Tools and datasets to support, sustain, and secure critical digital infrastructure
1 points by Mordo
1 points by Mordo
An impression: Oh, they also do funding coordination, which jurisdiction? → Terms: this is an agreement between the user and who on the other side?? → Oh GitHub says it’s Open Source Collective, let’s look at the email’s domain! → GoDaddy: domain oscollective.com for sale…
Privacy page discloses this is hosted by Open Source Collective in USA, though
GitHub location is set to UK
I think specifically for supporting critical infrastructure, the optics of mixing up which domain is the live one is unfortunate…
(Contact links going sometimes to Twitter and sometimes to Mastodon also give an impression of something only partially maintained)
Andrew goes through some of those issues in this interview in case you want to give it a listen https://opensourcesecurity.io/2025/2025-06-ecosystems_andrew_nesbitt/
I’d say the GitHub org profile gives a roughly right impressions of amount of OpenCollective involvement, but unfortunately a slightly wrong contact address! But indeed the interview explains the nature of involvement.