1、Annual Report 2022Leadership in Security and Innovationwww.linuxfoundation.orgA note about the images in this Annual Report:All images in this book are sourced from Linux Foundation Flickr,Unsplash,Pexels,and Stocksnap.All icons used within are from The Noun Project.PHOTO BY HAMANN LA:PEXELSContents

2、Security,innovation,and impact:A message from our Executive Director .52022 in numbers.5Growing the global impact of open source.5Exceeding industry standards in diversity and inclusion.7Facing the challenges ahead:Cybersecurity and techno-nationalism.7Enabling innovation and security at the Linux F

3、oundation.9Linux Foundation Board of Directors.11Thank you to our members .12Linux Foundation members.13Platinum members.13Gold members.13Silver members.14In memoriam:Shubhra Kar.22Serving over 986 open source project communities.23Innovation with an evolving Linux kernel.24Fostering growth,quality,

4、and velocity.25CELEBRATING THE INNOVATORS 26Innovation with a global impact .27Saving wildlife:Peace Parks Foundation and OpenJS Foundation.27OpenCollar animal tracking and the Zephyr real-time operating system.27Data modeling for climate change:OS-Climate.28Open charging for electric vehicles:EVere

5、st(LF Energy).28Mine-to-manufacturer traceability of a conflict mineral:Circulor (Hyperledger Foundation member).28Employee and student health v erification:Cardea .29Improving network access for underserved communities:Magma.29Securing open source software:OpenSSF.29Welcoming the PyTorch Foundation

6、.30Investing in European innovation:The launch of Linux Foundation Europe .31OpenWallet Foundation:Advancing interoperability in digital wallets .33Sylva.34SOFTWARE SUPPLY CHAIN SECURITY 35Engaging the public sector on open source software worldwide.36OpenSSF.372022 highlights.37Software Package Dat

7、a Exchange(SPDX).41Related security activities at the Linux Foundation.42Internet Security Research Group(ISRG).42LF RESEARCH:MEASURING THE IMPACT OF OPEN SOURCE INNOVATION 432022:A year of insights.44Focusing on people:Maintainership and mentorship.44Focusing on priority issues:Core research projec

8、ts .45People-powered innovation within industry verticals.46Focusing on technology trends:Research from Linux Foundation projects.47LFX 48MENTORSHIP AND DIVERSITY 51LFX Mentorship .52Mentorship and Events.53Diversity,equity,and inclusion efforts.55Grace Hopper Conference.55Open Hardware Diversity Al

9、liance.57Open Mainframe Project diversity efforts.57INVESTING IN TRAINING AND CERTIFICATION 58Leveraging learning to support talent acquisition and retention.59New courses in 2022 .60Certifications and credentials.61Scholarships .6110th Annual Jobs Report summary of findings.61EVENTS 62Returning to

10、our global community.63Looking forward to 2023.64INNOVATION IN TELECOMMUNICATIONS AND THE EDGE 65Open source networking:Reshaping global connectivity for five years and counting .665G Super Blueprints:Enabling integrated,accelerated cross-stack 5G use case deployments .67Edge and IoT now mandating o

11、pen source frameworks:A market four times the size of cloud computing.68U.S.GOV OPS.69Nephio.70SONiC.70DPDK.70Magma.71eBPF.71ORAN-SC .71DENT.71INNOVATION IN WEB,CLOUD,AND DEVOPS 72OpenJS Foundation.73Bringing JavaScript users together through diversity among people and projects .75Cloud Native Compu

12、ting Foundation.76Contributor-led innovation.76Humanizing security.76Building the road ahead .77Continuous Delivery Foundation .78COMMUNITIES BUILDING OPEN SOURCE BEST PRACTICES 80TODO Group(open source program offices).81OSPO educational publications .82FinOps Foundation:Advancing how organizations

13、 understand and value cloud usage.83Gathering and inspiring FinOps practitioners from all types of organizations globally.83Increasing investments into our thriving community.84Building upon our innovative momentum into 2023 and beyond.85INNOVATION IN ENTERTAINMENT 86Academy Software Foundation.87Op

14、en 3D Foundation and Open 3D Engine.89MAKING AN IMPACT ON PEOPLE AND THE PLANET 92LF Energy.93OS-Climate.96Green Software Foundation(GSF).99AgStack.99OpenTreatments and RareCamp .100Linux Foundation Public Health.101Hyperledger Foundation.102Climate change initiatives.102INNOVATING WITH HARDWARE,EMB

15、EDDED,DEPENDABLE,AND IOT SYSTEMS 103RISC-V International.104OpenPower.106CHIPS Alliance.107Open Programmable Infrastructure(OPI).109Automotive Grade Linux .110AGL Unified Code Base.110Software Defined Vehicle.111Trust over IP Foundation .112Confidential Computing Consortium.113ELISA.113Yocto Project

16、.114seL4.114Zephyr.115Open Mainframe Project.116Civil Infrastructure Platform.117Dronecode.117Open Voice Network.118INNOVATION IN OPEN STANDARDS 119Standards and specification development .120LF Energy Carbon Data Specification Consortium .121LF Energy Super Advanced Meter .121Open19.122Quantum Inte

17、rmediate Representation.122Alliance for Open Media .123The Coalition for Content Provenance and Authenticity.123OpenAPI Specification .124Uptane .124GraphQL .124R Consortium.125UNIFIED PATENTS OPEN SOURCE ZONE 126INNOVATING WITH ARTIFICIAL INTELLIGENCE,MACHINE LEARNING,DATA,BLOCKCHAIN,AND FINANCIAL

18、SERVICES 128Creating communities with the LF AI&Data Foundation.129LF AI&Data by the numbers.130Delta Lake.130OpenHPC.132Hyperledger Foundation.132openIDL .133FINOS.134Maintainer highlights.136FINANCIAL TRANSPARENCY 137Revenue.138Expenditures.138Profile of the Linux Foundation.139Linux Foundation ar

19、ound the world.139Security,innovation,and impact:A message from our Executive Director The year 2022 was successful for both open source and the Linux Foundation,despite economic headwinds.Our success during a year of many challenges is a tribute to you,our member supporters.You stuck with us and ev

20、en increased your commitments.Thank you.I also want to credit the hundreds of thousands of project contributors who run our projects and the hard work and diligence of the Linux Foundations talented employees.Kudos all around.2022 in numbersIn 2022,we continued to demonstrate strong growth across al

21、l metrics.We added 79 new projects and shipped 52.6 million lines of code weekly across more than 12,000 repositories.The Linux Foundation is now the leading player in the open standards space,with over 200 open standards efforts across numerous industries.Further,open source users downloaded 12.6 b

22、illion containers,and we saw a strong bounce back for in-person activities.We gathered over 92,000 people from 176 countries and over 12,000 organizations at 230 official events,setting a new attendance record.Lastly,we convened over 29,000 community meetings.During 2022,over 2.7 million people rece

23、ived training and certifications from the Linux Foundation,with over 10,000 people signing up for our free open source security training course on release day.We will continue to develop the research and insights field,with Linux Foundation Research releasing 15 unique reports in 2022.Financially,we

24、 are more stable than ever beforerevenues continue to increase,yet no single member company represents more than 1%of our total revenues.In 2022,we set a new membership record,with over 3,000 organizations proudly posting their logos on our site.Growing the global impact of open sourceThe Linux Foun

25、dation aims to have an impact on the world around us.Each year,we ask ourselves:Are we moving the needle?In 2022,the answer was a resounding yes.Heres a simple thought exercise.There are currently 605,000 technical contributors working on our projects.Based on the global averages of programmer salar

26、ies,that amounts to a$26 billion contribution in developer hours in 2022.This is arguably a low estimate.The salary budgets of the R&D arms of major technology companies,which produce far less code,are in the tens of billions of dollars a year.It is not an 5LINUX FOUNDATION ANNUAL REPORT 2022exagger

27、ation to say that contributors to Linux Foundation projects,and open source in general,comprise the largest distributed engineering workforce globally by orders of magnitude.We can do anything we put our minds to by working together and collaborating under the auspices of a neutral foundation.The co

28、de we develop in our projects touches billions of lives and makes the planet safer,cleaner,more just,and more prosperous.In October,PyTorch joined the Linux Foundation.PyTorch is one of the fastest-growing open source projects in the world today,and more than half of the worlds artificial intelligen

29、ce and machine learning applica-tions depend on its framework.PyTorch is the foundation of models for predicting diseases,directing autonomous vehicles,and creating new medicines.Ensuring that a project like PyTorch lives in a neutral home where all can benefit equally is a big deal.RISC-V is now th

30、e worlds fast-est-growing semiconductor chip instruction set architec-ture(ISA).It was a small project when it first came to the Linux Foundation in 2018.Today,RISC-V is on track to be the top ISA for 80 billion computer cores by 2025.We are seeing an explosion of RISC-V designs across many applicat

31、ions,including IoT,aerospace,automotive,mobile devices,and datacenter hardware.When the U.S.Cyber Safety Review Board(the equivalent of the U.S.Transportation Safety Board)released its official review of the Log4J event,nine of the 19 recommendations came directly from OpenSSFs Open Source Software

32、Security Mobilization Plan.Over 60%of the worlds top-grossing films in 2022 used open source software stewarded by the Academy Software Foundation,which allows the creative industries to share the costs of creating foundational tools for special and visual effects.LF Energy and its SOGNO Project mem

33、bers in Germany,Greece,Ireland,Italy,and Romania are improving power delivery effi-ciency.Considering the skyrock-eting energy prices in Europe,SOGNO demonstrates the critical importance of open source for tackling transnational challenges that affect citizens lives.We are partnering to monitor live

34、stock movements through the Open Collar Initiative,an open hardware project built with code housed in the OpenJS Foundation and using IoT code from the Zephyr Project.The Peace Parks Project uses open source software to fight poach-ers in South Africa.The OS Climate project is pio-neering efforts to

35、 create soft-ware standards and mechanisms for efficient inventories and common definitions of carbon emissions and offsets,laying the foundation for better carbon tracking and trading platforms.“Ensuring that a project like PyTorch lives in a neutral home where all can benefit equally is a big deal

36、.”6LINUX FOUNDATION ANNUAL REPORT 2022These impacts add to the growing influence of open source code and ecosystems housed in the Linux Foundation.Although Linux is now the dominant operating system on the planet,the Linux Foundation is much more than Linux.From supercomputers to tiny IoT devices,An

37、droid phones to automobiles,and space satellites to more than 1 million drones,the world increasingly runs on open source.Open source adoption will only accelerate and spread.Exceeding industry standards in diversity and inclusionWe accomplished all this while delivering on our promise of prioritizi

38、ng diversity and inclusion.At the Linux Foundation,women hold 32%of executive roles.Thats roughly triple the average at technology companies.On key project boards,women comprise 28%of members,which is double the percentage found on corporate boards in tech.Moreover,more than half of our employees ar

39、e female,which is roughly 20%more than the tech industry writ large.Mentorship is one of the most effective tools for accelerating diversity.The LFX Mentorship program works with more than 240 open source developers,including 30 new kernel developers.In 2022,20%of mentorship applicants were women,an

40、d 70%were from lower middle-or working-class economic backgrounds.During the past year,we provided over$1 million in travel funding to 289 people from underrepresented communities,246 maintainers and students,104 diversity registration scholarships,and 65 needs-based registration scholarships to att

41、end career-changing events.Beyond the numbers,we continued advancing programs and technologies to foster even greater levels of diversity,equity,and inclusion(DEI).Our events team rolled out comprehensive DEI policies for all Linux Foundation events,including free childcare,nursing rooms,and all-gen

42、der restrooms.Many of our projects participated in the Grace Hopper Celebration to encourage minorities,women,and nonbinary people to join and contribute to free and open source software projects.Today,all our large projects have ongoing diversity initiatives.A notable example is the Inclusive Namin

43、g Initiative,which provides guidance on inclusive language best practices and specific word choices.The Software Developer Diversity and Inclusion(SDDI)Project and the Diversity Empowerment Summit are popular and growing.We are also looking to instantiate diversity through code.The Five-Fifths Voter

44、 Project,part of the Call for Code for Racial Justice,is an application that aims to combat voter suppression.Facing the challenges ahead:Cybersecurity and techno-nationalismIn 2022,we witnessed the emergence of cybersecurity and techno-nationalism as the key challenges to the ongoing growth and ado

