50 Free and Open Source Projects Selected for NGI Zero grants

Happy 2025 everyone! On this first day of the fresh new year we are happy to announce 50 project teams were selected to receive NGI Zero grants. We are welcoming projects from 18 countries involving people and organisations of various types: individuals, associations, small and medium enterprises, foundations, universities, and informal collectives. The new projects are all across the different layers of the NGI technology stack: from trustworthy open hardware to services & applications which provide autonomy for end-users.

The 50 free and open source projects were selected across two funds. 19 teams will receive grants from the NGI Zero Commons Fund, a broadly themed fund that supports people working on reclaiming the public nature of the internet. The other 31 projects will work within NGI Zero Core which focuses on strengthening the open internet architecture. Both funds offer financial and practical support. The latter consisting of support services such as accessibility and security audits, advice on license compliance, help with testing, documentation or UX design.

If you applied for a grant

This is the selection for the June call. We always inform all applicants about the outcome of the review ahead of the public announcement, if the are selected or not. If you have not heard anything, you probably applied to a later call that is still under review. You can see which call you applied to by checking the application number assigned to the project when you applied. The second number in the sequence refers to the month of the call, so 06 in the case of the June call. (It should not happen, but if you did apply to the June call and did not hear anything, do contact us.)

Meet the new projects!

(you can click or tap on the project name to fold out additional information)

Trustworthy hardware and manufacturing

• Hardware 2D graphics engine — Additional functionality and better performance for FPGA-based 2D video controller

  This project is to develop hardware accelerated 2D display controller boards for easily adding interactive user interfaces to single-purpose industrial and commercial machines.

  Traditionally, to make stand-alone machines and systems (i.e. not based on PCs but on custom computing boards), if developers need to provide a high resolution graphical user interfaces (GUI) they are offered only two inconvenient options: use a complex system like a Linux-capable single board computer, or limit performance to low resolutions that are unsuitable for medium to large displays. The latter case simply prevents successfully marketing those products, while the former requires a high degree of qualifications in embedded systems development, where the requirements are simple products like signage systems or vending machines.

  The controller boards (CPU and FPGA based, released as open hardware) are capable of loading previously stored images (lossy or lossless), plus movies, fonts and other resources required. The drawing commands are implemented with hardware acceleration on the FPGA board, using a custom C-to-hardware tool: CflexHDL, making it possible to use a fully open-source toolchain. Interactivity is achieved by the use of a USB host capable of handling mouse, keyboards and touchscreens. Displays of multiple kinds are supported by the use of PCB adapters, including: Analog VGA, DVI protocol (compatible with HDMI monitors), LVDS for direct connection to laptop replacement displays, among other options. The controllers can be used stand-alone (like a development platform) or be controlled by other systems like Arduino or similar boards.

  ▸ For more details see: https://nlnet.nl/project/2D-graphics-hardware

• Real Time Litex Extension — Real time capabilities for FPGA-based RISC-V core

  The Core-Local Interrupt Controller (CLIC) is a RISC-V standard extension that enhances real-time performance by enabling the prioritization of interrupts based on levels and priorities. This feature allows developers to have fine-grained control over interrupt prioritization, leading to more efficient handling of real-time events. In this project, we propose to replace the original interrupt controller of the VexRiscv based processor core family with CLIC. By implementing the CLIC, VexRiscv can efficiently propagate the highest-level, highest-priority pending interrupt to the core, significantly improving real-time responsiveness. The CLIC implementation also introduces features like selective hardware vectoring and the special register (xnxti CSR), which further optimize interrupt handling.

  ▸ For more details see: https://nlnet.nl/project/RealTime-Litex

• Tiliqua — Open audio DSP for FPGAs

  Tiliqua is an open-hardware DSP library and reference hardware design which aims to make it easier for musicians and engineers to get started in the world of audio DSP in the context of FPGAs. The Tiliqua DSP library is a suite of commonly-used audio DSP components, written in Amaranth HDL, that can be easily composed in Python to construct a custom FPGA-based DSP pipeline. The Tiliqua reference platform is fully compatible with open-source FPGA toolchains and designed to the Eurorack standard (the most popular hardware synthesizer format) lowering the barrier to entry for those with low/no hardware development experience.

  ▸ For more details see: https://nlnet.nl/project/Tiliqua

• ZSWatch — Open smartwatch including software, hardware, and mechanics

  ZSWatch is a free and open source smartwatch you can build almost from scratch - including software, hardware, and mechanics. Everything from the lowest level BLE radio driver code to PCB and casing is available for introspection or to be customised to suit your needs.In this project, the team will add interesting new capabilities such as Heart Rate and Blood Oxygen sensor hardware, create a new iteration of hardware to improve wearability, improve documentation, make it easier to upgrade, and make various improvements to the software including optimising power consumption.

