The Open Source Consumption Manifesto from OpenSSF aims to make the software industry more aware of its responsibility when it comes to ensuring the software supply chain remains secure and healthy.
The importance of open source software today cannot be overstated and its contribution to efficiency and innovation has been tremendous. But, as recent vulnerabilities and attacks show, including Log4j and Log4Shell, open source security is still an open issue and there is no unity about how to best achieve it.