45、ption of open source.In cybersecurity,the imperative of securing the open source supply chain and providing assurances“We accomplished all this while delivering on our promise of prioritizing diversity and inclusion.At the Linux Foundation,women hold 32%of executive roles.Thats roughly triple the av

46、erage at technology companies.”7LINUX FOUNDATION ANNUAL REPORT 2022that open source code is safe has become a matter of international concern.Increasingly,cyberattacks,such as ransomware and malware,are impacting the physical world.Two examples of this are hospitals rerouting ambulances and shipping

47、 companies being unable to route trucks or planes.Therefore,OpenSSF and its initiatives in software bill of materials,code signing,secure coding,and broad vulnerability scanning will become even more critical.With greater restrictions on collaboration and trade,the world risks losing the benefits of

48、 open source and open collaboration.As one of my heroes,former U.S.Secretary of State Madeleine Albright,said,we must compartmentalize our disputes and agree on common areas of interest.Open source is non-zero-sum in the best way.If it works,everyone benefits.Our job at the Linux Foundation is to co

49、ntinue to advocate for more open collaboration to drive global dividends in technology innovation.For 2023,we will continue to focus on impact,diversity,and moving the needle on solving big,complex problems,such as climate change,software security,and food security,to push the envelope of technology

50、.Together,we are smarter,faster,and better.I look forward to seeing all of you in the coming year as we continue on this open source journey together.Thank you for your support and commitment.Jim Zemlin Executive Director,The Linux FoundationBACKGROUND IMAGE THISISENGINEERING:PEXELS8LINUX FOUNDATION

51、 ANNUAL REPORT 2022Enabling innovation and security at the Linux FoundationNithya Ruff,Board ChairWelcome to the 2022 Linux Foundation Annual Report.I lead the Open Source Program Office(OSPO)at Amazon,and this report marks my fifth as Board Chair of the Linux Foundation.In late September,I had the

52、distinct pleasure of attending the Open Source Symposium hosted by the University of California at Santa Cruz(UCSC).UCSC is a leader in open source,and this symposium was a fabulous event where I reconnected with peers and learned new things about my chosen field.It both was amazing and felt normal.

53、After two years of distance and viewing the world through the lens of video conferencing,I have tremendously enjoyed getting back out there and meeting so many of you in person.One of my favorite things about open source is the community friendships and the personal bonds that we build.Open source i

54、s much more than a methodology and set of practices;seeing those people you care about makes this crystal clear.Meeting people in person also fuels innovation.Face-to-face encounters and hallway chats invariably yield not just greetings but also insights and ideas and even plants seeds for new proje

55、cts and technologies.I am incredibly impressed by the trajectory of the Linux Foundation and the progress we have made on so many fronts in the past year.I daresay we enter a golden age of open source innovation,with the Linux Foundation guiding new entrants and paving the way for collaboration on n

56、ew fronts.You,the members,made this progress through funding and by dedicating engineers and code to Linux Foundation initiatives.I also want to salute the Linux Foundation team for raising the bar in 2022 with a host of new programs and initiativesLF Research,LFX,more blogs,more podcasts,website im

57、provements,improved tooling and project infrastructure,and more.The theme of this report is innovation and security,and 2022 was a breakout year for the Linux Foundation on both fronts.PyTorch joining the Linux Foundation and the rapid adoption of RISC-V join the ongoing success stories of the CNCF

58、and cloud native and builds on the progress of the Linux kernel itself.The innovation communities hosted by the Linux Foundation made significant progress against shared global challenges in finance,transportation,energy,and food security.We are witnessing a grand expansion of open source at all lev

59、els,particularly in code and infrastructure.We also fine-tune and develop methods and practices for peer-based innovation and collaborative problem-solving.With this grand expansion comes greater responsibility.For open source to continue to prosper 9LINUX FOUNDATION ANNUAL REPORT 2022and for the wo

60、rld to embrace it,we must make open source more secure.This is self-evident and is a generational technology challenge a true moonshot.The difference is that moonshot can only stick the landing if everyone works together,because the problem is far too sprawling and complex otherwise.Unlike landing o

61、n the moon,open source security is a moving target.Software and technology are constantly evolving,and billions of lines of fresh code ship daily.We must create a culture of security,tooling,and programs to help better secure all open source software at every project lifecycle stage.It is essential

62、for massive efforts like Linux and Kubernetes down to small JavaScript dependencies that may have a single maintainer but can still“break the Internet.”On the consumption side,we must make it easier for consumers of open source to know exactly what they are gettingwith SBOMs,code signing,security sc

63、orecards,and more.The OpenSSF has stepped up to this task with its many contributors and contributing organizations.I am confident we are on a path that will vastly improve open source security within the next few years.It takes resources,people,and commitment to achieve these big goals.Whenever I g

64、o out and meet with you,I return more encouraged.The opportunity is immense,and your continued support makes it possible.Thank you,and I cant wait to see you all in 2023.Nithya Ruff Chair of the Board of Directors,The Linux Foundation“It takes resources,people,and commitment to achieve these big goa

65、ls.Whenever I go out and meet with you,I return more encouraged.The opportunity is immense,and your continued support makes it possible.”10LINUX FOUNDATION ANNUAL REPORT 2022Linux Foundation Board of DirectorsSuzanne AmbielVMwareErica BresciaAt-Large DirectorTim BirdSonyGold DirectorPeixin HouHuawei

66、Eileen EvansAt-Large DirectorXin LiuTencentMelissa E.EversIntelChris MasonMetaBen MaurerMetaNithya RuffChairJim WrightOracleHisao MunakataRenesasGold DirectorJim ZemlinExecutive DirectorChris WrightRed HatJessica MurilloIBMShojiro NakaoPanasonicGold DirectorYuichi NakamuraHitachiPhil RobEricssonDani

67、el ParkSamsungSarah NovotnyMicrosoftKeiichi SekiNECEric JohnsonGitLab,Inc.Silver DirectorFrank FanzilliAt-Large Director/TreasurerKen KomoyamaFujitsuDavid MarrQualcomm 11LINUX FOUNDATION ANNUAL REPORT 2022Thank you to our members After two long years of a global pandemic,2022 ushered in a new era of

68、 promise for open source.Thanks to the generous support of LF members like youand the support of a diverse and global contributor and maintainer communitywe have advanced the adoption of powerful new open source solutions and reignited the communities behind them.Thanks to your dedication to open so

69、urce,we are again coming together at events.With each event,we celebrate our project developers,contributors,reviewers,and maintainers in person,whose cumulative efforts now service much of the global software stack.In January,you called for more sustainability,inclusion,and global perspectives.We l

70、istened.Since then,we have expanded our climate and environmental initiatives.We published actionable insights and datasets through LF Research.We provided hundreds of scholarships to underserved communities,welcoming diverse and talented people from around the world to help build a better,more equi

71、table open source future.All of this was made possible with your support.Thanks to your spirit of collaborative innovation,we welcomed new projects across many fields including cutting-edge areas like Digital Wallets and AI.We brought government and enterprise together to improve the state of open s

72、ource software security.We expanded into Europe to foster region-specific open source transformation.With your continued support,we will drive open source transformation in regions worldwide.As we head into a year marked by global conflict,rising inflation,and economic turbulence,your unwavering sup

73、port for collaborative innovation will enable us to solve new challenges,build innovative solutions,and broaden the adoption of open source technologies.Thank you for your commitment to open source at the Linux Foundation.We wish you safety,prosperity,software security,and,above all,success in 2023.

74、12LINUX FOUNDATION ANNUAL REPORT 2022Linux Foundation membersGold membersPlatinum members13LINUX FOUNDATION ANNUAL REPORT 2022Silver members#0Chain1Crew1NCE GmbH1Password23 Technologies GmbH3-Shake Inc3K Technologies6WIND S.A.99Cloud Inc.AA10 NetworksABB LtdACC ICTACKSTORMAIAAIFRICAAIM(agile-im.de)A

75、LPS ALPINEANTMICRO LTDAPE FACTORYAPIIDA AGAQSACOMARIMAARMO(Cyber Armor)ASRock Rack IncorporationASUS Cloud CorporationATB VenturesATIX AGAVEVA GroupAVL Software and Functions GmbHAVSystem sp.j.Aarna NetworksAbsa Bank LimitedAccuknoxAcend GmbHAcnodal,Inc.Acorn Labs,IncAcornsoftAcumatica Inc.Ad Hoc LL

76、CAdaptive Financial Consulting LimitedAdfolks LLCAdobe Inc.Adva Optical Networking SEAdvanced Driver Information Technology CorporationAdvanced Micro Devices(AMD)Adventium LabsAerospikeAffinidi Pte LtdAfi TechnologiesAgenda d.o.o.Agile LabAgree Technology Co.,Ltd.Ahana Cloud,Inc.AirbnbAirbyteAirlock

77、 by Ergon Informatik AGAirwayzAisin CorporationAiven IncAkamai Technologies,Inc.Akatsuki inc.Akenes SA(Exoscale)Akuity,Inc.Alauda,IncAlerant Zrt.AlgorandAllianz Investment ManagementAlluxio,Inc.Allwinner Technology,Co.Ltd.AltairAlter Way Cloud ConsultingAltheaAltinityAltorosAmadeus IT Group,S.A.Aman

78、tya Technologies,IncAmazon Web Services,Inc.Ambassador Labs(f/k/a Datawire)Amberflo.ioAmbient ITAmdocs LimitedAmerican Express Banking Corp.American Tower CorporationAmidoAmpere ComputingAnaconda,IncAnchnetAnchore,IncAndes DigitalAnglepoint Group IncAnjuna Security,Inc.Anodot Inc.Anonyome Labs,Inc.A

79、nt Group Co.,Ltd.Aokumo Inc.ApiiroApollo GraphQLAppaegis,Inc.Appddiction StudioApple Inc.AppstellarApptioAppvia Ltd.Aqua Security Software,Inc.ArangoDBArcadyanArcherOS Software Co.,Ltd.ArcheraArcontech Group PLCArduinoArgonautArista Networks,Inc.ArkamysArm LimitedArmory Inc.ArnicaArrikto,Inc.Arvancl

80、oudAscensio System SIAAsiaInfo Technologies(China)Co.,Ltd.Aspecto IncAspen MeshAssertsAstra LinuxAternos GmbHAtlassian IncAtomicJar IncAtos FranceAudiokinetic Inc.Augtera NetworksAuriStor Inc.AuthzedAutodeskAutomat-ITAutomatic Data Processing,Inc.(ADP)Automotive Intelligence and Control of China Co.

