Quick Start for New Sovereign Tech Fund Activities to Strengthen JavaScript

In May this year, the OpenJS Foundation announced the largest one-time government support investment ever to a Linux Foundation project.

The Sovereign Tech Fund, financed by the German Federal Ministry for Economic Affairs and Climate Action, is providing the OpenJS Foundation with EUR €875,000 (USD $902,000) in government funding to strengthen JavaScript infrastructure and security.

We’re off to a quick start!  

In 2023 Q2, our main challenge was to quickly establish a cross-functional project within the Linux Foundation with enough resources and processes in place to complete the Q2 deliverables. It was also imperative to communicate with our projects to create momentum for the work. 

In a condensed Q2, we ramped up quickly and briefed our worldwide stakeholders including our JavaScript projects top maintainers and contributors in their security, build and release teams. Approximately one-third of our projects immediately signed on to participate in the program. And we’ve completed initial surveys on infrastructure and security with these projects. 

As a result of this early momentum, we are well-positioned to accomplish our Q3 goals.

Program Management Key Accomplishments

• Core JavaScript project team and stakeholders identified and onboarded
• All Project Management program components created including: task tracking, recurring meetings, project inventory, reporting templates and communication channels
• Financial framework for tracking and reporting implemented with Linux Foundation CFO
• Project briefing deck created, and four multi-project onboarding meetings were held to accommodate schedules and timezones. 1:1 briefings were held for others

Infrastructure Key Accomplishments

• Project inventory form developed and sent to projects
• Analysis of inventory responses completed
• Proposed solutions ready for internal review
• “Project completion” defined

Security Key Accomplishments

• Hired and onboarded security engineer
• Selected audit and training vendor
• Inventory and initial analysis completed for project audit priorities
• Prioritized list of projects socialized with Security Collab Space
• Scope of Badge Program and Secure Releases/CVE management defined

We believe we are off to a great start. There’s much more work to be done. If you are involved in open source software development and are interested in finding out more information about our efforts, please feel free to contact us at info@openjsf.org.