  ▸ For more details see: https://nlnet.nl/project/ZSWatch

• Frugal EDA — Energy-efficient circuits and systems through quantum superconductivity

  FRUGAL EDA is an open-source user-friendly software design suite dedicated to energy-frugal electronics based on the amazing quantum physical properties of superconductivity. Its objective is to enable the design of energy-efficient ultra-high-speed (up to clock frequencies of several hundreds GHz) quantum-based circuits and systems for the widest possible audience. FRUGAL will emulate the development of new circuits and functionalities so that disruptive quantum electronics can take its place in the current highly-competitive emerging technology landscape. One goal is to increase the number of students and newcomers interested to design quantum-based circuits without the need of unaffordable tools, proprietary technologies or steep learning curves.FRUGAL embeds a set of open-source software tools comprising a schematic editor(LibrePCB), a SPICE netlist converter (L2SPICE), quantum time-domain simulators (JSIM and JoSIM) and a layout editor (KLayout). More designer-oriented features will be added along the course of development.

  ▸ For more details see: https://nlnet.nl/project/Frugal-EDA/

Network infrastructure incl. routing, P2P and VPN

• Reticulum Network Stack — Networking stack for building local and wide-area networks even with extremely low bandwidth

  Reticulum is a cryptography-based networking stack that offers end-to-end connectivity and encryption, and a privacy-oriented base-layer protocol. It aims to allow anyone to operate their own sovereign communication networks, and to cover large areas with independent, interconnectable and autonomous networks without kill-switches and external control.

  Reticulum is a completely decentralised networking stack, and it enables the construction of both small and large-scale networks, without any need for hierarchical or beaureucratic structures to control or manage them, while ensuring individuals and communities full sovereignty over their own network segments, addresses and applications. It allows creating truly decentralised applications and services, that can continue to operate even in adverse conditions, and with extremely limited bandwidth and resources.

  ▸ For more details see: https://nlnet.nl/project/Reticulum

• librice — Pure Rust implementation of IETFs real-time communication standard ICE

  The Interactive Connectivity Establishment (ICE) protocol is everywhere in real-time communication, providing a rendezvous mechanism allowing to establish e.g. a SIP or WebRTC connection. Addition of another protocol, TURN, allows hosts which are behind a middleware box or CPE (which is the most common scenario in the IPv4 realm) to still successfully set up a bi-directional path. This puts ICE/TURN at the heart of communication. This project will implement the four key TURN RFCs in librice - a pure Rust implementation of ICE.

  ▸ For more details see: https://nlnet.nl/project/librice

Software engineering, protocols, interoperability, cryptography, algorithms, proofs

• machine-check — Tool for formal verification for machine-code

  Common bug-finding approaches like software testing do not guarantee the absence of bugs. Formal verification can prove the absence of bugs, but the added description and proving complexity means it only tends to be used for critical systems. The current state-of-the-art tools are complex to use and hard to reason around when they fail. Machine-check aims to bring scalable yet intuitive formal verification to non-experts, leveraging the Rust ecosystem for description of digital machines including processors with machine-code programs loaded into memory. Ultimately, this should lead to increased reliability, safety, and security of programs and systems.

  ▸ For more details see: https://nlnet.nl/project/machine-check

• Mox management and automation — Automated email server management and administration

  Mox is a modern email server implementation that makes it easy for people and organizations to run their own mail server, allowing them to stay in control of their own email communication, and keeping email decentralized. While high-quality open source mail server software components exist, their code bases are growing old, and getting a working setup involves configuring at least half a dozen of them to work together. That complexity has turned people to a few (centralized) email providers. Within this grant the team will add a number of missing key features such as server-side email filtering (Sieve) and encrypted storage, among others.

  ▸ For more details see: https://nlnet.nl/project/Mox-Automation

• Optimized Image Codecs — More efficient image handling for embedded systems

  The project summary for this project is not yet available. Please come back soon!

  ▸ For more details see: https://nlnet.nl/project/ImageCodes-Optimised

• Spritely Oaken — Secure 3rd party extensibility with capability-based Scheme

  The project summary for this project is not yet available. Please come back soon!