81、,Ltd.Avanade Inc.Avanza Innovations IT Solutions LLCAvast Software,Inc.AveshaAvisi CloudAviz NetworksAxcelinnoAxiata Digital LabsAxis CommunicationsBB1 Systems GmbHBCW GroupBMC Software,IncBMWBNP ParibasBONbLOC IncBS Company SrlBaidu USA LLCBalena,Inc.BancolombiaBank of America CorporationBank of Mo

82、ntrealBank of New York MellonBanma Information TechnologyBaumer Management Services AGBayLibre Inc.BeOpenItBedRock Systems Inc.Beechwoods Software,Inc.Beijing Baolande Software CorporationBeijing Big Data Co.,Ltd.Beijing Datenlord Technology Co.,Ltd.Beijing Dosec Technology Co.,LtdBeijing Huijun Tec

83、hnology Co.Ltd.(JD Cloud)14LINUX FOUNDATION ANNUAL REPORT 2022Beijing Ji Ke Tian Cheng Technology Co.,Ltd(ScaleFlash)Beijing Proinsight Technology Co.,Ltd.Beijing Security Consensus Technology Co.,LtdBeijing Shengxin Network Technology Co.,Ltd.(QINGTENG)Beijing Shuyue Mingjin Technology Co.,Ltd.Beij

84、ing Sup-info Information Technology Co.LtdBeijing Teamsun Technology Co.,LtdBeijing VNET Broad Band Data Center Co.,Ltd.Beijing Xiaomi Mobile Software Co.,LtdBell CanadaBellSoftBetterCloudBiqmind Pte LtdBitrockBlameless IncBlock,Inc.Blockchain Technology Partners,Inc.Bloomberg Finance L.P.Blue Sentr

85、yBlueArch Group Inc.BoeingBoer Technology(BTech)BondEvalue Pte.Ltd.BonifiiBoost SecurityBooz Allen Hamilton,Inc.BoschBoston Consulting GroupBoxBoat TechnologiesBrickdoc(Ningbo)Cloud Computing Technology co.,ltd.Broadcom CorporationBrobridgeBunnyshellBuoyant,Inc.Business-intelligence of Oriental Nati

86、ons Corporation LtdBytedance LtdCCINQ ICTCISEL Informatique SACME Group Inc.CNOCORE 24/7 LLPCRYPTOSENSECSEngineeringCTO.aiCVS HealthCYSEC SACable Television Laboratories Inc.CachengoCalyptiaCamptocampCamunda Services GmbHCanaryBitCanonical Group LimitedCapital One Services LLCCarbonLacesCarbonatedCa

87、sperLabs LLCCast AI Group,Inc.Catalogic SoftwareCatalyst CloudCatena cyberCaylent IncCentilyticsCerbosCertizen LimitedChainguardChainyardChaitin TechChangzhou Citos Software Co.,Ltd.Charter CommunicationsCheckmarxChef Software Inc.Chengdu Yuan Lai Yun Zhi Technologies Inc.China Electronic System Clo

88、ud Data and Intelligence Technology Co.,LTD.(CECLOUD)China Mobile Communication Company LtdChina Systems Holdings LimitedChina Telecommunications CorporationChina UnicomChina-ASEAN Information Harbor Co.,LtdChronosphere,Inc.Ciena Canada,ULCCinemo GmbHCirba d/b/a DensifyCircle Internet Services,IncCi

89、rculor Ltd.Cirrus LogicCitiCivo Ltd.Clastix SRLCleartraceClockwork.ioCloud KineticsCloudBees,Inc.CloudBolt SoftwareCloudControl,Inc.CloudCover Pte.Ltd.CloudFerro Sp.z o.o.CloudFixCloudIQ TechnologiesCloudLinuxCloudMatos LLCCloudNatix,Inc.CloudOps Inc.CloudZeroCloudbase Solutions S.R.LCloudera,Inc.Cl

90、oudicalCloudshape IncCloudside TechnologiesCloudsmith LtdCloudsoft Corporation LtdCloudstratexCloudthreadCloudwiryCloudyuga Technologies Private LimitedClyso GmbHCoSoSys S.R.L.Cockroach LabsCodasip s.r.o.Code Zero Technologies IncCodeWaveCodefresh,Inc.CodethinkCog SystemsCognizant Technology Solutio

91、nsCoinbase Inc.Colder Products CoCollabora Ltd.Comcast Cable Communications,LLCCommvault Systems,Inc.Component Soft Kft.Connect 5G,Inc.Conoa ABConsenSys AGConstantiaContainIQContainer Solutions BVContinental Automotive SystemsContinoContrast SecurityControl Plane CorporationControlPlane.ioConvox Opc

92、o Inc.CoolIT Systems Inc.CoreHive Computing LLCCoreStackCoredge.ioCorshaCortexCosaic,Inc.CosmonicCouchbase,Inc.Cox Communications,Inc.Crafter CMSCrayonCreationline,Inc.Cribl IncCrowdStrikeCrunchy Data Solutions,Inc.Cryptape Technology Co.,Ltd.Cuemby Inc.CybeatsCyberArk Software LtdCybertrust Japan C

93、o.,Ltd.Cybozu,Inc.Cycode,Inc.DD2iQ,Inc.(f/k/a Mesosphere)DAEKYO CNSDB Systel GmbHDENSO CORPORATIONDENX Software Engineering GmbH(DENX)DLT Global Inc.DNEG15LINUX FOUNDATION ANNUAL REPORT 2022Dalian Hi-Think Computer Technology,Corp.DaoCloud Network Technology Co.,Ltd.Daon IncData EssentialData Storag

94、e Research,LLC d/b/a DSR CorporationDataCore SoftwareDataStax,Inc.Databricks Inc.Datachain,Inc.Datadog,IncDatadriversDatree.ioDatto,Inc.Daugherty Business SolutionsDaynix Computing LTDDebrickedDeepFactorDeepfence,IncDeepshore GmbHDellfer,Inc.Deloitte Consulting LLPDelta Electronics WorldwideDembach

95、Goo Informatik GmbH&Co.KGDeployHub,Inc.Depository Trust and Clearing Corporation(DTCC)Desay SV AutomotiveDesign Barn IncDesotech srlDeutsche Bank AGDeutsche Telekom AGDevOps InstituteDevSamuraiDevsOperativeDhiway Networks Private LimitedDiDi USADiagridDiamanti,Inc.DianomicDidim365DigiCert,Inc.Digita

96、l Asset Holdings,LLCDigital Impact LLCDigitalOceanDimagi IncDirektivDistributed Ledger Technologies(DLT)Pte Ltd.DitoDocker,Inc.DoiT InternationalDopplerDorado SoftwareDornerWorks,Ltd.DreamBig Semiconductor Inc.DrimAESDynatrace LLCEEGAR Global NoCodeEMQ Technologies Co.,Ltd.EPAM Systems,IncEXEMEasySt

97、ack Inc.Edge DeltaEdgeRay Technologies Co.,LtdEdgecore Network CorporationEdgeless SystemsEducational Testing Service(ETS)Eficode OyElasticsearch,Inc.Elastisys ABElastx ABElectronics and Telecommunications Research InstituteElektrobit Automotive GmbHElementlElotl,IncEngineerBetter LtdEntando Inc.Ent

98、erprise DB CorporationEntigo OEnveilEnvisorEolinkerEquideum HealthEquinix,Inc.Era Software,Inc.Ernst&Young LLPEscala24x7EscapeEspeo SoftwareEsperanto Technologies Inc.Estateably Inc.Ethernity CLOUDExeinExivityExotanium Inc.Expedia GroupExpert ThinkingExstratusExtreme Networks,Inc.FF5,Inc.Far-Galaxy

99、NetworksFLANT EUROPE OFOSSAFabrick S.p.AFairwinds Ops,IncFauna,Inc.Federal ExpressFederal National Mortgage Association(Fannie Mae)Federated WirelessFidelity Technology Group,LLCFilecoin FoundationFinoutFireHydrantFirecellFlanksourceFlexeraFlexiDAOFlowchainFogHorn SystemsFord Motor CompanyFortanixFo

100、rtress Information SecurityFossIDFoundries.io LTDFournine Cloud SolutionsFreedomFiFullstaqFuriosaAI,Inc.Futurewei Technologies,Inc.GG-ResearchGRAVITI TECHNOLOGIES INCGSBNGaia Information TechnologyGarden Technologies Inc.Gatsby IncGemini Open Cloud Computing Inc.GenXGenXcomm IncGeneral Electric Comp

101、anyGenesis Global Technology LimitedGenvid Technologies IncGerman Edge Cloud GmbHGhost Locomotion Inc.Giant Swarm GmbHGienTechGitHub,Inc.GitLab Inc.Gitpod GmbHGlobant LLCGloboGo Firefly,IncGoDaddy Operating Company,LLCGoldman Sachs&Co.LLCGoliothGotoAdminsGrafbaseGramLabs,Inc.(d/b/a StormForge)Granul

102、ate Cloud Solutions LtdGrape Up Sp.z.o.o.Grapheene incGravitational,Inc DBA TeleportGreen Hills Software LLCGremlin,Inc.Guangdong OPPO Mobile Telecommunications Corp.,Ltd.Guangxi Tidu Technology Co.,Ltd.(TIDU)Guangzhou Xiaopeng Motors Technology Co LtdGuidaHHAProxy TechnologiesHCL Technologies Ltd.H

103、ENSOLDT Cyber GmbHHERE Global B.V.HP Inc.HSA Foundation16LINUX FOUNDATION ANNUAL REPORT 2022HSBCHackerOneHadean Supercomputing LtdHammerspaceHangzhou FIT2CLOUD Information Technology Co.,LtdHangzhou Harmony Cloud Technology Co.,Ltd.Hangzhou Langhe Technology Co.Ltd.(Netease)Hangzhou MoreSec Technolo

104、gy Co.,Ltd.Hangzhou Nuowei Information Technology Co.Ltd.Hangzhou WOQU Technology Co.,Ltd.Hanover Insurance GroupHarness Inc.Harpoon CorpHartford Financial Services Group Inc.HashiCorp IncHasura,Inc.Hedera Hashgraph LLCHedgehogHeliosHelium Systems,Inc.Hermes Fund Managers Limited(Federated Hermes)He

105、roic LabsHewlett Packard Enterprise Development LPHighway9 NetworksHonda Motor Co.,Ltd.Honor Device Co.LtdHorizon RoboticsHound Technology Inc.dba HoneycombHub SecurityHumanitecHumioHygraphHyland Software,Inc.Hyundai Mobis Co.,Ltd.Hyundai Motor CompanyIIDnow GmbHIFS World Operations ABIGNWIHS Markit

106、IITS ConsultingILKI FRANCEIN-COM Data SystemsING GroupIO Builders Blockchain Technologies&VenturesIOG Singapore Pte.LtdIOTech Systems LimitedIPChain AssociationIPweITAU BBA USA SECURITIES,INC.ITRenewIVIS Automotive SolutionsIauro SystemsIdRampIdentity Technologies IncIgalia,S.L.Imagination Technolog

107、ies Group Ltd.Imperas Software LtdIndeed,Inc.Index AnalyticsIndicioIndraIndyKite Inc.Infineon Technologies AGInfinyOn IncInfluxData IncInfoCertInfoblox Inc.Information Data SystemsInfosys LimitedInfracloud Technologies INCInfracostInigoInnablr Pty LtdInnogridInspur GroupInstaclustrInstana,Inc.Intell

108、ectEUIntelligent Systems ServicesInterCloudInterdynamixIntesa SanpaoloIntuit,Inc.Intuitive Technology Partners,Inc.InwinSTACKIoT.bzhIsovalent Inc.Itera Technologies a.s.ItopiaItuum OU(DBA Dysnix)JJFrog,IncJMA WirelessJPMorgan ChaseJVC KENWOOD CorporationJeli.ioJetstack LtdJoby AeroJoisto Group OyJum

109、p Operations,LLCJuniper Networks,Inc.KKBSYS IncKDDI CorporationKINXKNS Group LLC(trademark YADRO)KPIT Technologies LimitedKPMGKSOCKUKA Deutschland GmbHKaleidoKaloom Inc.Kasten,Inc.KatRisk LLCKentikKernkonzept GmbHKeyless technologies LTDKeysight Technologies Inc.Kioxia CorporationKiratech SpAKitBash

110、3DKloia Software and Consulting LtdKlothoKodeKloudKomodor Inc.Kong Inc.Konsulko GroupKoor Technologies IncKry10 LimitedKrypc CorporationKubeOpsKubermatic GmbHKubernetes Innovation Labs LLC(Kubeshop)Kubiya IncKublrKumina B.V.KylinSoft Coporation(Beijing)Kythera AIL L4B Software GmbHLG Electronics Inc

111、.LINBIT USA LLCLMAX Exchange LtdLPI.orgLSD OPENLablup Inc.LaceworkLaird Connectivity,IncLantronix Inc.Larsen&Toubro Infotech LtdLatticeX FoundationLawrence Livermore National Laboratory(LLNL)LeanIX GmbHLear CorporationLegit SecurityLenovo(United States)Inc.Li Auto Inc.Lightbend IncLightlyticsLightru

112、n LtdLightstep,Inc.Linaro LimitedLineo Solutions,Inc.LinkedIn CorporationLinklogis IncLinode LLC.Linutronix GmbHLiquid Avatar Operations Inc.Liquid ReplyLockheed MartinLoft Labs,Inc.(DevSpace Technologies)Logiq.ai Inc.Logshero Ltd.Lumedic Acquisition CorpLuxoft Global Operations GmbHMMATRIXX Softwar

113、eMBDA Italia S.p.AMDxBlocks Inc.17LINUX FOUNDATION ANNUAL REPORT 2022MIA s.r.l.MSys TechnologiesMUFG Union BankMacStadiumMaibornWolff GmbHMail.Ru Cloud SolutionsMakinaRocksMan TechnologyMarelli CorporationMarketnodeMarvell Semiconductors LtdMasterCard IncorporatedMatrix I.T CloudZone LTDMattermost,I

