Git Product home page Git Product logo

Hi there 👋 | Olá!

  • 😄 Pronouns: She/Her.
  • 🇧🇷 I am Brazilian! Born at Natal/RN but raised at Rio de Janeiro.
  • 🔭 I’m working at Google on Google Open Source Security Team (GOSST).
  • 🏫 Graduated in Computer Science at UFRJ.
  • 💻 My favorite programing languages are: Python, Ruby on Rails, Angular and C#.
  • 🌱 My next learning objectives are Japanese and French.
  • 📫 How to reach me: You can send me an email at [email protected].
  • ⚡ Fun fact: I love books, videogames, animes and mangas.

About GOSST 👻

GOSST was created in response to the increasing supply-chain attacks on projects that consume open-source code. It works along with the Linux Foundation's Open Source Security Foundation (OpenSSF) to improve the security of the open-source ecosystem. GOSST and the OpenSSF develop solutions to make open-source software safer at scale. See here for info on Google's open-source initiatives.

I'm part of a GOSST sub-team responsible for working hand-in-hand with the open-source community. We focus on helping individual critical projects increase their security. Our goals are to:

  • develop specific approaches for each project;
  • suggest solutions or enhancements that fit the project's needs and don't overburden maintainers;
  • talk with maintainers about our suggestion or about any other solutions they might prefer;
  • implement the changes and submit them as PRs;
  • collect all feedback to be shared with the rest of GOSST and the OpenSSF.

Security Solutions

See below some of the tools developed by GOSST and the OpenSSF:

  • Scorecard: automated checks to evaluate a project's security practices and suggest improvements as needed;
  • SLSA (pronounced "salsa"): a standard and protocol to ensure an artifact's provenance, guaranteeing it comes from the expected location and process. This aims to prevent tampering and improve the integrity of infrastructure and consumed packages;
  • Sigstore: keyless signing and verification of artifacts;
  • OSS-FUZZ: automated fuzzing at scale;
  • OSV: a human- and machine-readable database of vulnerabilities that maps affected software versions across open source ecosystems;
  • GUAC: graph database of security metadata (in development).

Joyce's Projects

addons icon addons

Useful extra functionality for TensorFlow 2.x maintained by SIG-addons

analise-respostas-sobre-robotica icon analise-respostas-sobre-robotica

Análise sobre as respostas do formulário https://docs.google.com/forms/d/e/1FAIpQLSctUPMWDoSIW-JMDTUPeENxO-zV8hgt2E73XP2uUndtVFHv4g/viewform

antlr3 icon antlr3

antlr v3 repository (pulled from p4 with history from //depot/code/antlr/antlr3-main

appscoutweb icon appscoutweb

A version web of the AppScout. It provides functionalities to create scout games and prepare scout activities in a easy and colaborative way

asteroids icon asteroids

Desenvolvimento do jogo Asteroids em java como forma de aprendizado da linguagem

aula-vs-dormir icon aula-vs-dormir

Um jogo de tap cujo objetivo é sobreviver ao semestre letivo em uma escola/faculdade

autogpt icon autogpt

AutoGPT is the vision of accessible AI for everyone, to use and to build on. Our mission is to provide the tools, so that you can focus on what matters.

backoff icon backoff

⏱ The exponential backoff algorithm in Go

byte-buddy icon byte-buddy

Runtime code generation for the Java virtual machine.

cosmos-sdk icon cosmos-sdk

:chains: A Framework for Building High Value Public Blockchains :sparkles:

cython icon cython

The most widely used Python to C compiler

dateutil icon dateutil

Useful extensions to the standard Python datetime features

decimal.js icon decimal.js

An arbitrary-precision Decimal type for JavaScript

demangle icon demangle

C++ symbol name demangler written in Go

distribution icon distribution

The toolkit to pack, ship, store, and deliver container content

distroless icon distroless

🥑 Language focused docker images, minus the operating system.

double-conversion icon double-conversion

Efficient binary-decimal and decimal-binary conversion routines for IEEE doubles.

dummy-project icon dummy-project

Dummy project to test publishing a npm package with provenance

dw-inference icon dw-inference

Reference implementations of MLPerf™ inference benchmarks

envoy icon envoy

Cloud-native high-performance edge/middle/service proxy

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.