Stimson：2025年确保开放的边界：开源安全的自愿标准报告（英文版）

Open-source software (OSS) is incorporated deeply into our digital ecosystem, across functions ranging from instant messaging to critical infrastructure. Though OSS is not necessarily riskier than commercial software, OSS security is critical given its prevalence in our rapidly changing digital environment and the complexity of implementing cybersecurity guidelines in the OSS space. The decentralized nature of OSS development and of the open-source community itself poses unique challenges to