114、nc.Mavenir Systems,Inc.Maxon Computer GmbHMayaData Inc.(f/k/a CloudByte,Inc)Mayfield FundMazda Motor CorporationMcKinsey&Company,IncMediConCen LimitedMediaTek USA Inc.MegaEase,Inc.MegazoneCloudMeinberg Funkuhren GmbH&Co KGMemfault IncMercedes-Benz Tech Innovation GmbHMerck&Co.,Inc.MetaBlox Foundatio

115、nMetrics Design Automation Inc.MetroStar SystemsMezmoMicro Focus International plcMicron TechnologyMicware Co.Ltd.Mido Holdings Co.,Ltd(Midokura)Milligan PartnersMindtree LimitedMinio,IncMirantis,Inc.Miraxia Edge Technology CorporationMission:data CoalitionMithril SecurityMitsubishi Electric Corpora

116、tionMitsubishi Motors CorporationMobilise Cloud ServicesModel9MondooMonetago IncMonokeeMonostream AGMontaVista Software,LLCMorgan StanleyMorpheus DataMoscow Exchange(MICEX-RTS)MotoJeannieMoxa Inc.MyFitnessPal LLCMycelialNNAMUTECH Co.,Ltd.NCC GroupNCSOFT CorporationNEOSNGINX International LimitedNHN

117、CorporationNIONIPANSONE,Inc.NTT CorporationNTT DATA MSE CORPORATIONNVIDIA CorporationNXP Semiconductors Netherlands B.V.Nanjing Pengyun Network Technology Co.,Ltd.Nanjing eCloud Technology Co.,Ltd.NatWestNational Instruments CorporationNavitas Business Consulting Inc.NearForm LtdNebulonNeo4j,Inc.Net

118、App,IncNetFoundryNetdataNetflix,Inc.NetgateNethopperNetris,INC.NeurogliaNevexisNew BlackNew H3C Technologies Co.,LtdNew Relic,Inc.NexCloudNextGen Tek ConsultingNianticNikon CorporationNippon Seiki Co.Ltd.Nirmata,Inc.Nissan Motor Co.Ltd.Nokia CorporationNomura Holding AmericaNomura Research Institute

119、,Ltd.Noname SecurityNordic Semiconductor ASANumbersNutanix,Inc.NuvitekOOBSSOGIS-RI Co.,Ltd.OKESTROOSNEXUSOVH SASOccentus NetworkOcto Consulting GroupOctopusDeployOhmConnect IncOktetoOnGresOndatOpaque Systems Inc.Open RavenOpen Source AllianceOpen Source Automation Development Lab(OSADL)eGOpen Source

120、 Consulting Inc.Open Source Security,Inc.OpenNebulaOpenSynergy GmbHOpsLevelOpsMxOpsVerseOpseraOpticOptum/UnitedHealth GroupOrange SAOrca Security,Inc.Ori IndustriesOrigoss Solutions LtdOrkes IncOrtec FinanceOsaka NDS Co.,Ltd.Oteemo Inc.Oticon A/SOvoo Spka z o.o.OxeyeOzone Cloud Inc.PPANTHEON.tech s.

121、r.oPBG ConsultingPRODYNAPaladin CloudPalm NFT StudioPalo Alto NetworksPantaRei DesignParamount Software Solutions Inc.ParasoftParticulePayPal Holdings,Inc.Pegasystems Inc.Peloton InteractivePentenPercepio ABPerconaPermit.ioPhoenix Software InternationalPhylumPing An Technology(Shenzhen)Co.,LtdPingCA

122、PPioneer CorporationPionix GmbHPipekit IncPlanetScale,Inc.PlatHome Co.,LtdPlatform9 Systems,Inc.Point72,L.P.Polar Signals IncPolar SquadPolyverse CorporationPortainer.ioPosedio-Professional Cloud ConsultingPoste Italiane SPAPostmanPrecisely Holdings,LLCPrecision Innovations IncPrefect18LINUX FOUNDAT

123、ION ANNUAL REPORT 2022Pricewaterhouse Coopers LLPPrisma Data,IncProdigy EducationProfianProfiseaProgressive InsuranceProject NProofcraft Pty LtdProsperOpsPulumiPuppet,Inc.Pure StoragePuzzle ITC GmbHQQAware GmbHQamcom Group ABQiming Information Technology Co.,Ltd.QingCloud Technologies Corp.QualiQual

124、itySoft CorporationQualys,Inc.Quant NetworkQuobyte Inc.RR3 LLCRADTONICSRANDA SolutionsRBC Capital Markets,LLCREALTO GROUP INCREGnosys LimitedRNG TechnologyRStudio PBCRTE(Reseau de Transport dElectricite)RX-M,LLCRacknerRackspace US,Inc.Radisys CorporationRafay Systems,Inc.RaftRafttRaintank,Inc.Grafan

125、a LabsRapid SiliconRapidAPIRapidFort,Inc.Raytheon TechnologiesReadMeReblazeRecurveRed Date(Hong Kong)Technology LimitedRed Kubes BVRed ReplyRedeployRedpanda DataRelease Technologies,Inc.Reliance Jio Infocomm LimitedReplicated,Inc.ReversingLabsRevolgyRezilionRibbon Communications Operating Company,In

126、c.Ricoh Company,Ltd.Ripple,Inc.Rivos IncRoadieRobin Systems,IncRobusta.devRocket Software,Inc.RodeoFXRookout Ltd.Royal Dutch ShellRuby ProtocolSS&P Global Inc.SADA SystemsSAIC Motor Corporation LtdSANCLOUD LTDSAPSAS Institute Inc.SHE BASHSHINESOFTSICPA SASIGHUP,IncSIMBA ChainSMBC AmericasSOCNOC AISO

127、LIZE CorporationSORAMITSU CO.,LTD.STMicroelectronics International N.V.SUSE LLCSVA System Vertrieb Alexander GmbHSWIFT,INC.SYSGO GmbHSaleor CommerceS,Inc.SalsifySaltwareSarturaSateliotSauce Labs IncSavoir-faire LinuxScalewayScality Inc.Scantist Pte.Ltd.Scarf Systems,IncSchaeffler TechnologiesSchellm

128、an&Company,LLCSchneider ElectricSchwarz IT GmbH&Co.KGScience Applications International CorporationScott Logic LtdScoutAPMScribe SecuritySeagate Technology LLCSearceSecond StateSecureKey Technologies,Inc.Seekret Software Security Ltd.Selective Insurance GroupSelector Software,Inc.Sempre.aiSenofiSens

129、e ReplySentara Healthcare,Inc.ServeTheWorld ASServerlessServices4-ITShanghai Mandao Technology Co.,LTDShanghai Pudong Development BankShanghai Sectrend Information Technology Co.,LtdShanghai Vonechain Information Technology Co.,LtdShanghai Yunzhou Information Technology Co.Ltd(ZStack)Shanghai Zhuyun

130、 Information Technology Co.,Ltd.Shenzhen Forms Syntron Information Co.LtdShenzhen Goodix Technology Co.,Ltd.Shenzhen Jiangxing Intelligence Inc.Shenzhen Wise2C Technology Co.,LtdShenzhen ZhiLiu Technology Co.,Ltd.ShiftLeftShipaShopify Inc.ShorelineSiFiveSibros TechnologiesSidero LabsSiemens AGSilico

131、n Laboratories Inc.SingleStore,Inc.Singularity DataSirius XM Radio Inc.Sivantos GmbHSkyloudSlim.AISmallstepSmartBear Software,Inc.Smartiful,Inc.Snapper Future Tech Pvt LtdSnow Software IncSnyk LimitedSoKubeSocit GnraleSocketSoftBank Corp.SoftIron IncSoftax SP.j.Softchoice LP and Softchoice Corporati

132、onSoftware MindSoftwareONE AGSolidRun LtdSolo.ioSonatus,Inc.Sonatype,Inc.SosivioSpacelift,Inc.Sparkfabrik srlSpectralSpectro Cloud,Inc.SpeedScaleSphereExSpirent Communications Inc19LINUX FOUNDATION ANNUAL REPORT 2022Splunk Inc.Spotify ABSprint CorporationSpyderbatSquarespace,Inc.StackHawkStackletSta

133、ckwatch IncStarburst DataStark&Wayne LLCState Farm Mutual Automobile Insurance CompanySteamhausStellateStepZen,Inc.Sterlite Technologies LimitedStorPool Storage ADStorm Reply GmbHStrata IdentityStratascaleStrategic BlueStratox Cloud NativeStreamNativeStructsure,LLCStyra IncSuccessive TechnologiesSum

134、o Logic,Inc.Super Micro Computer,Inc.SuperOrbital,LLC.SuperblocksSupercriticalSuzhou Beyondcent&Software Co.,Ltd.(BoCloud)Suzuki Motor CorporationSwisscomSymbridge LLCSymphony Communication Services LLCSynax GmbHSync ComputingSynechron,Inc.SyngenioSynopsys,IncSysEleven GmbhSysdig,Inc.TTDT AGTELUS Co

135、rporationTL Consulting GroupTLM PartnersTO THE NEWTafiTangem AGTarget CorporationTata Communications LimitedTeal Communications,Inc.Tech Mahindra LimitedTechnology Innovation InstituteTectonic Labs Ltd.Telaverge CommunicationsTelechips,Inc.Telecom Italia Mobile(TIM)S.p.A.Temporal Technologies IncTen

136、able,Inc.TenneTTensorSecurity Technology LtdTensorWorksTenxCloudTeraSkyTernaryTetrate.ioT Netzdienste GmbHTexas Instruments IncorporatedThales SAThe 4th Paradigm Technology Co.,LtdThe Constant Company,LLC/VultrThe Foundry Visionmongers LimitedThe GuildThe MediumThe Qt Company OyThe Scale Factory Lim

137、itedThebes Cloud Management LimitedThnkThought Machine Group LimitedThoughtWorks,IncThunder Software Technology Co.Ltd.Tick42Tidelift,Inc.TietoEVRYTigera,Inc.TimescaleTimesys CorporationTimspiritTmaxCloudTokentrust AGTomTom International B.V.Torch Consulting GroupToyota Tsusho CorporationTraceableTr

138、aceroute42Traefik Labs SASTrail of BitsTranslucent ComputingTransposit CorporationTranswarp Technology(Shanghai)Co.,LtdTravelersTravelping GmbHTrend Micro IncorporatedTrilio DataTrue B.V.Truepic,Inc.Turk Telekomnikasyon A.S.Turnium Technology Group IncTuxera Inc.Twitter Inc.Tyk Technologies Ltd.UUBS

139、 AGULAK HABERLESME A.S.UMB AGUNIBERGUS NavyUSAAUWS Inc.Ubiquitous AI CorporationUffizziUltraviolet Consult DOOUnifabriXUnion.aiUnionTech Software Technology Co.,Ltd.UniserverUnisysUnity TechnologiesUpCloud LtdUpboundUpsolver Data,Inc.UtilidataUtilityAPIVVA Linux Systems Japan K.K.VES LLCVEXXHOST,Inc

140、.VNC Automotive LimitedVSHN AGValueCloudValve CorporationVapor IOVattenfall Eldistribution ABVaxowaveVeea Inc.Vega Cloud IncVelaVelocityVeriSilicon,Inc.VertivViable DataVicOne Inc.Vicom Infinity,Inc.Videndum Media Solutions SpaVirtasantVirtual Power SystemsVisa Inc.Vodafone Group Plc.VoerEir ABVolks

141、wagen AktiengesellschaftWWSO2 Inc.WallarmWalmart Inc.Wanclouds Inc.WandelbotsW LimitedWattCarbonWavelabsWayfairWe.Trade Innovation DACWeHealth Solutions PBCWeScale SASWeaveworks Inc.Webera,LLCWegmans Food MarketsWellington Management Company,LLPWestern Digital CorporationWevrWhaTap Labs IncWhiteSour

142、ce Ltd.Whitestack LLCWhizUs GmbHWind River Systems,Inc.Windmill Engineering20LINUX FOUNDATION ANNUAL REPORT 2022Wingtecher Technology Co.,Ltd.Winning Health Technology GroupWipro LimitedWistron CorporationWitekio HoldingWowjoy TechnologyWuhan Lotus Technology Co.,LtdXXcalibyteXenit ABXenonStack Inc.

