The Census II analysis and report represent important steps towards understanding and addressing structural and security complexities in the modern day supply chain where open source is pervasive but not always understood.
Census II identifies the most commonly used free and open source software (FOSS) components in production applications and begins to examine them for potential vulnerabilities, which can inform actions to sustain the long-term security and health of FOSS.
This is the next step of many that is intended to inform new tools and standards that can support the trusted and transparent creation, distribution, and consumption of open source software.
