Attributing Open-Source Contributions is Critical but Difficult: A Systematic Analysis of GitHub Practices and Their Impact on Software Supply Chain Security

Authors:

Jan-Ulrich Holtgrave, Kay Friedrich, Fabian Fischer, Nicolas Huaman, Niklas Busch, Jan Klemmer, Marcel Fourné, Oliver Wiese, Dominik Wermke, and Sascha Fahl.

Venue:

Network and Distributed System Security Symposium (NDSS)

Date:

February 24, 2025

Type:

Conference publication