Welcome to the GUAC Update, a monthly review of what has happened in the GUAC community and what’s coming up. If you have feedback, please let us know. To include something in next month’s update, leave a comment in the issue.
The big news, of course, is that we released GUAC 1.0! This represents contributions from over 400 people representing more than 90 organizations including Kusari, Google, Purdue University, Microsoft, and Red Hat. Download GUAC v1.0 to get started!
Community
New contributors
- Gagan H R fixed an issue in GUAC Visualizer that prevented us from moving to Next 15+. (guac-visualizer#140)
- Ritesh Udgata contributed REST API documentation to the GUAC docs. (guac-docs#164)
- Emmanuel Ferdman fixed a CI warning in GUAC. (guac#2688)
Events
Several members of the GUAC community presented at Open Source Summit North America in Denver:
- Mihai Maruseac was part of a panel “Panel Discussion: Strengthening Software Supply Chains: Harmonizing SLSA Provenance and SPDX SBOM for Better Adoption”
- Brandt Keller presented “Enhancing Supply Chain Security: Integrating Zarf and GUAC for Seamless SBOM Generation and Delivery” at OpenSSF Community Day
- Mihai Maruseac presented “Taming the Wild West of ML: Practical Model Signing With Sigstore on Kaggle” at OpenSSF Community Day
Coming up
Some members of the GUAC community will be presenting at Open Source Summit and OpenSSF Community Day Europe in Amsterdam at the end of August. A detailed listing will be in next month’s GUAC update.
In addition, we’re working to finalize the legal necessities for welcoming the Trustify project under the GUAC umbrella. Stay tuned for details.
In the meantime, be sure to join us in the weekly Maintainer Meetings or on Slack to participate in the conversation.