143、Xevo Inc.Xian Tieke Jingwei Information Technology Co.,Ltd.(CARS)Xilinx IncXopero SoftwareYYLD!LimitedYahoo Japan CorporationYazaki CorporationYellowbrick DataYotascaleZZEDEDA,Inc.ZTE CorporationZebrium,Inc.Zeeve IncZelarsoft LLCZenHubZenlayer IncZerto,Inc.Zettabytes,Inc.ZillizZoiZoss Team,LLCZutaCo

144、re21LINUX FOUNDATION ANNUAL REPORT 2022In memoriam:Shubhra KarThis year,we lost our dear friend,colleague,and a true champion of the open source community.Our CTO,Shubhra Kar,passed away suddenly while he was with his entire LF family at our first in-person,all-hands gathering since before the pande

145、mic.Those who had the honor to work with him will know,he was a special leader and a wonderful human being.Above all,Shubhra was the kind of leader who quickly passed the credit for accomplishments to his team over himself.His humble spirit and everpresent smile was admired by all around him.He was

146、so proud of the world class team he had built here,and did that in part with engineers who followed him from one organization to another throughout his career.We also knew Shubhra as a selfless leaderone who was more interested in the work than the reward.At the same time,he was incredibly ambitious

147、 wanting to build a platform that would not only transform The Linux Foundation but support open source development communities around the world.This was the week his team unveiled significant new enhancements across the LFX platform.It was a project he led from vision to reality,after manyeven memb

148、ers of his own teamhad told him the path to success was impossible.He was a transformational leader that has left his legacy here.While he was passionate about his work and his team,he loved his family even more.In fact,his children were often spotted behind him during video calls throughout the day

149、.He was a fantastic husband and father,and we are so grateful for his wife,son,and daughter sharing him with us.“Shubhra was a special leader and a wonderful human being.He always passed the credit for accomplishments to his team over himself.His humble spirit and constant smile were admired by all

150、around him.He was so proud of the world-class team he had built.Most of his engineers had followed him from one organization to anothera true testament to the type of manager Shubhra was.”22LINUX FOUNDATION ANNUAL REPORT 2022Serving over 986 open source project communities Cloud,Containers,&Virtuali

151、zation 23%Networking&Edge 16.5%Web&Application Development 12%AI,ML,Data,&Analytics 10.4%Cross-Technology 5.6%Privacy&Security 4.4%IoT&Embedded 4.1%DevOps,CI/CD,&Site Reliability 3.7%Blockchain 3.7%Open Source&Compliance Best Practices 3.5%System Administration 2.4%Linux Kernel 2.3%System Engineerin

152、g 2.2%Storage 2.2%Open Hardware 1.7%Safety-Critical Systems 1.4%Visual Effects 0.9%Open Source Software 73%Open Standard/Specification 19%Open Data 3%Open Hardware 2%Peer Network 1%Open Governance Network 1%Project technical segmentProject type23LINUX FOUNDATION ANNUAL REPORT 2022Innovation with an

153、evolving Linux kernelIn tandem with security,nurturing open source innovation to create a better world is at the heart of Linux Foundation activities.Last year,we celebrated the Linux kernels 30th birthday.In 2022,Linux remains among the top three global open source projects in terms of development

154、velocity.Each release is the result of the work of thousands of contributors worldwide and from a wide variety of organizations.The kernel community actively maintains a steady flow of innovative improvements to expand the footprint of Linux and improve its capabilities.Attendees at the 2022 Linux P

155、lumbers event in Dublin discussed a future Linux that is faster,more versatile,and more secure,but also an increased desire to improve regression testing methodologies to reduce the number of bugs introduced into the code with new commits.A new kernel regression tracking system,regzbot,led by develo

156、per Thorsten Leemhuis,is currently in early testing.Its exciting to see that the first Rust modules are now slated for rollout in Linux 6.1,marking the start of a new journey toward memory safety.Were also excited to see developers showing how the Linux eBPF subsystem runtime is turning into a utili

157、ty tool that goes beyond package filtering to adjust process scheduling and make accommodating new input devices easier.New features,such as io_uring,will make Linux much faster by eliminating many system calls back to the kernel.Considering that most open source projects have a healthy lifespan of

158、a decade or less,the speed at which Linux accelerates its innovation is all the more remarkable.24 LINUX FOUNDATION ANNUAL REPORT 2022There are over 850 active open source projectsbeing hosted by the Linux Foundation.Active member contributions increased 13%in FY22,and 148K were by new contributors.

159、The Linux Foundation open source community contributed to over 3.2 million project buildsin 2022.135K developers enrolled in training courses in 2022 and earned 26K certifications,an increase of 15%.52M+lines of codeare generated every week by our project communities,up 13%year over year.LFX Securit

160、y detected 264K code vulnerabilities in 2022,aiding faster fixes by developers.827K developers actively contribute to Linux Foundation projects,resulting in a 12%increase in 2022.Events hosted by the Linux Foundation had a total of 188K attendees,an increase of 120%from the previous year.17K global

161、organizations contributed to Linux Foundation open source projectsin 2022.10,700 applications for LFX Mentorshipswere received in 2022.In 2022,the Linux Foundation acquired321 new members.$3.3 million in funds were raised this year through LFX Crowdfunding.Fostering growth,quality,and velocity25LINU

162、X FOUNDATION ANNUAL REPORT 2022Celebrating the innovatorsThroughout history,innovation has abounded during times of crisis or adversity.This past year was no exception.We continued to serve and grow our communities as we welcomed new projects such as PyTorch and launched Linux Foundation Europe and

163、its OpenWallet Foundation.We also saw sparks of innovation aiming to change the world,from tracking conflict minerals to providing broadband to poor and remote communities to creating open source technology for animal tracking as part of endangered species conservation efforts.Heres a roundup of the

164、 innovation from 2022 and heres to the project innovators!IMAGE BY DANIELE FRANCHI:UNSPLASH26 LINUX FOUNDATION ANNUAL REPORT 2022CELEBRATING THE INNOVATORSInnovation with a global impact Saving wildlife:Peace Parks Foundation and OpenJS FoundationThe Peace Parks Foundation is leveraging OpenJS-hoste

165、d technologies like Node-RED,Electron,jQuery,Lint,and Moment to fight poaching in African national parks.Using a network of cameras that monitor endangered wildlife,they have created a low-cost,scalable system that identifies poachers and notifies local police in realtime.The monitoring system relie

166、s heavily on Node-RED,a low-code programming language for event-driven applications.Node-RED is built on Node.js,making it ideal for running at the networks edge on low-cost hardware and in the cloud.OpenJS technologies enable organizations like the Peace Parks Foundation,which have limited resource

167、s,to fight poachers and protect endangered ecosystems at scale.OpenCollar animal tracking and the Zephyr real-time operating systemThe OpenCollar Initiative is a conservation collaboration for designing,supporting,and deploying open source tracking collar hardware and software for wildlife monitorin

168、g projects.OpenCollar integrates LoRa,GSM,Bluetooth LE,and GPS technologies for a seamless wildlife monitoring solution based on the Zephyr real-time operating system.By making the hardware and software open source,the OpenCollar Initiative aims to attract and inspire talented students,researchers,a

169、nd tech-savvy conservationists to develop tracking systems that are more customizable to accommodate the needs of various animals.The OpenCollar Initiative started with the design and deployment of elephant tracking collars and has PHOTO BY GERAN DE KLERK:UNSLAPSH27LINUX FOUNDATION ANNUAL REPORT 202

170、2CELEBRATING THE INNOVATORSsince expanded.It now provides field-tested solutions for tracking rhinos,lions,cheetahs,wisents,wild dogs,and other animals.https:/www.zephyrproject.org/portfolio/opencollar/https:/www.smartparks.org/opencollar-io/Data modeling for climate change:OS-ClimateOS-Climate is a

171、n open source collaboration community that is building data and software tools to drive climate change mitigation and action.Founded to accelerate the global investment shift toward green technologies,infrastructure,and business practices,OS-Climate is helping stakeholders across industries align on

172、 sustainability goals.This alignment allows them to accelerate the adoption of new business models and take action to meet the targets outlined in the Paris Climate Accords.By aggregating the best available data,modeling,and computer science,OS-Climate is helping organizations prepare for a future b

173、uilt on climate-friendly economic practices.They are working to develop an AI-enhanced physical-economic model that functions like an operating system and enables powerful applications for climate-integrated investing.Open charging for electric vehicles:EVerest(LF Energy)As the demand for electric v

174、ehicles(EVs)continues to grow,LF Energys EVerest project is developing an open source software stack for EV charging infrastructure.The EVerest project aims to speed deployment,ensure interoperability,and avoid stranded infrastructure for EV charging solutions.Developed with modularity and customiza

175、bility in mind,EVerest works with all types of fast public charging,including smart charging,DC charging,bidirectional charging,and even emergency energy backups,for use during blackouts.By leveraging all the advantages of open source for the EV charging world,EVerest is driving e-mobility innovatio

176、n and adoption.In the future,the project will focus on providing new features for local energy management,PV integration,grid-friendliness,and more.Mine-to-manufacturer traceability of a conflict mineral:Circulor(Hyperledger Foundation member)Circulors blockchain-based system provides much-needed pr

177、ovenance for tantalum and is the first ever mine-to-manufacturer traceability solution for the conflict mineral.Using Circulor,manufacturers can ensure that tantalum ore purchased in Rwanda is mined,transported,and processed under OECD-approved conditions and without slavery or child labor.Tantalum

178、is one of the rarest chemical elements in our solar system,and there is a growing demand for it in a variety of industries.It is also a conflict mineral,meaning that a portion of its supply comes from warlords in the Congo who enlist enslaved people and children to mine it.The OECD,the U.S.,and the

179、E.U.passed regulations to improve its traceability,but there has not been a way to accurately track tantalum from mine to manufactureruntil now.Using Circulors traceability solution,which is built using Hyperledger Fabric,Circulors blockchain-based system:The first ever mine-to-manufacturer traceabi

180、lity solution for the conflict mineral.28LINUX FOUNDATION ANNUAL REPORT 2022CELEBRATING THE INNOVATORSmanufacturers and governments can ensure that rare-earth elements such as tantalum are ethically and sustainably sourced.Employee and student health verification:Cardea LF Public Healths Cardea proj

181、ect is a decentralized,open source,privacy-preserving solution for sharing health data.Initially built to support health data sharing for COVID-19 tests and vaccinations,the Cardea project has since expanded,with use cases in employee and student health verification and drug testing.The underlying a

182、rchitecture of Cardea is optimized for sharing privacy-sensitive data.Individuals can submit health data as tamper-proof digital credentials with consent-based sharing of specific data.This makes it perfect for universities and organizations that rely on a paper-based method to verify the health req

183、uirements of students and employees.Cardea can verify the health credentials of individuals in a convenient,digital,and privacy-centered way.Improving network access for underserved communities:MagmaThe Magma project is helping rural and underserved communities gain better access to Internet and LTE

184、 networking.Using policy-rich network edges and simple fabrics,the Magma projects broadly applicable design provides flexible,scalable,and low-cost networking solutions for use in various low-service areas.First Nations communities across North America can now control their Internet access using pri

185、vate LTE networks powered by Magma,thereby providing support for critical communications and cultural resources.Securing open source software:OpenSSFThe Open Source Security Foundation(OpenSSF)brings together government and industry leaders to improve the state of open source software security.Sever

186、al targeted initiatives were released by the OpenSSF in 2022,including education courses,best practices,and an open source summit in Washington,D.C.,that gathered government and industry representatives to discuss action and investment in open source security.Cross-industry conversations facilitated

187、 by the OpenSSF led to the launch of a comprehensive mobilization plan outlining 10 streams of investment to improve the state of open source software security.OpenSSF has also funded security teams and projects in a variety of critical open source projects and released novel tooling to enable secur

188、e software development.With the support of more than 95 members,the OpenSSF is taking actionable steps to secure the open source software powering our world.OSS North America 202229LINUX FOUNDATION ANNUAL REPORT 2022CELEBRATING THE INNOVATORSWelcoming the PyTorch FoundationIn September,we welcomed P

189、yTorch as a new project under the Linux Foundation,and we formed the PyTorch Foundation.Since its initial release in 2016,over 2,400 contributors and 180,000 organizations have adopted the PyTorch ML framework for academic research and production environments.And,within the last year,PyTorch counted

190、 over 65,000 code commits and was one of the worlds five fastest-growing open source software communities,alongside the Linux kernel and Kubernetes.PyTorch is one of the worlds most important and successful machine-learning software projects.We are grateful to the team at Meta for trusting the found

