Maintainers of Last Resort
9 days ago
- #Open Source
- #Go Programming
- #Security
- Geomys is an organization of professional open source maintainers focused on critical Go projects.
- They maintain parts of the Go standard library cryptography and fund projects like x/crypto/ssh and staticcheck.
- Geomys acts as maintainers of last resort for unmaintained, security-relevant Go projects.
- Examples include taking over bluemonday HTML sanitizer and addressing vulnerabilities in gorilla/csrf.
- Geomys is sustainably funded through retainer agreements, allowing them to contract external help.
- For gorilla/csrf, they introduced a new standard library middleware and drop-in replacements.
- Geomys is sponsored by companies like Smallstep, Ava Labs, Teleport, Tailscale, and Sentry.