May 10-12, 2023 Vancouver, British Columbia, Canada + Virtual View More Details & Registration Note: The schedule is subject to change.
The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit North America 2023 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.
This schedule is automatically displayed in Pacific Daylight Time (UTC/GMT -8). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."
IMPORTANT NOTE: Timing of sessions and room locations are subject to change.
In this talk, I will take you on a journey to discover the critical dependencies in open-source software projects. You'll learn how to use criticality scores to identify the most critical dependencies, and I'll use Golang projects from the Open-Source Security Foundation (OSSF) as an example.
We'll start by locating all the dependencies in a project, then collect signals for these dependencies and calculate the criticality score based on these signals. You'll see how an algorithm can help us calculate this score and how you can tweak the algorithm to get different results. By the end of this talk, you'll have the power to easily find your most critical dependencies.
And let me tell you, as a 16-year-old high school sophomore contributing to this Criticality Score project, I'm thrilled to share my journey and show you how you can help the community find its most critical dependencies too! Join me on this exciting ride to unlock the full potential of Criticality Score.