  ▸ For more details see: https://nlnet.nl/project/SpritelyOaken

• Aiohttp type checking — Improve typechecking for Aiohttp HTTP Client/Server framework

  aiohttp is a widely used asynchronous HTTP Client/Server framework for async IO within the popular Python language ecosystem. The advantage of asynchronous frameworks is that they don't block the client while the server process HTTP requests. Instead, the user can do other operations client side. This grant will improve the coverage for type annotation of the Python test code of its dependencies, providing a more robust framework to downstream users and developers alike.

  ▸ For more details see: https://nlnet.nl/project/Aiohttp-typecheck

• Polyglot jaq — Data wrangling tool focusing on correctness, speed, and simplicity.

  The project summary for this project is not yet available. Please come back soon!

  ▸ For more details see: https://nlnet.nl/project/Polyglot-jaq

• Rusted Platform Module — Programming TPMs in pure Rust

  The Rusted Platform Module (RPM) project strives to improve and advance Trusted Platform Module (TPM) v2 support and ease of use for the Rust programming language. This includes programming the TPM in pure Rust, without C-based libraries in the background, as well as (commandline) tools for common tasks, etc. This project strives to increase adoption of memory-safe languages for programming of security components like the TPM. Run by Institut of IT-Security Research, St.Pölten University of Applied Sciences

  ▸ For more details see: https://nlnet.nl/project/RustedPlatformModule/

• OCaml direct style transition — Helping with the transition of OCaml programs from Lwt to Eio

  OCaml traditionally uses monadic style for concurrent programming, offering advantages like reduced data races and efficiency but requiring all code to be written in this style and leading to frequent allocations. OCaml 5 is one of the first languages to implement algebraic effects, enabling direct-style concurrency with multiple stacks, addressing these drawbacks. However, the transition to effects-based concurrency can lead to incompatibility between libraries written in different styles, putting the whole OCaml ecosystem at risk. This project aims to mitigate these risks by developing tools to automatically rewrite code and identify potential issues during the transition from monadic to direct-style concurrency, specifically focusing on the complex case of the Ocsigen Web framework.

  ▸ For more details see: https://nlnet.nl/project/OCAML-directstyle/

Operating Systems, firmware and virtualisation

• Mainline Linux on ARM Chromebooks — Open firmware and standards-based boot for Mediatek MT818x/MT819x based devices

  The project summary for this project is not yet available. Please come back soon!

  ▸ For more details see: https://nlnet.nl/project/MT818x_MT819x-firmware

• NetBSD Reproducibility — Extend Reproducibility for CTF Debugging Infos and NetBSD Image Creation

  The NetBSD operating system is built from a single source code repository and supports a great variety of different hardware and CPU variants. NetBSD has a working infrastructure for being reproducible, thus you can verify eg. an install ISO to be created from an untampered repository. As NetBSD is technically always cross-compiled, it can be build on several platforms, most commonly on NetBSD itself and on Linux. This project aims to fix two issues where a Linux-based build host creates different output than a NetBSD host.

  Ports using the newer GCC-12 based compiler usually use the CTF debugging format, where the binary representation (probably due to different sorting) differs between Linux and NetBSD builds. The second issue is with install image creation, where symlinks permissions and owner/permission bits from the building host leak into the image, breaking reproducibility. Both of these issues affect the widely used amd64 (usual PCs and Laptops) and arm/aarch64 (Raspberry Pi) ports.

  ▸ For more details see: https://nlnet.nl/project/Reproducible-NetBSD

• Security audit of Sailfish FOSS components — Analyse security of secrets, Sailfish ofono and Sailjail

  Sailfish is a European mobile operating system developed by the Finnish company Jolla. This project will conduct independent security research into the Sailfish FOSS components, with a focus on its cryptography, 5G support and sandboxing of the SailfishOS operating system. The project will also compare Android and SailfishOS on their app permissions, encryption and isolation mechanisms. The researchers are not affiliated with the company behind the development of SailfishOS.

  ▸ For more details see: https://nlnet.nl/project/Sailfish-FOSS-audit

• Grate project — Linux support for Tegra 2/3/4 devices

  The project summary for this project is not yet available. Please come back soon!

  ▸ For more details see: https://nlnet.nl/project/Grate/

• Mollymawk — Mollymawk - orchestration and management of MirageOS unikernels

  Mollymawk is a deployment and orchestration tool designed to simplify the management of MirageOS unikernels and other virtual machines. In this project, we will focus on optimizing deployment, ochestration and scaling (up and down). Key enhancements we are looking at include implementing websockets, streaming services when deploying unikernel images, automated configurations (DHCP, DNS etc), support for virtual machines that are not MirageOS unikernels, mechanisms for autoupgrading unikernels with rollback options, notification of available updates, unattended updates, and managing multiple physical machines with a single mollymawk.

