Giter VIP home page Giter VIP logo

Hi 👋

I'm Rose and I'm a Senior Open Source Engineer on the OSPO Supply Chain Security team at VMware. As part of my role there I maintain Tern, a container inspection tool that helps users better understand their container supply chain. I also focus a great deal on open source tooling for Software Bill of Materials (SBOMs) and how, as an ecosystem, we can generate and exchange SBOMs more efficiently. Prior to VMware, I worked on embedded Linux distributions at IBM.

Open Source

Most of my work revolves around open source. I'm a contributor to the SPDX Tech and Security specification and lead the SPDX Implementers working group. I'm currently the chair of the Automating Compliance Tooling Technical Advisory Council as well as the Chair of the SPDX Steering Committee and speak at Open Source conferences around the world. I sometimes write blogs for my employer about a variety of Open Source topics, too (Reproducible builds, anyone?). I was even lucky enough to have my open source journey profiled for the GitHub ReadME project.

Nonscholastic

When I'm not working from home you'll find me skiing ⛷️, running 🏃‍♀️, or riding my bike 🚴‍♀️ with my family.

Rose Judge's Projects

bom icon bom

A utility to generate SPDX-compliant Bill of Materials manifests

colin icon colin

Tool to check generic rules/best-practices for containers/images/dockerfiles.

go-vex icon go-vex

Go module to generate and transform VEX documents

governance icon governance

SPDX Governance, based on Community Specification model

kubernetes icon kubernetes

Production-Grade Container Scheduling and Management

meetings icon meetings

This repository stores minutes for the Tern project's community meetings

meetings-1 icon meetings-1

This repository stores meetings minutes for the SPDX project

purl-spec icon purl-spec

A minimal specification for purl aka. a package "mostly universal" URL, join the discussion at https://gitter.im/package-url/Lobby

sbom-composer icon sbom-composer

A tool that takes two or more microSBOMs and composes them into one distributable SBOM

sbom-know-how icon sbom-know-how

A documentation to bring SBOMs know-how into one place, including specifications, tools and useful references.

sigstore icon sigstore

Common go library shared across sigstore services and clients

spdx-spec icon spdx-spec

The SPDX specification in MarkDown and HTML formats.

syft icon syft

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

tac icon tac

Automating Compliance Tooling Project

tern icon tern

Open Source compliance for containers

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.