191、ation with this project and to our founding members from Amazon Web Services,AMD,Google,Microsoft,and NVIDIA.In the coming year,we look forward to building upon the success that PyTorch has already established with the AI and ML community.Artificial intelligence and machine learning remain key techn

192、ologies in open source,and we know that the neutral home of the Linux Foundation will bring in even more diverse contributions to the PyTorch community.By creating a neutral home for PyTorch,we open up possibilities for further collaboration,innovation,and growth.We are excited to offer training,cer

193、tification,and access to our LFX platform to PyTorch maintainers and contributors.Mark Zuckerberg initially announced the PyTorch Foundation on his Facebook page.Linus Torvalds(left),the creator of the Linux kernel,met with Soumith Chintala(right),the creator of PyTorch,at Open Source Summit Europe

194、this year in Dublin.30LINUX FOUNDATION ANNUAL REPORT 2022CELEBRATING THE INNOVATORSInvesting in European innovation:The launch of Linux Foundation Europe As the pace of digital transformation is accelerating in Europe,we realized that we needed to establish a presence in the region and promote the r

195、ole of open source as a critical competitive differentiator.By planting roots in the European open source community,we are manifesting our vision to help promote the ideals of collaborating locally to drive open source innovation globally and provide a neutral space for open source innovators with a

196、 European bent.In September,at Open Source Summit Europe in Dublin,Ireland,we officially launched Linux Foundation Europe with over 15 founding members.It is a Brussels-based non-profit that will be led by General Manager Gabriele Columbro,a native-born Italian and long-time proponent of the Europea

197、n open source ecosystem.The foundations mission is to accelerate the growth of open collaborative efforts focused on challenges and opportunities faced by all European constituencies.Linux Foundation Europe will provide individuals in the public and private sectors with an on-ramp so that European p

198、rojects and companies can collaborate and succeed on a grand scale.Jim Zemlin,the executive director of the Linux Foundation,described the regional opportunity:We see different regions worldwide saying,.we want to have our own digital community and big digital economy.We want to create new jobs,spur

199、 innovation regionally because of our regions special circumstances,or because people here understand each other and BACKGROUND IMAGE BY LARA JAMESON:PEXELS31LINUX FOUNDATION ANNUAL REPORT 2022CELEBRATING THE INNOVATORScollaborate more quickly.And so,you have this balance where the free,organic,glob

200、al innovation engine is open source.Europe is home to a thriving community of open source contributorsfrom individuals to enterprises to governmentswho deliver innovation that positively impacts the region and the world.Today,policymakers widely recognize open source as a unique tool for achieving a

201、mbitious Europe-wide goals,such as the digital commons and digital sovereignty.According to Columbro,”The LF is already in Europe.More than a third of our members are from Europe,split evenly across regions.So why are we launching a European branch of the Linux Foundation?The first and foremost reas

202、on is that Europe is a unique region that includes a supranational entity(the E.U.)that aligns goals and defines a collaboration framework that crosses borders.And we realized there was a need to support this type of collaboration.Its a pleasure to focus on Europe,an area that I think has major pote

203、ntial for innovation leadership through open source.We want to ensure that we enable collaborations that can start here,in Europe,but then go to a global scale.”During the launch,we published our study with Scott Logic,World of Open Source:Europe Spotlight 2022,which describes the state of open sour

204、ce across Europe.At the Summit,Hilary Carter,VP of Research at the Linux Foundation,said,”This study shows that open source remains an apolitical key to fostering the digital commons,enabling innovations that can originate in Europe and become de facto standards used worldwide.”OSS EU Dublin32LINUX

205、FOUNDATION ANNUAL REPORT 2022CELEBRATING THE INNOVATORSOpenWallet Foundation:Advancing interoperability in digital wallets As announced at Open Source Summit Europe in Dublin,the mission of the OpenWallet Foundation(OWF),LF Europes first project,is to develop an open source engine to create secure a

206、nd interoperable multi-purpose wallets that anyone can use to build solutions.The OWF aims to set best practices for digital wallet technology through collaboration on open source code that anyone can use as a starting point for building interoperable,secure,and privacy-protecting wallets.33LINUX FO

207、UNDATION ANNUAL REPORT 2022CELEBRATING THE INNOVATORSLess than two months into its launch,LF Europe announced its first hosted project,Sylva.A collaboration between leading European telcos and vendors(Deutsche Telekom,Ericsson,Nokia,Orange,Telecom Italia,Telefonica,and Vodafone),Sylva is designed to

208、 create a new,open source production-grade telco cloud stack within Europe.Sylvas common cloud software framework and adjacent reference implementation will reduce fragmentation of the cloud infrastructure layer for telecommunication and edge services and build on top of existing open source project

209、s to provide implementations and extensions.Specific goals of the Sylva project include the following:Release a cloud software framework to prioritize require-ments,develop solutions to be integrated within existing open source components,and produce production-grade solutions to be leveraged within

210、 commercial products.Develop a reference implemen-tation of this cloud software framework and create an integration and validation program to accelerate the adoption of network functions within the cloud.Learn more about Sylva at https:/ BY KAREN UPPAL:UNSPLASH34LINUX FOUNDATION ANNUAL REPORT 2022So

211、ftware supply chain securityThe Linux Foundation spent a large part of 2022 working on building a community around the urgent task of securing our open source software(OSS)supply chain,which is important to society and repeatedly in the news.This section includes more information on the Open Source

212、Security Foundation (OpenSSF),OpenChain,SPDX,and other cybersecurity activities at the Linux Foundation.IMAGE BY MAXIMALFOCUS:UNSPLASH35 LINUX FOUNDATION ANNUAL REPORT 2022SOFTWARE SUPPLY CHAIN SECURITYEngaging the public sector on open source software worldwideThroughout 2022,the Linux Foundation h

213、as been at the heart of several important conversations concerning the open source software(OSS)community and the sustainability of the ecosystem.Many of our worldwide engagement efforts have been focused on educating public and private sector leaders about open source software,including its securit

214、y.Specifically,we have focused on three key priority areas:1.Improving security and reducing systemic risk in the OSS ecosystem,2.Closing talent shortages through improved training and educational initiatives,and,3.Imparting the value of openness and the importance of the community.This has included

215、 presentations,responses to requests for information,and more informal discussions with cybersecurity leaders in the U.S.,Singapore,Japan,the U.K.,the E.U.,and elsewhere.BACKGROUND IMAGE BY GERD ALTMANN:PIXABAY36LINUX FOUNDATION ANNUAL REPORT 2022SOFTWARE SUPPLY CHAIN SECURITYOpenSSF1https:/openssf.

216、org/blog/2022/09/13/alpha-omega-project-announces-over-1-5m-in-grants-to-critical-open-source-projects-and-new-omega-analysis-toolchain/2https:/openssf.org/blog/2022/07/20/openssf-supports-movements-toward-multi-factor-authentication/The OpenSSF is a cross-industry collaboration that brings leaders

217、together to improve OSS security through targeted initiatives,education,and best practices.Throughout 2022,OpenSSF membership increased to 95 members.Premier members include 1Password,AWS,Atlassian,Capital One,Cisco,Citi,Coinbase,Dell Technologies,Ericsson,Fidelity,GitHub,Google,Huawei,Intel,IBM,JFr

218、og,JPMorgan Chase,Meta,Microsoft,Morgan Stanley,Oracle,Red Hat,Snyk,Sonatype,VMware,and Wipro.2022 highlights In January 2022,the U.S.White House,along with leaders and experts of many U.S.federal agencies,convened an import-ant cross-section of the open source developer and commer-cial ecosystem to

219、 identify the challenges in the OSS supply chain and share ideas on how to mitigate risk and enhance resil-ience.Both the Linux Foundation and OpenSSF participated in this meeting.As a follow-up,the OpenSSF hosted the Open Source Software Security Summit II in May,bringing together over 90 executive

220、s from 37 companies and U.S.government leaders to reach a consensus on critical actions to improve the resiliency and secu-rity of OSS.During Summit II,the OpenSSF released the Open Source Software Security Mobilization Plan and announced$30 mil-lion in pledges to improve OSS security.The Mobilizati

221、on Plan outlines 10 streams of invest-ment to rapidly advance well-vet-ted solutions to make immediate improvements to OSS security worldwide and build a strong foundation for a more secure future.Throughout 2022,the OpenSSF community has acted on the Mobilization Plan and will continue to do so int

222、o 2023 and beyond.OpenSSF launched the Alpha-Omega Project.The“Alpha”portion improves global OSS supply chain security by work-ing with project maintainers to improve the security posture of their projects.The“Omega”portion systematically looks for new,as-yet-undiscovered vul-nerabilities in open so

223、urce code and fixes them.Alpha-Omega issued a total of$1.5 million in grants to the OpenJS Foundation in support of Node.js,the Eclipse Foundation,the Python Software Foundation,and the Rust Foundation.For example,the funding to the Rust Foundation is for enhanced security,includ-ing a threat model

224、of the Rust ecosystem and an assessment of the security of the Rust build/deployment infrastructure.1 Sigstore has continued to see massive contributions and adop-tion to sign,verify,and protect OSS,emphasizing improving the integrity of the software supply chain and reducing the friction developers

225、 face regarding imple-menting security within their daily work.In June 2022,soft-ware developers,DevOps engineers,security engineers,and software maintainers could take the new free course on Securing Your Software Supply Chain with Sigstore.In developers of critical open source projects pursuit of

226、en-couraging the wider adoption of multi-factor authentication(MFA),the OpenSSF Technical Advisory Council publicly sup-ported,in strong terms,the various efforts to increase the use of MFA in various organi-zations.2 The Securing Critical Projects Working Group(WG)coordinated the distribution of 37

227、LINUX FOUNDATION ANNUAL REPORT 2022SOFTWARE SUPPLY CHAIN SECURITYhundreds of codes for free MFA tokens to developers of the 100 most critical open source projects in 20212022 in what was known as the“Great MFA Distribution.”The Best Practices for Open Source Developers WG increased aware-ness and ed

228、ucation of security best practices through improvements in its free Developing Secure Software Training Course.This is now available through the Linux Foundation Training&Certification platform,on edX,and on various organizations Learning Management Systems,and it has had over 8,000 enrollments.The

229、course was updated this year to address the attacks that have recently become more prominent(per the CWE Top 25 and OWASP Top 10),as well as adding material to cover topics such as securing systems that use machine learning.It also released Concise Guides on Developing More Secure Software and Evalu

230、ating Open Source Software and provided an npm Best Practices Guide for those using the popular npm package manager.The OpenSSF Best Practices badge now has over 5,000 participating projects and over 850 passing projects.The Best Practices WG released new Scorecards features,such as a GitHub Action

231、and REST API,added security checks,scaled-up scans of the open source ecosystem,and badges.Over 1,600 repositories use Scorecards to incorporate best practices into their software development lifecycle for continuous improvement.The Vulnerability Disclosures WG unveiled the next evolution in improvi

232、ng open source coordination of vulnerability disclosures by crafting a new guide focused on the security researcher or Finder persona with a Guide for Security Researchers to Coordinate Vulnerability Disclosures with Open Source Software Projects.A key component of the Mobilization Plan is using a s

233、oftware bill of materi-als(SBOM)as a foundational building block to improve the security posture of the open source ecosystem known as SBOM Everywhere.The SBOM Everywhere Special Interest Group(SIG)sprang up under the Security Tooling WG,and its first effort was to fund work on an SPDX Python librar

234、y to support SBOM creation and processing.OpenSSF General Manager Brian Behlendorf,second from right,appears alongside executives from the Linux Foundation,IBM and Microsoft.Open Source Security Summit II38LINUX FOUNDATION ANNUAL REPORT 2022SOFTWARE SUPPLY CHAIN SECURITY The Security Tooling WG also

235、 released Fuzz Introspector.Many development workflows have come to rely on fuzzing,an auto-mated technique for finding bugs by feeding unexpected inputs into software with the intent to trigger crashes or other prob-lems.Fuzzing plays an important role in vulnerability discovery.However,today fuzzi

236、ng often hits roadblocks(“blockers”)that prevent effective fuzzing of some code areas.Fuzz Introspector provides actionable insights for developers to identify fuzzing coverage blockers so they can be resolved,with the goal of(1)improving projects that use fuzzing and(2)improving fuzz-ers themselves