  ▸ For more details see: https://nlnet.nl/project/Mollymawk/

• Better support for display notches and cutouts in Phosh — Better custom shape screen support for Wayland

  Mobile phones often have notches or cutouts in their displays (often to accommodate the camera), rounded corners or waterfalls (lower resolution areas at the edge of the screen).\r\n\r\nThe aim of this project is to propose and implement a Wayland protocol that gives applications the necessary information about these areas. This allows them to place UI elements in a sensible and visually pleasing way, color lower resolution areas properly and avoid having important information occluded.\r\n\r\nBesides for mobile shells like Phosh this information is also important for e.g. video players and other full screen applications and out of the box support in toolkits is desirable.

  ▸ For more details see: https://nlnet.nl/project/Phosh-Notch/

Measurement, monitoring, analysis and abuse handling

• CRAVEX 2 Code Reachability — Do vulnerable dependencies actually impacts security or not?

  The project summary for this project is not yet available. Please come back soon!

  ▸ For more details see: https://nlnet.nl/project/CRAVEX2-codereachability

• CRAVEX integration — Integrated vulnerability exploitability management

  The project summary for this project is not yet available. Please come back soon!

  ▸ For more details see: https://nlnet.nl/project/CRAVEX-integration

• Darkstar — Open source vulnerability management solution

  Build an open source, self hostable, commercial grade attack surface management/vulnerability management solution, for web, network, agent based and cloud security. Our idea is to build a self hostable (container based) vulnerability management solution, which allows companies and people worldwide to monitor their security trough finding vulnerabilities. The main focus lies on creating the basic features that are required for a functional vulnerability management solution: on demand scanning, reporting, prioritization, scanning internal networks via container appliances you can place on your network, scanning external attack surface (web security scanning/DAST), network based external security scanning and g and agent-based vulnerability management.

  ▸ For more details see: https://nlnet.nl/project/Darkstar

• happyDomain — Simplify DNS zone management

  happyDomain is an interface designed to make domain name management more accessible, intuitive, and efficient. By consolidating domain names from multiple providers and abstracting technical complexities that often lead to common mistakes, happyDomain empowers operational teams to handle their domain needs effortlessly, saving time and reducing friction. Its modern interface offers essential features such as history tracking, one-click rollbacks, logical groupings for services, and a REST API for automation. Built with carefully selected technologies, happyDomain provides a fast and lightweight experience, suitable for both large-scale infrastructures and personal use. Our mission is to help individuals and organizations regain independence on the Internet by simplifying domain management and fostering confidence. Whether for system administrators, agencies, freelancers, or privacy-conscious users, happyDomain transforms domain management into an accessible and seamless task for all.

  ▸ For more details see: https://nlnet.nl/project/happyDomain

• Reaction — Event-based system programming

  A lot of bots roam the internet, scanning server ports and web endpoints, and filling out any web form they come across - continuously on the lookout for vulnerabilities to exploit. In order to maintain server security, one of the currently most common defense mechanisms is to monitor logs for repetitive behaviour, or specific patterns implying the involvement of bots. With tools like fail2ban, one can write simple rules to automatically isolate machines identified as suspect.

  Reaction wants to provide a more modern and efficient approach to regex-based log scanning, allowing multiple reaction instances to communicate, sharing bans across an entire infrastructure as well as more intelligent and user-friendly soft bans. This extends the scope of this class of tooling allowing it to act as a light monitoring tool, or an orchestrator for any other event-based actions.

  ▸ For more details see: https://nlnet.nl/project/Reaction

• iso14229 — Universal Diagnostic Services for automotive diagnostics

  iso14229 is an open-source portable C implementation of Universal Diagnostic Services (ISO 14229-1:2020). UDS is a communications protocol used for diagnostics, tuning and firmware updates on embedded devices such as those in your car, tractor, robot, IoT device, or renewable energy system. Insecure UDS implementations expose software to security exploits. By providing an open source implementations including the security features of UDS, this project addresses an important gap. Within the scope of this grant, the team will work on the integration of static analysis, improve documentation and develop a number of security-focused examples.

  ▸ For more details see: https://nlnet.nl/project/iso14229/

Middleware and identity

• Garage Administration UI — Easier administration for selfhosted storage buckets

  Garage is a lightweight geo-distributed data store that implements the Amazon S3 object storage protocol. Garage is meant primarily for self-hosting at home on second-hand commodity hardware, and aims be easy to deploy and maintain, so that hobbyists and small organizations can use it without a hassle. To further this goal, the Garage admin interface project aims to develop a web UI to make cluster administration easier and more intuitive. This interface will cover the most common operations on Garage cluster: visualizing cluster status; joining new nodes, removing nodes, and changing node configuration; and management of S3 access keys, buckets and bucket configurations.

