FASTEN presented at FOSDEM 2022


FASTEN intelligent package management project presents at FOSDEM 2022 its latest advances

After three years of life, the project approaches the end of its funding period and was showcased online to hundred of developers at FOSDEM.

Paris, February 10, 2022  - OW2, the international community dedicated to develop and to promote an open source code base, announces the presentation of the FASTEN research project on OW2 virtual booth at FOSDEM, February 5-6, 2022, and in the Dependency Management Devroom, coordinated by OW2, FASTEN and external community partners, on Sunday February 6th all day.

FASTEN was already presented last year at FOSDEM 2021 in the Dependency Management Devroom. Following the success of this devroom and the “Software Composition Analysis” one, it was decided to join efforts and organize this year a single “Software Composition and Dependency Management” devroom. 

In a nutshell, FASTEN addresses OSS the security vulnerabilities encountered often in open source software. FASTEN analyzes software packages at a finer-grain level by producing an enormous network of software ecosystems. This allows giving vulnerability information at the method level. With this information, developers are notified when their code uses vulnerable methods, and hence they are more confident to update their dependencies. The said functionality is provided in famous package managers such as Maven and PyPI.

In addition to the FASTEN presentation, the FOSDEM Devroom included four panel discussions: 

    • Panel 1: Processing Dependencies and Compositions and Software
    • Panel 2: Dependencies for Vulnerability Discovery and Tracking
    • Panel 3: Creating SBOMs
    • Panel 4: Software Compositions and Dependency Tools

More than 100 participants joined the session online, which leads to intensive debates and experience sharing. 

The videos of the Software Composition and Dependency Management Devroom are available on the FOSDEM website.

To find more about FASTEN, please visit FASTEN website or Github dedicated space

About OW2
OW2 is an independent community dedicated to promoting open source software and to fostering a vibrant community and business ecosystem. OW2 federates 100+ organizations and 6000+ IT professionals world wide. OW2 hosts 100+ technology Projects, including: ADR App, ASM, AuthzForce, CLIF, DocDoku, FusionDirectory, GLPI, JORAM, Knowage, LemonLDAP:NG, Lutece, OCS Inventory, Petals ESB, Prelude, ProActive, Rocket.Chat, SAT4J, SeedStack, Sympa, Telosys, Waarp, WebLab and XWiki. 

About FASTEN project
The FASTEN project is developing an intelligent software package management system that will enhance robustness and security in software ecosystems. FASTEN addresses the operational and compliance risks associated to dependencies on networks of external open source software libraries. To solve these issues, FASTEN introduces a fine-grained, method-level, tracking of dependencies on top of existing dependency management networks. The project is developed by a consortium of seven partners and has received funding from the European Union’s Horizon 2020 research and innovation programme. The project started in January 2019 and will run until December 2021.