlete and base-jumping pioneer, will provide the inspirational keynote “Scaling New Heights: Emerging trends in performance and leadership for thriving as a team in disruption.”
- Ruth Ikegah, an Open Source Program Manager, acclaimed speaker, and GitHub Star, will deliver her keynote “From Local Roots to Global Impact: Building an Inclusive Open Source Community in Africa.” Ruth will highlight how inclusivity fuels innovation and growth within the global open source community.
- Yann Lechelle from Probabl will take the stage with “Eyes Wide Open, AIs Wide Open – Or How to Remain in Control in the Age of AI,” exploring the big picture implications of compute, data, and machine learning, and how we can stay competitive while safeguarding the values that make us human.
- Sarah Novotny, a leading voice in open source, who has guided projects like Kubernetes, OpenTelemetry, NGINX, and MySQL, will present “We Build Software in the Open to Build Trust.” She’ll discuss the need for transparent and collaborative open source software development and its profound economic and societal impact.
- Leandro von Werra, from Hugging Face, will offer insights into the future of LLMs for code and how the BigCode project is paving the way for open and responsible AI-driven development at the session “BigCode: Building Open LLMs for Code”.
And that’s just the beginning. OCX 2024 is packed with sessions, workshops, and networking opportunities designed to spark innovation, collaboration, and growth. Whether you’re deeply involved in open source software or just beginning your journey, there’s something here for everyone.
I’m genuinely excited about what we’ll experience together at OCX 2024. This is our chance to come together, share our knowledge, and set the stage for the future of open source development. Don’t miss the opportunity to save by taking advantage of early bird pricing—register before 7 October 2024.
See you there!
Life at Eclipse 