  ▸ For more details see: https://nlnet.nl/project/Garage-AdminUI

• Rauthy — Reliable OpenID Connect IdP and IAM solution

  Rauthy is a lightweight and easy to use OpenID Connect Identity Provider. It aims to be simple to both set up and operate, with very secure defaults and lots of config options, if you need the flexibility. It puts heavy emphasis on Passkeys and a very strong security in general. The project is written in Rust to be as memory efficient, secure and fast as possible, and it can run on basically any hardware. If you need Single Sign-On support for IoT or headless CLI tools, it's got you covered as well. You get High-Availability, client branding, UI translation, a nice Admin UI, Events and Auditing, and many more features. By default, it does not depend on an external database but runs on top of Hiqlite, an embeddable SQLite database that can form a Raft cluster to provide strong consistency and high availability - although it can use e.g. Postgres as an alternative. This makes it simple to operate, while scaling up to millions of users easily.

  ▸ For more details see: https://nlnet.nl/project/Rauthy/

• Threadiverse Reproducible Deployment — Reproducible deployment for Threadiverse servers

  Fediverse is more than short form microblogging. The ActivityPub protocol connects all kinds of software for various communication needs. Some of those are concentrated on long blogs and threaded discussion forums. A common understanding of conversations in ActivityPub and their secure and safe-from-spam implementation is being developed in several fediverse projects. This project focuses on stable and documented automated deployment for two of them - Hubzilla and Streams, including interoperability tests. This will support threadiverse standardization efforts, and help to bring features like group photoalbums and full channel portability between instances.

  ▸ For more details see: https://nlnet.nl/project/Threadiverse-ReproducibleDeployment/

Decentralised solutions, including blockchain/distributed ledger

• Yrs persistent documents — Yrs/Yjs compatible layer for persistent key-value stores

  Yrs is a local-first collaboration library widely used for real-time collaborative editing. Yrs is a \r\na CRDT-based solution that currently works \r\non documents fully loaded into memory, with disk storage happening through plug-ins. The primary goal of this effort is to make it more robust (and less resource-heavy) by creating an alternative implementation that works directly with the on-disk database. All of this needs should happen while remaining compatible with the existing in-memory Yrs implementation as well as the original Yjs JavaScript implementation.

  ▸ For more details see: https://nlnet.nl/project/Persistent-Yrs

• Hyper Hyper Space Sync Engine and adapters — Secure P2P data synchronisation

  The way authority is coded into software platforms impacts the health of the communities they serve. The goal of this project is to provide an information sync engine that can provide an application back-end with as little authority delegation as possible, thus enabling applications that are truly user-controlled.

  By using a formulation based on monotonicity, Hyper Hyper Space is able to simulate a transactional engine over a cryptographically secure event log. This yields a versatile data model, that is usable in a coordination-free setting and in the presence of Byzantine faults.

  This modelling flexibility can be leveraged by using bi-directional adapters, that are able to ingest and export synchronized data into a variety of local storage systems, including relational databases, document stores, and files. Application builders can choose the storage system that better suits their use-case, and rely on an adapter to synchronize its contents. This should lower the barriers of entry for creating p2p applications, and hopefully significantly boosts quality while reducing complexity.

  ▸ For more details see: https://nlnet.nl/project/HHS-SyncEngine/

• Titanic — Database server to synchronize vast collections of CRDT documents

  Yjs is a Conflict-free Replicated Data Type (CRDT) which enables developers to build collaborative applications, just like Google Docs and Figma. Most CRDT implementations work just like any other data type, but they automatically sync with other peers without conflicts. Today, Yjs is among the most used technologies for building collaborative applications.

  The developers observed the development of competing CRDTs, and recognize the need for more specialized CRDTs for specific use-cases. Syncing many CRDT instances with different permissions is still an unsolved problem. Syncing documents individually quickly becomes infeasible with an increasing number of documents in a local-first app.

  This project will therefore develop Titanic, an isomorphic database (works in the browser, Node.js, Deno, Bun, ..) that can host different CRDT implementations. It will sync many CRDT instances efficiently in a network-agnostic manner. While it will support custom authentication approaches, Titanic will ship with a role-based document-level permission system that prevents unauthorized users from reading or writing documents.

