Maintainers play a vital role in the OpenSSF and the Linux Foundation and we think you should get a chance to meet some of the amazing individuals powering open source software (OSS) security initiatives. Over the next few weeks we’ll be featuring maintainers and contributors and hearing how they came to the community, what their experiences have been like, and what advice they have for others.
Meet Naveen Srinivasan, Software Engineer, Endor Labs
Naveen Srinivasan is a software engineer at Endor Labs. He was awarded the Google Open Source Peer Bonus Award in 2021 and 2022 for his contributions to Open Source Software (OSS). He maintains a few OSS projects.
How are you involved in the OpenSSF?
I am a contributor and maintainer across a few OpenSSF projects including Scorecards. I am speaking at the Linux Foundation Member Summit this week on Do You Know the Health of Your OSS Dependencies?
Why did you choose to become involved?
I strongly believe in security and privacy. Blindly trusting external OSS software was always an issue for me. I have read the paper “Reflections on Trusting Trust” and in Dec 2020, during my winter break, I read a blog post from Kim Lewandowski on Scorecards and how Envoy is using it to secure the supply chain which lead me to my first PR in scorecard.
Tell us about your experience being a maintainer.
I actively contribute to several OpenSSF Projects. Without the OpenSSF community’s support and welcome, I couldn’t have done it. Abhishek Arya and Dan Lorenc invited me to become a maintainer after a few contributions. That led me to contribute a lot to OpenSSF. A welcoming community is essential.
Why is being a maintainer important?
Contributing to open-source projects helps me learn new technology and ideas. The diversity in OSS helps a lot because everyone has similar intentions.
How has your educational and/or professional career led you here?
I learned to code as part of my education. I borrowed coding tools and combined them with my love for software security. I always like taking things apart to understand how something works, and I could never trust software without understanding its origin. So I started digging further into this hole (untrusting soul that I am). When I realized I could work on this in open source, I jumped right in. I have loved being part of this community ever since.
What makes being a maintainer rewarding for you?
I love the green squares that show on my GitHub contributions page.
What advice do you have for others?
Most projects welcome contributions of tests. That’s usually the best way to start. Everyone should feel free to ask questions.
Tell us something interesting about yourself.
I recently visited the Big Island, Hawaii, and trekked through Pololū valley. The coconut trees on the Island reminded me of my youth. Fun fact: I grew up in a coastal city and used to climb coconut trees as a teenager. I love to read, and my Twitter stream is usually about the books I read.
To meet other individuals featured in this series, check out our Meet a Maintainer and Contributor Q&A feed as we continue to shine the spotlight on our awesome maintainers and contributors.