07-11, 17:45–18:40 (US/Pacific), Room 317
In the open-source community, the security of software packages is a critical concern since it constitutes a significant portion of the global digital infrastructure. This BoF session will focus on the supply chain security of open-source software in scientific computing. We aim to bring together maintainers and contributors of scientific Python packages to discuss current security practices, identify common vulnerabilities, and explore tools and strategies to enhance the security of the ecosystem. Join us to share your experiences, challenges, and ideas on fortifying our open-source projects against potential threats and ensuring the integrity of scientific research.
Juanita Gomez is a Ph.D. candidate in Computer Science at UC Santa Cruz, where her research focuses on improving the security of scientific open source software in collaboration with the Open Source Program Office (OSPO) at UCSC. She is a passionate programmer, mathematician, and open-source advocate, former developer of Spyder IDE at Quansight and current community leader for the Scientific Python project, a community effort to better coordinate and support scientific Python libraries.