  ▸ For more details see: https://nlnet.nl/project/Titanic

• ActivityPods 3.0 — Encrypted Solid-compatible Pods

  ActivityPods brings together two game-changing protocols, ActivityPub and Solid Pods, and empowers developers to create fully-decentralized social apps thanks to an easy-to-use framework. In the planned version 3.0, Solid clients will be able to connect to ActivityPods just like any other Solid Pod provider. Furthermore, ActivityPods 3.0 will build a bridge with the world of P2P protocols, since it will be using NextGraph (a local-first P2P solution based on CRDT) as a triple store. The result is that all Pod data will be encrypted. In addition, users will be able to create a NextGraph wallet and use it to give NextGraph apps access to their Pod data. This will allow ActivityPods to provide the first \"social Pods\" with built-in Fediverse communication and improved data security, potentially attracting more developers and users to the Solid and ActivityPub ecosystems.

  ▸ For more details see: https://nlnet.nl/project/ActivityPods-3.0

Data and AI

• MWoffliner — Software to make Wikipedia and other Mediawiki content available offline

  Wikipedia aims to make the Sum of All Human Knowledge available to all and for free. But with three to four billion people around the world lacking connectivity (because of cost, infrastructure or censorship) we need a solution to bridge the digital divide and bring this great tool to everyone.

  Mediawiki offliner packages and compresses any wiki into a portable ZIM archive that can then be browsed offline and on any device, no matter where their users are located. In short, this allows everyone and everyone to carry the largest encyclopaedia ever on their phone and in their pocket.

  ▸ For more details see: https://nlnet.nl/project/MWOffliner

• Organic Maps сonvergent UI for Linux with Qt Quick/Kirigami — Declarative cross-platform UI for navigation

  Maps navigation software is a crucial part of computer systems today, be it on Mobile, Desktop, Automotive and so on. For quite a lot time already, we have a brilliant open-source maps application, now named Organic Maps. It's features make it strong competitor to commercial-grade software, among them are: privacy, fully offline maps, low battery consumption, navigation, points of interest (POI) and much more. Currently, the application shows it's strength on mainstream mobile operating systems only. On other systems, it's ability is quite limited, mainly because of lack of proper User Interface for them.

  This project aims to create an Organic Maps convergent touch-friendly User Interface for Linux, backed by featured Qt Quick/QML application framework, perfectly suitable for this task. This would allow feature-parity for Mobile and Desktop Linux systems, and also creates solid ground for further unification of the User Interface among other platforms.

  ▸ For more details see: https://nlnet.nl/project/OrganicMaps-ConvergentUI

• A Frameworks Framing — Open corporate data in Wikirate through the lens of standards

  Reporting on ESG (Environmental, Social, and Governance) parameters is crucial for investors and stakeholders to gain information about companies' sustainability from these three perspectives. Wikirate is the world’s largest open source registry of ESG data, crowdsourcing standardised data about companies on a large variety of metrics delivering an extremely valuable resource for instance for policy development. In recent years, various standards bodies have translate these abstract ESG guidelines into actionable and concrete performance metrics. \r\n\r\nWithin the scope of this grant Wikirate will improve the structuring and discoverability of information, giving a more consistent and concise view on the existing standards and framework. By exhaustively mapping metrics to frameworks, and improving better documentation, visualization and navigation, this project will contribute to smooth exploration and better understanding of millions of ESG data points as connected to corporate standards.

  ▸ For more details see: https://nlnet.nl/project/FrameworksFraming

• Polyglot jaq — Data wrangling tool focusing on correctness, speed, and simplicity.

  Data often needs to be processed going from one tool to another. Doing that is potentially a point of failure, as 'quick and dirty' solutions often fail to take into account edge cases. This project will build on top of Jaq, a Rust re-implementation of the widely popular jq syntax with rigorously defined semantics, and extend its approach to other data formats - from legible formats such as \r\nXML, YAML, TOML, CSV and Markdown to binary formats. For the latter, the project builds on the versatile parsing toolbox of Kaitai Struct.

  ▸ For more details see: https://nlnet.nl/project/Polyglot-jaq

• PurlValidator — Check validity of software package identifiers online and offline

  Package-URL, or PURL, is the de-facto standard for identifying software packages, used by open source SCA tools, SBOM and VEX specs, and vulnerability databases. But using a standard syntax does not prevent errors: A recent (not yet published) study on the quality of software bill of materials (SBoM) revealed that for too often PURLs in SBOMs are still inconsistent, fake, incorrect, or misleading. This is a major impairment to any application of SBOMs, and industry-wide cybersecurity and application security.\r\n\r\nThe PurlValidator project is a public service, based on PurlDB, to validate all the PURLs. An extension of the purl2all project, PurlValidator validates the PURL syntax against any known PURLs by exposing PurlDB's reference data of 20M+ PURLs. PurlValidator also provides decentralized libraries for offline use that can be integrated in multiple tech stacks for all major ecosystems, beyond what is already available for PURL tools. The goal of this project is to provide an accessible, single source of truth to the security and SBOM ecosystem at large and improve the quality and accuracy of PURLs in use, imperative for CRA compliance.