237、(by helping tool developers understand current problems).3 The OpenSSF Supply Chain Integrity WG continues to work on refining the Supply chain Levels for Software Artifacts(SLSA)(pronounced“salsa”).This is a checklist of standards and controls to prevent tampering,3https:/openssf.org/blog/2022/06/0

238、9/introducing-fuzz-introspector-an-openssf-tool-to-improve-fuzzing-coverage/improve integrity,and secure packages and infrastructure.A draft is already public,and work continues to refine it for a“version 1.0”release.The working group also began work on the comple-mentary Secure Supply Chain Consump

239、tion Framework (S2C2F)to further develop and continuously improve the S2C2F guide.This guide outlines and defines how to securely consume OSS dependencies into the developers workflow.The OpenSSF added two new WGs.The Securing Software Repositories WG“provides a collaborative environment for alignin

240、g on introducing new tools and technologies to strengthen and secure soft-ware repositories.”The End Users WG“represents the interests of public and private sector organizations that primar-ily consume open source rather than produce it.”OpenSSF hosted OpenSSF Days in Austin and Dublin at both OpenS

241、SF Day,OSS NA 2022,AustinSecurity is always a primary concern and priority for companies and projects,and when there is a significant dependency on open source,it can cause anxiety.LAPTOP PHOTO THISISENGINEERING:UNSPLASH39LINUX FOUNDATION ANNUAL REPORT 2022SOFTWARE SUPPLY CHAIN SECURITYOpenSSF Day,O

242、SS 2022 EuropeMaintainers POV“I am a maintainer for Sigstores Rekor and Cosign projects.Ive also been working on making the public Rekor and Fulcio services generally available.There were a few reasons I chose to become involved.First,I found the mission of Sigstore compelling,and I wanted to work o

243、n a project that I thought was focusing on important and fulfilling work.Supply chain security is a huge problem,and theres a lot of work to be done;I thought Sigstore could have a huge impact.I also liked that it was an open source project to make security easier for everyone.The other major reason

244、 I wanted to get involved was the community.The Sigstore community has been so welcoming and fun to work with,and it really made my Sigstore experience a positive one.”Priya Wadhwa,Software Engineer,ChainguardOpenSSF Day,OSS 2022 EuropeOpen Source Summits North America and Europe,bringing together t

245、he open source community to discuss the chal-lenges,big-picture solutions,ongoing work,and successes in securing the OSS supply chain.It is also hosting upcoming OpenSSF Days in China and Japan.OpenSSF GM Brian Behlendorf testified to the U.S.House of Representatives Committee on Science,Space,and T

246、echnology about the work being done within the OpenSSF and broader OSS community to improve the security and trustworthiness of OSS.40LINUX FOUNDATION ANNUAL REPORT 2022SOFTWARE SUPPLY CHAIN SECURITYThe OpenChain projects core mission is to build trust in the supply chain.The ISO/IEC OpenChain Speci

247、fication 5230:2020 is the International Standard for Open Source Compliance and builds trust in that domain.The next step is identifying the key requirements of a quality open source security assurance program.In October,we released version 1.0 of the OpenChain Security Assurance Specification,which

248、 results from over one year of work throughout the global OpenChain community.It applies to an open source management activity related to security compliance.We regard this as adjacent but different to license compliance.Initially,the scope of this specification is limited to ensuring that an organi

249、zation vets open source with regard to known publicly available security vulnerability issues(e.g.,CVEs,GitHub dependency alerts,and package manager alerts).The security assurance specifications scope may grow over time based on community feedback.We will proceed to the ISO/IEC JTC-1 PAS submission

250、with an estimated completion date of mid-2023.In the meantime,our security assurance specification is ready for market adoption as a de facto standard.Software Package Data Exchange(SPDX)One key issue in improving software supply chains is improving software transparency through SBOMs.The Linux Foun

251、dation has been a key player in this effort through its development of Software Package Data Exchange(SPDX),including work to make it an ISO standard in 2021.Work is ongoing to develop SDPX version 2.3.SPDX 2.3 includes improved interoperability with other exchange formats,including adding fields to

252、 record the purpose of a package and adding support for more hash algorithms.SDPX 2.3 also adds new relationship types(to explain links between elements further),new time information fields,and added ways to refer to external materials.IMAGE BY PETE LINFORTH:PIXABAYOpenChain41LINUX FOUNDATION ANNUAL

253、 REPORT 2022SOFTWARE SUPPLY CHAIN SECURITYRelated security activities at the Linux FoundationEach Linux Foundation project is responsible for developing secure software for its own users,as projects such as OpenSSF cannot rewrite all their software.However,the Linux Foundation works to help its foun

254、dations and projects to achieve this,including sharing materials developed by other groups.Some foundations,such as the Cloud Native Computing Foundation(CNCF),have their own groups that specifically focus on security issues for their domain.We intend to continue to encourage collaboration between f

255、oundations and projects as we work to counter attackers.Internet Security Research Group(ISRG)ISRGs Lets Encrypt project provides free,automated TLS certificates to over 300,000,000 websites.The project continues to thrive,with an excellent record of security and stability.This year,Lets Encrypt spe

256、arheaded a new industry feature that makes early certificate renewal seamless and automated.This feature will improve the agility and resilience of Lets Encrypt for the billions of people who rely on it every day.ISRG also operates a privacy-preserving metrics service called Divvi Up.This project ai

257、ms to dramatically improve the privacy of data collected by web and mobile applications by aggregating and anonymizing it.In 2023,Divvi Up expects to finalize its underlying protocols as an industry standard and bring on initial subscribers.Prossimo is the third project run by ISRG.It focuses on bri

258、nging memory safety to the Internets most critical infrastructure.The project made significant code contributions over the past year to improve memory safety on the Internet,ending the year with Rust support being merged into the Linux kernel and completing a memory-safe NTP client and server implem

259、entation.PHOTO BY MAREK PIWNICKI:UNSPLASHPHOTO BY PIXABAY:PEXELS42LINUX FOUNDATION ANNUAL REPORT 2022LF Research:Measuring the impact of open source innovation Since launching in 2021,LF Research has published a suite of in-depth reports exploring all aspects of open source.Using best practices in e

260、mpirical methodologies,LF Research offers deep data analysis and a richer perspective into the communitys current trends,challenges,and opportunities,delivering actionable insights that support future open source strategy formation.IMAGE BY CHRIS TURGEON:UNSPLASH43 LINUX FOUNDATION ANNUAL REPORT 202

261、2LF RESEARCH:MEASURING THE IMPACT OF OPEN SOURCE INNOVATION2022:A year of insightsThanks to the participation of developers,community leaders,and member organizations in the research development process,initial LF Research publications provide new evidence to support the open source innovation oppor

262、tunity and create an exciting new channel to engage stakeholders.The scope,reach,and impact of open source project communities is all around us,captured by LF Research deliverables and accessible on the newly designed LF Research home page.During the past year,we have published more than two dozen r

263、eports and research newsletters,each of which describes how open source drives innovation and adds value.Focusing on people:Maintainership and mentorshipAmong our core and project-focused research efforts are new studies exploring our most important resource:The people at the helm of open source pro

264、ject communities.These people include maintainers,who not only make critical decisions that impact security,velocity,and innovation in open source but whose participation in mentorship and other volunteer programs helps to nurture the committers and maintainers of tomorrow.The Linux Foundation has l

265、ong valued broadening the understanding of open source contributor dynamics,notably with the recent FOSS Contributor Survey report in partnership with PHOTO BY MANUEL-MEURISSE:PEXELS44LINUX FOUNDATION ANNUAL REPORT 2022LF RESEARCH:MEASURING THE IMPACT OF OPEN SOURCE INNOVATIONthe Laboratory of Innov

266、ation Science at Harvard(LISH)and the 2021 report on Diversity,Equity,and Inclusion in Open Source.The key findings from these reports inspired further research into the critical role that open source developers play in securing software supply chains and creating and sustaining high-impact innovati

267、ons and communities.In 2022,LF Research launched several maintainer-and committer-centric research studies to explore how we can better support the“super coders”across open source project communities.In the process,we hope to inspire a new cohort of participants to follow in their footsteps,learning

268、,growing,and thriving along the way.Below are a few examples of people-centric research.Addressing Cybersecurity Challenges in OSS:This study,launched in partnership between LF Research,the OpenSSF,Snyk,the Eclipse Foundation,CNCF,and the CI/CD Foundation,iden-tifies security challenges in OSS.The p

269、roject began with a series of candid interviews with OSS maintainers and contributors.Thanks to the involvement of many survey distribution part-ners,insights were derived from more than 500 survey respon-dents.The result is a deep dive into critical software security development challenges,includ-i

270、ng at the organizational level,where policies requiring security protocols are in short supply and dependencies are often not effectively managed.Critical Maintainers in Open Source:Motivations,Community Dynamics,and Challenges(4Q2022).What makes a successful maintainer?Can a set of best practices b

271、e identified and codified,and how can the open source community best support their implementa-tion?A current study on“critical main-tainers”is set to answer these questions and more.This project will reveal insights derived from a series of qualitative interviews conducted with 25 maintainers and si

272、gnificant project contrib-utors at the helm of the most critical open source projects,many of which were identified in the Census II report published in collaboration with the LISH.The findings reveal maintainer motivations,describe how their communities and projects func-tion,identify the problems

273、they experience,and share valuable lessons learned.Mentorship in Open Source:Exploring the Intrinsic,Economic,and Career Values of Open Source Mentorship Programs(4Q2022).This upcoming report investigates how mentorship programs influ-ence the recruiting,onboarding,and nurturing of the next gener-at

274、ion of open source developers,some of whom will go on to be-come future project maintainers.It explores challenges related to the succession of open source maintainers,explains how we can improve the health of OSS projects by increasing diversity within our developer commu-nities,and demonstrates th

275、e myriad benefits(and some of the challenges)associated with mentorship programs for mentees and mentors alike.Encouragingly,we see clear patterns in how successful projects and their maintainers recruit and manage contributors,structure project governance,address security practices and challenges,a

276、nd nurture overall project health.Focusing on priority issues:Core research projects Core research examines all strategic issues of importance across the Linux Foundation.Below are the highlights from 2022.World of Open Source:Europe Spotlight 2022.In this inaugural,geographically focused study,the

277、Linux Foundation and its partners examine the priorities and challenges of open source specific to Europe.It describes the“state of open source”across the European continent,45LINUX FOUNDATION ANNUAL REPORT 2022LF RESEARCH:MEASURING THE IMPACT OF OPEN SOURCE INNOVATIONexamining the current activity

278、levels through consumption and contribution,inhibitors,motiva-tors,and opportunities.The 10th Annual Open Source Jobs Report.This report con-tains practical information on the state of open source talent that employers may use to guide their hiring,training,and diver-sity awareness efforts.It also p

279、rovides IT professionals with clear,unbiased insights into the most marketable skills.Census II of Free and Open Source SoftwareApplication Libraries.Produced in partner-ship with the LISH and OpenSSF,Census II is the second investiga-tion into the widespread use of Free and Open Source Software(FOS

280、S).The report provides insights to identify the most common FOSS packages at the application library level.This facilitates prioritizing resources to address security issues in the most widely used software.The Census II utilizes 500,000 aggregated data observations of FOSS in production application

281、s at thousands of companies,thanks to our Software Composition Analysis partners Snyk,the Synopsys Cybersecurity Research Center,and FOSSA.The State of SBOM and Cybersecurity Readiness.Produced in partnership with SPDX,OpenChain,and OpenSSF,this research reports on the extent of organizational SBOM

282、readiness and adoption and its significance in improving cybersecurity throughout the open source ecosystem.The study follows in the wake of the U.S.Administrations Executive Order on Improving the Nations Cybersecurity and the disclo-sure of the most recent and far-reaching Log4Shell security vulne

283、rability in Log4j.Its timing coincides with increasing global recognition of the importance of identifying software compo-nents and helping accelerate the widespread implementation of cybersecurity best practices to mitigate the impact of software vulnerabilities and security de-velopment gaps and c

284、hallenges.In our sample,it was found that 90%of organizations have start-ed their SBOM journey.People-powered innovation within industry verticalsAs every vertical industry becomes increasingly software-defined,LF Research has an important role to play to illustrate the impact of OSS within this tra