  ▸ For more details see: https://nlnet.nl/project/purlvalidator

• PyCM — Machine learning post-processing and analysis

  PyCM is an open-source Python library designed to systematically evaluate, quantify, and report the performance of machine learning algorithms. It offers an extensive range of metrics to assess algorithm performance comprehensively, enabling users to compare different models and identify the optimal one based on their specific requirements and priorities. Additionally, PyCM supports generating evaluation reports in various formats. Widely recognized as a standard and reliable post-processing tool, PyCM has been adopted by leading open-source AI projects, including TensorFlow, Google’s scaaml, Torchbearer, and CLaF. In this grant, the team will implement several new features, such as data distribution analysis, dissimilarity / distance matrices and curve analysis. In addition the project will improve benchmarking and confidence, and introduce an API and GUI for wider adoption.

  ▸ For more details see: https://nlnet.nl/project/PyCM-API

Services + Applications (e.g. email, instant messaging, video chat, collaboration)

• Mox management and automation — Automated email server management and administration

  Mox is a modern email server implementation that makes it easy for people and organizations to run their own mail server, allowing them to stay in control of their own email communication, and keeping email decentralized. While high-quality open source mail server software components exist, their code bases are growing old, and getting a working setup involves configuring at least half a dozen of them to work together. That complexity has turned people to a few (centralized) email providers. Within this grant the team will add a number of missing key features such as server-side email filtering (Sieve) and encrypted storage, among others.

  ▸ For more details see: https://nlnet.nl/project/Mox-Automation

• linkblocks — Federated bookmark manager based on ActivityPub

  Linkblocks is a federated bookmark manager. By combining a web-like graph structure with collaborative features, it aims to make knowledge discovery on the web more open and productive, providing an alternative to social networks and search engines.

  ▸ For more details see: https://nlnet.nl/project/linkblocks

• Manyfold — ActivityPub-powered tool for storing and sharing 3d models

  Manyfold is a web application for managing collections of 3d models, with a focus on the needs of the 3d printing community. It is designed to be self-hosted, and lets users browse, organise, and analyse their downloaded models. With NLNet’s support, the project has recently launched federation features using ActivityPub, progressive transmission of 3d models, and a wide range of core feature enhancements. The next phase of the project will build on this base to create richer social features, better ways to get models into and out of the system, features to help financially support creators, and improvements to search and discovery features, all of which will help build an open, decentralised ecosystem for 3d model hosting.

  ▸ For more details see: https://nlnet.nl/project/Manyfold-Discovery

• NextGraph Framework — SDK's and API's for the NextGraph Framework

  NextGraph is an open source ecosystem that provides solutions for end-users (a platform) and software developers (a framework), wishing to use or create decentralized apps featuring: real-time collaboration, peer to peer communication with end-to-end encryption, local-first, portable and interoperable data, total ownership of data and software, security and privacy. Centered on repositories containing semantic data (RDF), rich text, and structured data formats like JSON, synced between peers belonging to permissioned groups of users, it offers strong eventual consistency, thanks to the use of CRDTs. Documents can be linked together, signed, shared with others, queried using the SPARQL language and organized into sites and containers. Using our framework, SDK and APIs, developers will be able to create standalone or embedded apps that can make capability-based access requests on the user's data, define smart-contracts and implement any business logic within cross-document transactions. With NextGraph, users and apps can securely access and traverse their authenticated data graph (web of data) and social graph (social network), while enabling resilience and data integrity, and preserving privacy and decentralization.

  ▸ For more details see: https://nlnet.nl/project/NextGraphFramework

• Slipshow — A different paradigm for presentations including flipchart style annotations

  Not every presentation fits well into the paradigm of \"Powerpoint slides\". Slipshow offers a continuous presentation space that the presenter can update and modify through the presentation including interaction with the slides by adding live hand-drawn notes. Such a tool fits not just remote / hybrid teaching, but also the time-honoured \"blackboard style\" teaching which encourages dynamic presentation, audience participation, and flexible course materials. With the scope of this project, Slipshow will be extended to support recording the live annotations, improve the UX and mature the associated light-weight (self-hostable) server - making it applicable to a wider variety of use cases.