285、nsformation.Recent studies illustrate the specific role that sector leaders and decision-makers play in creating shared value for all industry competitors.The two reports below highlight experiences from the energy and motion picture industries.Paving the Way to Battle Climate Change:How Two Utiliti

286、es Embraced Open Source to Speed Modernization of the Electric Grid.This inaugural energy report describes how two large European distribution and transmission systems opera-tors,the Netherlands Alliander and Frances RTE,adopted and contributed to three significant LF Energy projects,SEAPATH,CoMPAS,

287、and OpenSTEF,to make Of organizations using SBOMs today,74%produce AND consume SBOMs.#1 ACTION:Get a vulnerability reporting systemin order to better secure your software supply chain.When producing SBOMs.#1 BENEFIT:Developers better understand dependencies.When consuming SBOMs.#1 BENEFIT:Better sup

288、port for compliance and reporting.From The State of Software Bill of Materials(SBOM)and Cybersecurity Readiness report46LINUX FOUNDATION ANNUAL REPORT 2022LF RESEARCH:MEASURING THE IMPACT OF OPEN SOURCE INNOVATIONtheir electrical substations more modular,interoperable,and scal-able and alleviate the

289、 challenges associated with less predictable renewable energy sources.It provides a pathway for others in the energy sector to follow to speed up the digitalization of our worlds power systems.Open Source in Entertainment:How the Academy Software Foundation Creates Shared Value.Everyone loves a good

290、 story!This research project tells the story of the formation of the Academy Software Foundationhow it came to be,where it came from,what it has achieved so far,and where it aims to go next.It is a story about engineers and leaders who collectively generate value by developing critical open source s

291、oftware that powers many entertainment,gaming,and media industry productions and the open standards needed for growth.It is a powerful example of competitors collaborating on open source projects.The State of Open Source in Financial Services Report 2022(4Q2022).Produced in partner-ship with FINOS,S

292、cott Logic,Wipro,and GitHub,the second annual release of this report ex-plores the state of open source in the financial services sector.It identifies current levels of consumption and contribution of open source software and standards in this industry and the governance,cultural,and as-pirational i

293、ssues of open source among banks,asset managers,and hedge funds.Focusing on technology trends:Research from Linux Foundation projectsIn the reports in partnership with Linux Foundation projects,we examine the hottest trends in tech and how the communities behind open source software development and

294、open standards are prime innovators,force multipliers,and continual disruptors.AI and Data in Open Source:As with other industries,OSS adop-tion in the AI field has increased the use of open source in prod-ucts and services,contributions to existing projects,the creation of projects fostering collab

295、ora-tion,and the development of new technologies.This report reviews critical challenges in the open source AI ecosystem,dis-cusses common characteristics across AI and data projects,and presents the role of the LF AI&Data Foundation in empowering innovators and accelerating open source development.

296、The Carbon Footprint of NFTs:Not All Blockchains Are Created Equal:Produced with Palm NFT Studio and the Hyperledger Foundation,this report lays out key climate-related barri-ers to NFTs and suggests some concrete strategies for embrac-ing and building on the exciting innovations that NFTs enable.Ad

297、opting these strategies may unlock new opportunities for global collaborations and partnerships for impact through responsible and potentially beneficial approaches to climate solutions.From telling the story of how open source is transforming the motion picture industry to exploring standards and b

298、est practices to create more secure software supply chains,2022 solidified the role of LF Research to provide data-driven insights that broaden the understanding of the impact of open source projects worldwide.We would like to thank all those in the open source ecosystem who participated in our rese

299、arch efforts this year.Your contributions have helped LF Research collectively build and grow a valuable“knowledge network”for all stakeholders across the Linux Foundation community.47LINUX FOUNDATION ANNUAL REPORT 2022LFXSupporting data-driven open source project growth and enabling digital transfo

300、rmation.IMAGE BY MATTHEW MONTRONE:PEXELS48 LINUX FOUNDATION ANNUAL REPORT 2022According to the Business Research Company,the global open source services market is expected to grow from$24.63 billion in 2021 to$30.57 billion in 2022 at a compound annual growth rate(CAGR)of 24.1%.Open technologies are

301、 mission-critical,and so is the need to manage an enterprises open source presence,including code contributions,project participation,governance roles,and legal processes such as Contributor License Agreements.Securing the open source supply chain and all of the projects incorporated in company infr

302、astructure and products is crucial in deciding which open source projects to support.Organizations require accurate and detailed metrics on community health to make informed decisions on which open technologies to consume and invest in.For open source projects,foundations like the Linux Foundation h

303、ave become the medium for cross-platform collaboration and building sustainable project technologies and communities.To best support the 500K+contributors and the organizations supporting them,we created LFXa modular,extensible,and API-driven digital toolkit to grow,manage,secure,and build open sour

304、ce technologies.Already,750+open source projects have been onboarded to the LFX platform,leveraging the data sources and tools the developer communities already use.In building these tools for open source project communities,we helped drive our digital transformation.LFX has enabled us to have bette

305、r integration across all of our services(events,training,certification,projects,and IT)and automate or reduce the complexity of many day-to-day responsibilities.LAPTOP PHOTO BY BEN KOLDE:UNSPLASH“Organizations require accurate and detailed metrics on community health to make informed decisions on wh

306、ich open technologies to consume and invest in.”49LINUX FOUNDATION ANNUAL REPORT 2022In 2022,the LFX team:Released the second version of Insights,which provides a contextualized view of project ecosystems,including contribu-tion trends and analytics.Introduced the ability in Individual Dashboard to

307、collect and display maintainer badges simply by connecting a GitHub account.Released the first version of Community Management to help projects build healthy and engaged communities.Launched a new Open Source Program Office(OSPO)dash-board for managing employees in Organization Dashboard,where you c

308、an better visualize your entire open source project investment and impact.Made substantial improvements to meeting and committee management in Project Control Center(PCC),a unified control plane for managing open source project operations.Completed the cross-platform integration and migration to a d

309、ata lake infrastructure.What can you expect from LFX in 2023?In addition to supporting more connectors like StackOverflow,Twitter,and StackShare,launching the next version of Mentorship,and introducing searchable community profiles,we are working with OpenSSF on the Risk Assessment and Data Sharing

310、projects as a part of the OSS Security Mobilization Plan.We will also be opening up Project Control Center to community members,and,most importantly,onboarding open source projects that arent hosted at the Linux Foundation to Insights.Learn more about LFX at lfx.linuxfoundation.org.LFX Insights:Proj

311、ect TrendsLFX:MentorshipLFX:Crowdfunding50LINUX FOUNDATION ANNUAL REPORT 2022Mentorship and diversityWere committed to making a difference.We believe that,by empowering people,offering enriching learning opportunitiesstructured and unstructuredand helping to build diverse communities that develop op

312、en source code,we can improve the state of the open source ecosystem.We aim to make it healthy and sustainable for future generations.IMAGE BY MAREK PIWNICKI:UNSPLASH51 LINUX FOUNDATION ANNUAL REPORT 2022MENTORSHIP AND DIVERSITY52LINUX FOUNDATION ANNUAL REPORT 2022LFX Mentorship We started LFX Mento

313、rship in 2019 with just three new developers.We have come a long way since then.We continue to get feedback on our programs and improve them based on that feedback.We started offering unpaid mentorships this year based on the feedback we received to enable participation by individuals who cannot rec

314、eive stipends.This also allows us to scale the program further without additional funding.We are exploring offering short-term mentorship programs to meet the needs of developers with limited time and those wanting to focus on a specific area or educational need.As we look back at the year,LFX Mento

315、rship will wrap up 2022 with more than 30 new Linux kernel developers and more than 240 new open source developers across all LFX projects.CNCF leads this group,with over 104 graduates.In 2022,we received 6,852 applications,the vast majority coming from outside the United States.Our mentorships prim

316、arily went to younger applicants.This is expected,as mentorships aim to benefit those early in their careers,and the vast majority of applicants are relatively young.We enjoyed great geographic diversity across our mentees,with a high concentration of participants coming from India.By launching Linu

317、x Foundation Europe and working to expand in other regions,we hope to increase geographic diversity even further.Mentorships are useful for engineers of any education level.Understandably,our mentors concentrated on serving undergraduate students,who are most likely to seek internships and other opp

318、ortunities that further their chances of employment upon graduation.The Linux Foundation seeks to mentor engineers and students from a wide array of socioeconomic backgrounds.We are pleased to report that more than 70%of our mentorship program participants this past year were from low socioeconomic

319、backgrounds.Open source developers can counter income inequality,and LFX Mentorship certainly contributes to that ideal.We continue to work on increasing applications from women and people whose races are historically underrepresented in technology.Diversity comes in many forms,and diversity in LFX

320、Mentorship is important.It creates widely acknowledged benefits within the open source community,Open Source Summit North America,June 2022MENTORSHIP AND DIVERSITY53LINUX FOUNDATION ANNUAL REPORT 2022and it brings opportunities to a greater range of people.While weve seen some improvement in the par

321、ticipation of women since the programs inception(17%of applicants in 2019 compared with 20.1%of applicants in 2022),wed like to see a more significant increase in 2023.In summary,we are proud of the work accomplished by LFX Mentorship thus far and the opportunities it has created for a diverse set o

322、f folks around the globe.We are striving to improve in various ways and look forward to sharing more next year on what we hope to accomplish in 2023.We thank all our mentors for taking the time to share their knowledge and expertise.Your contributions are invaluable,and your leadership is foundation

323、al.Mentorship and EventsThe LFX Mentorship and LF Events teams continued their collaboration with open source community experts in 2022 to provide unstructured,free,and accessible online education and learning opportunities through the LF Live Mentorship Series.The series provides expert knowledge a

324、nd valuable interactive discussion across various topics related to the Linux kernel and other OSS projects.A total of 12 sessions were held throughout the year,with an average live attendance of 100 people per session.Included in these was a five-part series on Rust.This is a timely resource as Rus

325、t grows in popularity and Mentorship applicants by income levelLower Middle Class 52.9%Working Class 17.6%Upper Middle Class 16.1%Chose not to provide information12.6%Upper Class 0.8%Mentorship applicants by genderMale 77%Female 20%Chose not to provide information 1.9%Nonbinary 0.8%Mentorship applic

326、ants by age20 to 39 years old 79.1%Less than 20 years old 19.4%40 to 60 years old 1.1%Chose not to provide information 0.3%61 years or older 0.1%Some College 64%College 23.3%Some High School 7.6%Mentorship applicants by countryIndia 70%All other countries 10.2%USA 7.3%Nigeria 4.7%China 3.6%Pakistan

327、1.9%Canada 1.2%Egypt 1.2%Mentorship applicants by educational levelSome College 64%College 23.3%Some High School 7.6%Masters 4.1%Chose not to provide information 0.8%Ph.D.0.2%MENTORSHIP AND DIVERSITY54LINUX FOUNDATION ANNUAL REPORT 2022becomes a supported language in the Linux kernel 6.1 release.We

328、thank the Rust maintainers for taking the time to provide this valuable resource.In January 2022,we held our first LFX Mentorship Showcase to connect our graduates with prospective employers from our member companies.In this virtual event,28 mentees shared their accomplishments with other attendees

329、and attending employers.There are many open source jobs,and employers are always looking for talent.Additionally,this event allowed us to thank our mentors,who shared their knowledge to train this new talent.Some of our mentors do this in their spare time,helping others with no expectation of thanks

330、.We hope to make this an annual event and are already planning for the next mentorship graduate showcase to be held in January 2023.In-person speed mentoring sessions returned at our flagship Open Source Summit North America and Europe conferences this year,where over 40 community members sat down w

331、ith community veterans to ask questions and receive mentorship on technical,community,and career topics.“If you want to walk far,walk together.”As we talk about the stats and numbers,lets not lose sight of the big picture.Its all about the following:Making a difference and empow-ering people by offe

332、ring enrich-ing learning opportunities,both structured and unstructured.Paying them to learn while mak-ing the resources available for free and accessible to all.Developing new talent and making it available to the open source ecosystem.Helping to build diverse communities that continue developing o

333、pen source code to keep our ecosystem healthy and sustainable.It is a long road,and we plan to walk together with the gradu-ates,mentors,and experts in our communities for many years and many miles(or kilometers).Open Source Summit North America,June 2022MENTORSHIP AND DIVERSITY55LINUX FOUNDATION ANNUAL REPORT 2022Diversity,equity,and inclusion effortsA richness of diversityincluding people from a