  ▸ For more details see: https://nlnet.nl/project/Slipshow

• AlekSIS SCIM — SCIM, timetabes and other features for AlekSIS

  AlekSIS is a free school information system that helps with school organisation as an interactive web application. It is a central platform for students, teachers, and parents to manage any information related to everyday school life. The software's functions include lesson planning, creating timetables, managing absences and substitution planning, the digital class register, inventory management, payment systems, and student ID cards.

  AlekSIS is completely modular and can therefore be flexibly adapted to individual needs. Within this grant, the goals is to improve and add integrations with other software, make the timetable and substitution planning easier by providing assistance tools, integrate parents in daily school workflows and provide advanced attendance tracking. Additionally the aim is to get rid of several legacy technologies and update all AlekSIS apps to a more modern technology stack, and improve documentation and demo data accordingly.

  ▸ For more details see: https://nlnet.nl/project/AlekSIS-SCIM/

Vertical use cases, Search, Community

• Organic Maps bookmarks, hike and bike — Improved bookmarks, address search, map styles and driving

  Organic Maps is a free, open-source offline map application available for Android and iOS. It provides a privacy-focused alternative to Google and Apple Maps, empowering individuals who value their privacy and freedom from the surveillance ecosystems created by these companies. The app offers downloadable outdoor maps of the entire world, offline multi-point navigation, offline search on the map, saved bookmarks and trails, KML/KMZ/GPX interoperability, elevation contours, track recording, and more. This project focuses on enhancing core functionality: optimizing offline search, expanding bookmark management, and introducing new features for hikers and bikers.

  ▸ For more details see: https://nlnet.nl/project/OrganicMaps-bookmarks

• OpenStreetMap-NG — Alternative implementation of OpenStreetMap

  OpenStreetMap-NG is an innovative rethinking of how open mapping platforms can be built and maintained, as an alternative to the current openstreetmap.org setup. Leveraging Python and other widely used technologies and guided by user-centric design principles, this project creates a more accessible, privacy-respecting, and developer-friendly mapping platform. By prioritizing both solid technical foundations and ease of use, OpenStreetMap-NG wants to make open-source mapping more approachable while pushing the boundaries of what's possible.

  ▸ For more details see: https://nlnet.nl/project/OpenStreetMap-NG

• Empowering Mobilizon — Find, create, organise and curate events

  Mobilizon empowers users to create collaborative platforms for promoting local events, activities, and groups. Utilizing the ActivityPub protocol, these platforms facilitate information sharing, allowing users to publish their events on one Mobilizon instance and broadcast them across others when appropriate. Designed with user-friendliness in mind, Mobilizon aims to reduce local advertisers' reliance on major tech companies. Currently, dozens of Mobilizon instances are operational, collectively attracting thousands of users. However, this is not enough to harness the full potential of the network effect and drive meaningful societal change. Numerous enhancement requests and areas for improvement have been identified, and it is crucial to refine and prioritize these initiatives. Should we enhance federation with ActivityPub? Develop solutions to combat spam? Allow users to join a waiting list for fully booked events? Improve categorization and search functionalities? Address persistent bugs? Optimize response times? To tackle these challenges, we aim to establish a governance structure involving other instance administrators. Together, we can prioritize the most impactful changes and integrate them into our roadmap, ultimately making it easier for the community to discover and engage with local activities.

  ▸ For more details see: https://nlnet.nl/project/Empowering-Mobilizon

• WeasyPrint — Print rendering engine for HTML and CSS

  WeasyPrint helps web developers create high quality print documents. It turns simple HTML pages into gorgeous statistical reports, invoices, tickets… From a technical point of view, WeasyPrint is a visual rendering engine for HTML and CSS that can export to PDF - independent from rendering engine like WebKit or Gecko. It aims to support web standards for printing. WeasyPrint is free software made available under a BSD license. The CSS layout engine is written in Python, designed for pagination, and meant to be easy to hack on.

  ▸ For more details see: https://nlnet.nl/project/Weasyprint

• Mifos X (Apache Fineract) — Type safety for/refactoring of Apache Fineract banking software

  The project summary for this project is not yet available. Please come back soon!

  ▸ For more details see: https://nlnet.nl/project/ApacheFineract/

---

Still hungry for more projects? Check out the overview of all our current and recent projects...

Inspired? If you are working on a project that contributes to the Next Generation Internet you can submit a proposal. The next deadline is February 1^st.

Acknowledgements

The NGI0 Commons Fund and the NGI0 Core funds are possible with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology.