Send in your ideas. Deadline August 1, 2025

NGI0 Commons Fund

NGI0 Commons Fund is a grant programme funding projects about reclaiming the public nature of the internet, as part of the Next Generation Internet initiative of the European Commission. For a more complete description see the home page of the fund: NGI Zero Commons Fund.

This page contains a concise overview of projects funded by NLnet foundation that belong to NGI0 Commons Fund (see the thematic index). There is more information available on each of the projects listed on this page - all you need to do is click on the title or the link at the bottom of the section on each project to read more. If a description on this page is a bit technical and terse, don't despair — the dedicated page will have a more user-friendly description that should be intelligible for 'normal' people as well. If you cannot find a specific project you are looking for, please check the alphabetic index or just search for it (or search for a specific keyword).

The goal of NGI Zero Commons Fund is to help deliver, mature and scale new internet commons across the whole technology spectrum, from libre silicon to middleware, from P2P infrastructure to convenient end user applications. We have a holistic, full-stack approach, simply because there is no other way. If we want to reclaim the public nature of the internet and yield the full benefits from technology as a society, we need to have full coverage — period.

NGI Zero Commons Fund is an ambitious grant programme led by NLnet as part of the Next Generation Internet initiative, which focuses on the development and maintenance of internet commons that support the vision of a resilient, trustworthy and sustainably open technology stack that empowers users, and grants everyone full autonomy.

All projects become available under a free and open source license so you will be able to study, use, modify and share everything with anyone you want! Why not propose a project yourself, calls are currently open!

Logo NLnet: abstract logo of four people seen from aboveLogo NGI Zero Commons Fund: letterlogo shaped like a tag

Applications are still open, you can apply today.

ActivityPods 3.0 — Encrypted Solid-compatible Pods

ActivityPods brings together two game-changing protocols, ActivityPub and Solid Pods, and empowers developers to create fully-decentralized social apps thanks to an easy-to-use framework. In the planned version 3.0, Solid clients will be able to connect to ActivityPods just like any other Solid Pod provider. Furthermore, ActivityPods 3.0 will build a bridge with the world of P2P protocols, since it will be using NextGraph (a local-first P2P solution based on CRDT) as a triple store. The result is that all Pod data will be encrypted. In addition, users will be able to create a NextGraph wallet and use it to give NextGraph apps access to their Pod data. This will allow ActivityPods to provide the first "social Pods" with built-in Fediverse communication and improved data security, potentially attracting more developers and users to the Solid and ActivityPub ecosystems.

>> Read more about ActivityPods 3.0

Ada Bootstrap Compiler — Full source bootstrap for Ada

Ada is an important computer language with a long history, with the compilers being built for new architectures in an ad-hoc basis based on previously existing Ada compilers from other architectures. This project aims to create a bootstrap path from the C language to an Ada compiler without relying on an existing Ada compiler binary. This will allow us to have a fully auditable trail from C to a working Ada compiler, removing concerns about hidden backdoors or other issues that may arise from using a compiler without a clear bootstrap path.

>> Read more about Ada Bootstrap Compiler

Aiohttp type checking — Improve typechecking for Aiohttp HTTP Client/Server framework

aiohttp is a widely used asynchronous HTTP Client/Server framework for async IO within the popular Python language ecosystem. The advantage of asynchronous frameworks is that they don't block the client while the server process HTTP requests. Instead, the user can do other operations client side. This grant will improve the coverage for type annotation of the Python test code of its dependencies, providing a more robust framework to downstream users and developers alike.

>> Read more about Aiohttp type checking

Alaveteli GDPR and Search — Better search and redacting capabilities for Alaveteli FOI request portal

Alaveteli is an open source platform deployed in 20+ countries that helps citizens make Freedom of Information requests and publishes them and the responses online. Access to Information laws are powerful tools by which citizens, journalists, and civil society organisations can obtain information to scrutinise government. Such legislation is an important prerequisite for accountability and bottom up participation, making it one of the cornerstones of a healthy democracy.

Alaveteli’s architecture was designed long before the introduction of GDPR. This makes it challenging to balance public access to information with protection of citizens' individual data rights. The project aims to redesign and replace Alaveteli’s antiquated search architecture and technology and implement key missing functionality to effectively locate and, when appropriate, remove personally identifiable information to ensure GDPR compliance.

>> Read more about Alaveteli GDPR and Search

Yama Analytics — Privacy-friendly analytics microservice using server logs

For small organisations and individuals who wish to respect their visitors' privacy while needing to obtain analytics, there are limited options. The most elegant option (and the most privacy-respecting one) is to provide real-time analytics by ingesting the web server logs. This doesn't involve/require doing anything client-side (no scripting, no invisible pixels, etc): all the information needed can be derived from these log files without resorting to tricks. The form factor of a drop-in microservice allows for easy integration into other tools (which offers a significant improvement in terms of usability), and makes it portable. The end result will provide a neat solution for small actors to make self-hosting of their website 'batteries included'.

>> Read more about Yama Analytics

Mifos X (Apache Fineract) — Type safety for/refactoring of Apache Fineract banking software

Apache Fineract is a sophisticated core banking system that provides comprehensive financial technology solutions. It offers features for client data management, loan and savings portfolio management, integrated real-time accounting, as well as extensive reporting capabilities. By commoditising core banking infrastructure, Fineract empowers communities and organisations of any size to integrate financial services everywhere.

Mifos X includes a payment orchestration engine and mobile banking apps, lowering the threshold to participate in the digital economy. In the scope of this project, type-safety is added to the software, QueryDSL is introduced to generate code and a significant amount of technical debt is resolved.

>> Read more about Mifos X (Apache Fineract)

AtomicServer Local-First — AtomicServer Local-First Headless CMS

The project summary for this project is not yet available. Please come back soon!

>> Read more about AtomicServer Local-First

BB3-CM5 — Modular OSHW test & measurement equipment

EEZ BB3 is a mature and recognized open source project that, in combination with EEZ Studio, offers a wide range of options for test & measurement development and automation. This project will further improve its performance, modularity and attractiveness by adding support for different MCUs and CPUs as a detachable module (Raspberry Pi CM4 form factor), new interfaces and by reorganizing the firmware in a way to simplify the addition of new EEZ DIB peripheral modules and enable running Linux.Design optimization will be carried out to reduce manufacturing and maintenance costs while taking into account that the existing certified EMC is not compromised. Finally, the new design will enable an increase in capacity (hosting up to 5 instead of 3 DIB modules), and the existing Mixed I/O modules will be adapted to work with a faster interface in a new more compact, half-width form factor.

>> Read more about BB3-CM5

Bab — Efficient proof of validity of streamed data

Content-addressable storage (CAS) lets peers resolve secure digests to strings, but faces a dilemma: if a string cannot be transferred in full, peers cannot tell whether what they received so far is legitimate data. Discarding the data leads to redownloads and might make large downloads in spotty networks impossible. Persisting untrusted data allows peers to place arbitrary data on your machine. We write a Rust implementation of the Bab hash functions which solve this issue.

>> Read more about Bab

Bubble-up — Declaritive schema migrations for sqlite databases

SQLite is widely regarded as the most-used database engine, with sqlite.org even suggesting that it surpasses all other engines combined. One of its main advantages is its simplicity—operating on a single file. However, while getting started with SQLite is straightforward, modifying the database schema can be more complex due to its limited support for ALTER commands compared to other databases.

Bubble-up is a command-line tool designed to ease this challenge. It enables seamless schema migrations for SQLite databases by comparing your desired schema (written in a simple SQL file with standard DDL statements) to the current database structure, and performing the necessary changes.

>> Read more about Bubble-up

CARGO — Automatic Generation of Analog + Mixed Integrated Circuits with Coriolis

The project summary for this project is not yet available. Please come back soon!

>> Read more about CARGO

Pushing forward for CSS Print — High end print from HTML and CSS

The Web is one of the largest common resources, accessible to everyone across the globe, based on standards maintained by the World Wide Web Consortium (W3C). Certain CSS modules have been developed specifically for paginated design and publication: the fragmentation model, which divides content into pages, columns, or regions, and includes features such as controlling flow breakpoints (page breaks, column breaks, etc.). Additionally, three W3C CSS modules focus on formatting for "paginated media", defining how pages are structured and providing essential functionality for printed page layouts, including margin sizes, page numbering, running headers, footnotes, templates, and element positioning on the page. However, these modules remain in the Working Draft phase, and currently no web browser has fully implemented them.

In response to this limited browser support, several open-source initiatives (such as WeasyPrint and Paged.js) have emerged over the past 15 years, each with a unique approach to addressing these challenges. The user community continues to grow, new layout requirements have arisen, revealing that the current specifications are insufficient to meet the demands of modern paginated layout. As developers, maintainers and users of these open-source solutions, our goal is to address these gaps by collaborating on the development of new specifications in a structured and collective manner, demonstrating the feasibility of these new specifications by implementing them in various tools and engaging in advocacy with the CSS Working Group (CSSWG) to promote the adoption of these new specification proposals.

>> Read more about Pushing forward for CSS Print

Capability-based security for Redox — Capsicum style cabilities in Redox

Redox OS is a Unix-like microkernel-based operating system written in Rust, intended for both the cloud and the desktop. In this project we will replace Redox's internal file descriptor representation with capability descriptors, optimized for both security and performance. This will provide a foundation for capability-based security on Redox, and possibly capability extensions from other UNIX-like systems, while also supporting POSIX-style file descriptors for application compatibility.

>> Read more about Capability-based security for Redox

Circuit Painter — Creative tool for programmable PCB creation

Circuit Painter is a creative coding tool for generating functional printed circuit boards (PCBs). It enables users to easily automate circuit designs that involve repetitive tasks such as LED matrixes, sensors, and test boards. Circuit Painter is implemented as a simplified Python-based language, using vector graphics-inspired techniques such as matrix transformation to simplify board generation. It uses KiCad as a backend for rendering PCBs, and can directly export manufacturing files, or be used in conjunction with traditional routing for more complex designs. A web-based interface being developed to allow the tool to be used in a classroom or ad-hoc setting.

>> Read more about Circuit Painter

CityBikes — Open access API for bike sharing information

Citybikes is the most comprehensive open access API for bike sharing information, with support for more than 700 cities all around the world. The goal of the project is to promote open data policies and showcase the benefits of open data to city councils and companies that provide public services to society.

Less than 25% of Citybikes data comes from open data standard feeds—for every city in citybikes publishing their bike sharing information in a reusable format, there are at least three more that do not use a standard format. Citybikes aims to change that by providing developers, researchers and organizations with a standard resource to bridge this gap and contribute towards an interoperable open data ecosystem for mobility services.

>> Read more about CityBikes

ClassQuiz — Libre quizing tool

ClassQuiz is a quiz application designed for, but not limited to, classrooms. It allows anyone to create live quizzes to engage the audience in a fun way, where each player also competes against the others by answering questions as fast as possible to score high. By providing a simple setup for self-hosting, it also allows many educators to host quizzes without any privacy concerns. ClassQuiz was born as an alternative to Kahoot! because educational software for students should be built with privacy in mind.

>> Read more about ClassQuiz

Clearance — Curating changes to OpenStreetMap data of interest

Clearance is an open-source tool designed to enhance the reliability and increase confidence in collaborative OpenStreetMap (OSM) data by acting as a quality control proxy between OSM and data consumers and functioning as a standard OSM data source (OSM PBF or overpass API).

OSM map data is created collaboratively and continuously updated by the contributor community. While most changes are made in good faith, low quality changes or mistakes may occur, especially by beginners. Bad faith changes also exist, but are less frequent. When you rely on OSM data, as a service provider or end user, quality and avoiding breaking changes is important. That's the issue Clearance addresses.

Clearance holds suspicious or potentially problematic changes, while keeping replication up to date for those respecting quality rules. It reworks OSM changes into coherent groups based on topological, geospatial, and semantic object relationships. Rejected data groups must be corrected in OSM or accepted manually. It provides local atomic changes that preserve data integrity. It helps identify semantically equivalent objects despite technical changes (splits, merges, redraws, dimension changes).

>> Read more about Clearance

Open-source firmware for modern AMD boards — Open-source firmware for modern AMD boards part 1

The project summary for this project is not yet available. Please come back soon!

>> Read more about Open-source firmware for modern AMD boards

Fully Open Chip Design — Silicon-proven toolchain for VLSI design

Coriolis is an open-source toolchain dedicated to chip design. It integrates several open-source tools like Yosys, KLayout etc. and provides also dedicated tools for place & route. It addresses the actual open technologies (SkyWater, IHP and Global Foundries) to make open chips possible. The goal of this project is to improve the usability and the users' experience using Coriolis, from installing and configuring their flow to elaborating their designs. At the end, tutorials, documentation and packages will be available to make Coriolis a more usable toolchain to increase the European’s sovereignty in chips’ design and to promote open chips.

>> Read more about Fully Open Chip Design

Securing Internet protocols with decentralized identity — DIDs and Verified Credentials as SASL method

There has been much innovation in the last few years in the area of decentralized digital identity, including the development of standards such as Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs). These technologies have led to large-scale initiatives around the world to develop digital identity wallets, including for example the European Digital Identity Wallet (EUDI). These initiatives aim at making it possible to obtain and use digital versions of identity documents such as drivers' licenses, birth certificates, university diplomas, and more.

The potential of these technologies however is much greater than just logging in to websites. In this project, we work on integrating decentralized digital identity technologies into widely used Internet protocols themselves, such as XMPP for instant messaging. In this case, a combination of identity and messaging means that you can authenticate to a messaging service using a digital identity wallet, rather than username and password. We accomplish this by specifying and building a DID-based extension for the Simple Authentication and Security Layer (SASL).

>> Read more about Securing Internet protocols with decentralized identity

Data Package implementation in TypeScript — Reference implementation of data definition language and data API

Data Package is a standard consisting of a set of simple yet extensible specifications to describe datasets, data files and tabular data. It is a data definition language (DDL) and data API that facilitates findability, accessibility, interoperability, and reusability (FAIR) of data. TypeScript implementation of the Data Package standard provides all the necessary functionality for working with data packages in Node.js or similar environments — including validating and extending metadata, and reading or writing data in various formats such as CSV, TSV, JSON, and OpenDocument Format (ISO/IEC 26300) as used by e.g. Excel and LibreOffice.

>> Read more about Data Package implementation in TypeScript

DatamiPods — Visualisations for (federated) Solid data

Datami is a tool to edit, visualize and share your data. It allows to transform datasets into discoverable, understandable and reusable data. ActivityPods is a collective data space solution based on Solid and ActivityPub.

The DatamiPods project creates a bridge between these two existing open source tools, and aims to simplifies the use of the datasets involved - also for less technical users.

>> Read more about DatamiPods

Decidim revamp — Tools for participatory democracy

Decidim is a free and open, digital infrastructure for participatory democracy. Decidim allows to create and configure a web platform to be used as a political network for democratic participation. The platform is freely available for organisations and institutions seeking to initiate participatory processes such as deliberation, decision-making, collaboration, direct democracy and co-design.

In order for the project to reach a new stage of technical maturity, the project will overhaul the user experience through a complete redesign of its interface. It is necessary to review, order and, if necessary, remove features. This project is focused on doing the less visible, but necessary work, to make the code clean and sustainable in the long term.

>> Read more about Decidim revamp

Dino — User-friendly and secure instant messaging based on XMPP

Dino is an open-source messaging application. It uses XMPP as an underlying protocol, which allows federated, provider-independent communication and offers a world-wide network of interconnected servers. Dino aims to be secure and privacy-friendly while at the same time offering a good user experience and a modern feature set.

This project is about adding various additional usability and privacy features such as Message moderation in groupchats (XEP-0425), message deletion (XEP-0424) and local message deletion, improved password handling and connection establishment via SASL2 (XEP-0388), Bind2 (XEP-0386), FAST (XEP-484) and storing secrets in the system keyring, improved file transfers including sending multiple images in the same message via Stateless File Sharing (XEP-0447), improving the UX in MUCs by using more efficient protocols like MUC Affiliation Versioning (XEP-0463) and by making further use of occupant IDs (XEP-0421) in the context of message correction and message deletion. It will also extending support of message formatting via Message Markup (XEP-0394).

>> Read more about Dino

DjNRO upgrade and wifi mapping — Find nearby wifi access points in federated wifi communities

DjNRO is an open-source tool for a wifi roaming community. It supports the organisational participants, their wireless hotspot locations and configurations. It is suitable as a public or internal tool for managing distributed wifi deployments, and already powers the world-wide eduroam community.

This project aims to improve the wifi location mapping by correlating independent wifi hotspot data and OSM location data with the manually maintained organisational participant information.

By importing additional information on the deployment of roaming wifi services, they can be validated to give users more accurate information on service availability, and assist administrators in identifying broken or invalid networks, or even "evil twin" networks in proximity of legitimate deployments.

>> Read more about DjNRO upgrade and wifi mapping

Embeddable Common Lisp — Common Lisp for browser environments

Embeddable Common Lisp is a Free and Open Source Software implementation of the Common-Lisp language as described in the X3J13 ANSI specification with focus on conformance, practical use and portability. This project follows through after a recent port of the runtime to Web Assembly to implement convenient environment for Common Lisp development and for deploying Common Lisp applications directly in web browsers and other WASM-enabled runtimes. This includes further improving ECL internals for interoperability and modularity by porting it to WASI.

>> Read more about Embeddable Common Lisp

EPE (Ecran-Papier-Editer | Screen-Paper-Editing) — Creative libre software tools for print media

Ecran-Papier-Editer is a first phase of construction of a set of innovative, open and alternative, reasoned and sustainable editorial software tools, resulting from graphic design practices and intended for the cultural and creative sectors - and for all players in publishing and publishing in all sectors. The project involves European and international universities (graphic design departments), a national arts & sciences scene, a paper engineering school, and a computer engineering school.

>> Read more about EPE (Ecran-Papier-Editer | Screen-Paper-Editing)

Empowering Mobilizon — Find, create, organise and curate events

Mobilizon empowers users to create collaborative platforms for promoting local events, activities, and groups. Utilizing the ActivityPub protocol, these platforms facilitate information sharing, allowing users to publish their events on one Mobilizon instance and broadcast them across others when appropriate. Designed with user-friendliness in mind, Mobilizon aims to reduce local advertisers' reliance on major tech companies. Currently, dozens of Mobilizon instances are operational, collectively attracting thousands of users. However, this is not enough to harness the full potential of the network effect and drive meaningful societal change. Numerous enhancement requests and areas for improvement have been identified, and it is crucial to refine and prioritize these initiatives. Should we enhance federation with ActivityPub? Develop solutions to combat spam? Allow users to join a waiting list for fully booked events? Improve categorization and search functionalities? Address persistent bugs? Optimize response times? To tackle these challenges, we aim to establish a governance structure involving other instance administrators. Together, we can prioritize the most impactful changes and integrate them into our roadmap, ultimately making it easier for the community to discover and engage with local activities.

>> Read more about Empowering Mobilizon

Every Door — Efficient and customizable mobile OpenStreetMap editor

Every Door is an open-source OpenStreetMap editor for Android and iOS devices. It focuses on efficient on-the-ground surveying, mainly on points of interest and addresses. With the app, one can fully map an entire shopping mall or an entire village in a matter of hours. The next steps for the editor are vector tiles and customization: tailoring Every Door for focused mapping and adding interoperability with third-party services.

>> Read more about Every Door

F3D — Cross-platform, fast and minimalist 3D viewer

F3D is an open source, community-driven, cross-platform, fast and minimalist 3D viewer. Already integrated into many Linux distributions, F3D is packed with features that let users visualize and render their 3D models efficiently. F3D supports dozens of file formats and aims to be the go-to solution for simply taking a look at any 3D model, it also supports thumbnails and integrates well in the desktop experience on Windows and most Linux desktop environments. F3D is also the libf3d, a C++ API to simply and efficiently render 3D models, with Python, Java and Javascript bindings. As such, the libf3d is available as a python wheel on pypi and will soon be available as an npm package. The F3D community thrives to be inclusive and welcoming, with a clear contribution and maintenance process where everything is discussed openly with any interested parties.

>> Read more about F3D

FederatedCode Next — UI and curation queue for VulnerableCode data enrichment

VulnerableCode is an open-source database that aggregates and enriches data concerning CVE with metadata to make it easier to track CVEs across packages and dependencies. VulnerableCode was designed from its inception to correlate and aggregate multiple data sources and not have a single point of failure. The FederatedCode Next project aims to create a UI and curation queue for VulnerableCode in order to take the next step towards an open, peer-to-peer federated database of code vulnerabilities.

This allows to to ensure cybersecurity professionals have the essential information they need to do their work when new vulnerabilities are unveiled - such as PURL and VERS version ranges for impacted and fixed package versions, Common Weakness Enumeration details to qualify the weakness exposed by a CVE, severity scoring, mitigation possibilities beside updating and patching, the actual commits/patches that introduce/fix a vulnerability for reachability analysis, related PoC for exploits, etcetera.

>> Read more about FederatedCode Next

Interoperability of Events in the Fediverse — A common approach to using the ActivityPub Event object type

Events are at the heart of social life and deserve to be treated accordingly in the Fediverse. Although events are already supported by many ActivityPub applications, they often lack standardised implementation, which limits interoperability within the network. A fundamental milestone of this project is therefore to finalise and refine the current Fediverse Enhancement Proposals (FEPs) for events, in particular FEP-8a8e, and to investigate enhancements for advanced features such as super/child events, recurring events and RSVP actions. In addition, we will investigate the Fediverse Auxiliary Service Provider Specifications (FASPs) for discoverability and filtering of public events. Other aspects include further development of the Event Bridge for the ActivityPub WordPress plugin, working with GatherPress to make it a comprehensive ActivityPub event solution for WordPress, and contributing to other Fediverse projects on a case-by-case basis to align their event implementations. This may also include improving event support in applications that currently have very limited support. In addition, the project will serve as a knowledge hub and facilitate communication between developers working on events in ActivityPub. This includes hosting presentations to raise public awareness about the progress and (social) potential of events in the Fediverse.

>> Read more about Interoperability of Events in the Fediverse

Flatline Server — Independent server for Signal protocol

This project develops a self-hosted, single-node prototype of the Signal server by removing its cloud service dependencies, allowing users and organizations to run their own private, secure communication networks independent of centralized US-based infrastructure.

Key tasks include forking and adapting the Signal server codebase, building a containerized infrastructure stack, modifying the Molly client to support server selection, and creating DevOps scripts for easy deployment.

The result will be a proof-of-concept server, a public demo deployment for testing, documentation for connecting libsignal-based clients such as Whisperfish, and proposals for further research into decentralizing Signal. The project aims to preserve Signal's high security standards and compatibility while increasing autonomy and privacy in secure messaging.

>> Read more about Flatline Server

Flock XR — 3D visual creativity and coding tool

Flock XR is a visual creativity and coding tool that allows young people to create 3D experiences in a web browser. Flock XR allows young people and beginners to create apps relevant to the virtual worlds that they use socially. Through creating with Flock XR, young people develop technical and creative skills such as coding and working in 3D space with 3D models and animations. They will be able to create using extended reality features including VR, Augmented Reality, 3D printing and spatial audio. This puts them on the path to amazing career opportunities across many industries. Flock XR is being developed with an inclusion first approach using co-design techniques with young people in our pilots. After a successful schools pilot we are focussing on improving user experience, stability and access for all.

Flock XR builds on established open source tools, Blockly and Babylon.js to bring modern 3D creation to young people on the devices they already use. We’re designing Flock XR for users who may have older hardware and limited data access. And we take young people’s rights, safety and data privacy very seriously. We’re extending young people’s reality with Flock XR and giving them the skills to create the virtual worlds that humanity needs.

>> Read more about Flock XR

Follow-me slideshow for Collabora Online — Accessible slideshows for videoconferencing tools

Collabora Online is an open source online office suite built on LibreOffice technology, enabling web-based collaborative real-time editing of word processing documents, spreadsheets, presentations, and vector graphics. This project improve the presentation mode with a feature where one leader can control the presentation and others can remotely follow this easily, including slide transitions, animations and other complex content. This includes some accessibility support and integration into existing open-source video call software.

>> Read more about Follow-me slideshow for Collabora Online

Forgejo — Self-hosted lightweight software forge

In order to collaborate among global FOSS communities, software repositories need to be made available online. Running such repositories on top of a third party proprietary service introduces ethical concerns, privacy risks and geopolitical issues, where the political situation in one country can have an impact on the availability of technology in other countries. Forgejo is a forge application with a focus on software freedom, transparency, privacy and accessibility, but also pays great attention on stability, usability / user experience and federation in the long term.

To address usability issues with the current contribution workflow, that was in large parts inherited from proprietary platforms like Microsoft GitHub, we want to innovate and improve the way contributions can be made using Forgejo, inspired by existing workflows such as Gerrit and AGit. Further, more important usability around LFS, accessibility issues and moderation features will be worked on in the scope of this grant.

>> Read more about Forgejo

Wikirate Frameworks — Open corporate data in Wikirate through the lens of standards

Wikirate.org is the largest open-source open-data registry of Environmental, Social and Governance (ESG) data about companies. The project, “A Frameworks Framing: Open Corporate data through the lens of standards”, aims to enhance Wikirate.org by integrating ESG standards and frameworks as key navigational and analytical tools. The enhancements will make it easy for diverse stakeholders – such as researchers, CSOs and investors – to navigate the many existing frameworks conceived to organize ESG data. It can be very difficult to wrap one’s head around any single ESG framework, much less to see how all the frameworks interrelate. There is, however, quite a lot of interrelation. Frameworks end up needing the answers to overlapping questions (or, in Wikirate terms, metrics). The functionality developed in this grant will enable users to see how Wikirate metrics and datasets align with one or more frameworks. The project will facilitate better understanding and use of corporate data for stakeholders by streamlining the organization of ESG topics, advancing open standards, and making frameworks central to exploring metrics.

>> Read more about Wikirate Frameworks

Funkwhale Federation — Extend ActivityPub capabilities for Funkwhale

The project summary for this project is not yet available. Please come back soon!

>> Read more about Funkwhale Federation

FuseSoc-compatible Web Catalog — A catalog of gateware that can be easily used with FuseSoC

FuseSoC is a package manager for chip designs, allowing for easy reuse and sharing of IP cores as well as combining them into larger systems. Its native core description format (CAPI2) allows describing IP cores in a tool- and vendor-independent way. Together with FuseSoC's backend library Edalize this enables creating and using portable IP cores and SoCs for a large number of EDA tools and flows.

This project will extend FuseSoC with a collaborative database and a web frontend that allows users to upload their core description files to a central repository to make it easier for others to find and inspect them. In addition, signing, SBOM generation and a web frontend will be added to increase transparency, trust and security.

>> Read more about FuseSoc-compatible Web Catalog

Garage Administration UI — Easier administration for selfhosted storage buckets

Garage is a lightweight geo-distributed data store that implements the Amazon S3 object storage protocol. Garage is meant primarily for self-hosting at home on second-hand commodity hardware, and aims be easy to deploy and maintain, so that hobbyists and small organizations can use it without a hassle. To further this goal, the Garage admin interface project aims to develop a web UI to make cluster administration easier and more intuitive. This interface will cover the most common operations on Garage cluster: visualizing cluster status; joining new nodes, removing nodes, and changing node configuration; and management of S3 access keys, buckets and bucket configurations.

>> Read more about Garage Administration UI

USB 3 PHY implementation on GateMate FPGAs — USB 3 PHY implementation with Cologne Chip GateMate FPGA Transceiver

Since its introduction at the end of the previous century, USB has developed into the most widely used interface to connect all sorts of electronic devices. Recent versions of the USB standard provide serial communication at speeds of 5Gbps and higher, which require a dedicated hardware block (transceiver) inside a chip. Throughout the last decade, FPGA devices are gaining popularity in many applications and this trend will not stop. Even small and low-cost modern FPGA devices, such as GateMate FPGA from Cologne Chip AG, include transceivers capable of communication at 5Gbps. However, no Open Hardware and FOSS implementation of USB 3.x is available. This project will enable a universal and libre USB 3.2 Gen.1 x1 (5Gbps) connectivity on the GateMate FPGA.

>> Read more about USB 3 PHY implementation on GateMate FPGAs

SIP improvements for GNOME Calls — Add DTLS-SRTP to GNOME Calls

Audio (and video) calling over the internet have become ubiquitous and the Session Initiation Protocol (SIP) has often been used for establishing connections between peers. Calls can be used for calling both over GSM and VoIP using SIP. It is a component of the GNOME/Phosh mobile ecosystem and is included in operating systems targetting Linux smartphones, such as Mobian or postmarketOS.

One of the goals of this project is to implement the DTLS-SRTP protocol which comes with better security properties over the current SRTP implementation, while another would be general user experience improvements. GNOME/Phosh and Calls run on multiple different phones on a variety of fully FLOSS operating systems, today. This project should help increasing existing users privacy while also broadening the appeal of open source soft- and hardware, which do not exploit the user's data by default.

>> Read more about SIP improvements for GNOME Calls

Verilog-AMS in Gnucap — Improve performance and Verilog-AMS coverage in Gnucap

Verilog-AMS is a widely used standardised modelling language for physical systems, such as electronic circuits. In this project we will continue the work on a first free/libre reference implementation. The overall goals are to improve simulation in terms of speed and feature coverage.

In this project Gnucap will implement more of the standards, specifically features related to the digital domain. New features will include the delay and signal strength modelling capabilities as well as sparse output in form of value change dumps. We will reassess and improve the performance of Verilog behavioural models and revise the mixed mode simulation algorithm. We will enhance the compatibility with Spice simulators improving the upgrade path from Spice based modelling applications. This includes the syntactical support for popular behavioural modelling devices enhancing the use of existing Spice macros within a Verilog environment. Basic scripting commands compatible with Nutmeg will be provided. We will continue the work related to data exchange between EDA tools, such as schematic and layout editors. We will extend towards compatible device representation that works across different applications enabling the seamless interchange of complete circuit models.

>> Read more about Verilog-AMS in Gnucap

Nix Integration for Hop3 — Nixify the Hop3 self-hosted cloud platform

Hop3 is an open-source orchestration platform designed to simplify the deployment and management of distributed applications across cloud and edge environments. With a focus on flexibility, security, resilience, and ease of use, Hop3 empowers developers and small organisations to take full control of their IT infrastructure and data, ensuring digital sovereignty and avoiding vendor lock-in. The project will enhance the Hop3 platform by integrating Nix, a powerful package manager known for its ability to create reproducible environments, to improve build-time flexibility and ensure consistent, reliable run-time performance. As a test bed and showcase of this integration, we will package 20 diverse and impactful F/OSS applications. Additionally, we will develop new resilience and cybersecurity features to further strengthen the platform's robustness and security.

>> Read more about Nix Integration for Hop3

Icosa Gallery — Community-led 3D creation and sharing tools

Icosa maintains three projects that build upon the legacy of Google's Tilt Brush, Blocks and Poly. We are developing open-source, community-led 3D creation and sharing tools. Open Brush, which allows users to paint in 3D space, creating immersive artworks. Open Blocks provides intuitive tools for low poly 3D modeling, enabling the construction of virtual objects and environments. Icosa Gallery serves as a 3D model hosting platform, providing a central location for sharing, viewing, and distributing 3D assets. We aim to enhance the interoperability and content processing pipeline with improved format conversion, and streamlined workflows. The reusability of the Icosa Gallery will be improved making it more useful for integrating into existing websites, editor tools for the Gallery Viewer will be created, and integrations with Blender and Godot will be enhanced. These improvements will solidify the foundation of this open-source 3D ecosystem, facilitating wider creation and distribution of 3D content.

>> Read more about Icosa Gallery

Federating pedagogical immersive experiences — Framework for playful learning content in enhanced reality

Emerging technologies like augmented and virtual reality (XR) provide incredible avenues to teach and learn. Unfortunately, nearly all content and ways to create it remain centralized through large captive platforms. Such platforms lock users and their creations to their closed source environment and filtering mechanisms. This process risk reflecting assumptions on how teaching can be done. The project "Federating pedagogical immersive experiences" proposes a self-hostable platform to remix simple pedagogical XR games. Learners themselves can then, together with parents and teachers, freely share back pedagogically, culturally and linguistically adapted content - curated by their own instance and benefiting from immersive technologies without being locked to a platform.

>> Read more about Federating pedagogical immersive experiences

Collabora Online Multi-user Infinite Canvas — Infinite Canvas / collaborative presentation mode for Collabora Online

Collabora Online is an open source online office suite built on LibreOffice technology, enabling web-based collaborative real-time editing of word processing documents, spreadsheets, presentations, and vector graphics. This project will implement an infinite canvas for presentations, a presentation mode where individual slides are positioned in a 2.5D plane - which becomes apparent when moving from one slide to another. This allows for non-linear presentation modes, as well as presenting the overall outline of the whole presentation in a visual way which users can intuitively grasp.

>> Read more about Collabora Online Multi-user Infinite Canvas

Accessible KDE File Management — Accessible file dialogs throughout KDE applications

This project aims to make a core part of computing with KDE software, namely file management, fully accessible. Many applications and frameworks by KDE are used in high-profile institutions and the public sector. Even though a main point of focus of this project is the improvement of accessibility in KDE's default file manager Dolphin, most of the work benefits framework code which is used in many of the most popular applications in the FLOSS ecosystem. As such, this project will empower people with disabilities around the world to perform more computer-driven tasks efficiently.

The accessibility improvements to "Open/Save" dialogs, the keyboard shortcut editor, and various other panels and dialogs will simplify integration of people with handicaps in various social and work contexts including public institutions and private companies, which in turn will allow more of them to base their digital infrastructure on open standards and digital commons in line with EU's value "to be free from discrimination on the basis of […] disability".

>> Read more about Accessible KDE File Management

KDE Plasma Gestures — Advanced customisable gesture input on desktop and mobile

Plasma Desktop, made by the KDE community, is a powerful free and open source platform that competes with proprietary operating systems. This project will introduce new functionality for multi-touch and stroke gestures. Multi-touch gestures allow a user to easily switch between virtual desktops, or to open Plasma's Overview mode. They will become customizable, with a wide selection of available desktop actions. Stroke gestures allow drawing shapes to trigger actions, launch apps, and more. They will be introduced into Plasma's core desktop experience, complete with a configuration page in System Settings. Together, these features will make Plasma Desktop even more productive and intuitive to use.

>> Read more about KDE Plasma Gestures

Kaidan MUC + legacy OMEMO — Multi-user chat and improved legacy interoperability for Kaidan XMPP client

Kaidan is a user-friendly and modern chat app for every device. It uses the open communication protocol XMPP (Jabber). Unlike other chat apps, you are not dependent on one specific service provider. Instead, you can choose between various servers and clients. Kaidan is one of those XMPP clients.

It is easy to get started and switch devices with Kaidan. Additionally, it adapts to your operating system and device's dimensions. It runs on mobile and desktop systems including Linux, Windows, macOS, Android, Plasma Mobile and Ubuntu Touch. The user interface makes use of Kirigami and Qt Quick. The backend of Kaidan is entirely written in C++ using Qt and the Qt-based XMPP library QXmpp.

This project will make improvements to Kaidan across the board, ranging from multi-user chat, backups, bookmarks, support for legacy OMEMO encryption, SASL improvements, message retraction and more media sharing functionality.

>> Read more about Kaidan MUC + legacy OMEMO

LLM2FPGA — Run Open Source LLMs locally on FPGAs

LLM2FPGA aims to enable local inference of open-source Large Language Models (LLMs) on FPGAs using a fully open-source toolchain. While LLM inference has been demonstrated on proprietary hardware and software, we are not aware of any widely recognized project running open-source LLMs on FPGAs through a fully open-source EDA (Electronics Design Automation) flow. To fill this gap, the project will produce an HDL implementation of a lightweight open-source LLM, verify it via simulation, and then attempt synthesis and place-and-route on freely supported FPGA devices. By providing a fully open alternative to proprietary and cloud-based LLM inference, LLM2FPGA will offer a transparent, flexible, and privacy-friendly way to run your own LLM on local hardware.

>> Read more about LLM2FPGA

Land — Code editor building on Tauri and VSCodium

Land is a customisable open-source code editor that puts users in control and emphasizes rebuildability. Land in particular aims to provide a smooth and responsive alternative to VS Code™, the proprietary code editor on which many developers currently depend. Land allows you to continue to use the key features developers rely on in VS Code, but also allows to remove intrusive integrations and undesirable dependencies. Because Land is powered by Tauri instead of Electron, it won't hog your resources. Compared to VS Code it has enhanced modularity and extensibility, and obviously telemetry is disabled by default. Take back control of your code, rebuild your tools your way.

>> Read more about Land

LeanFTL — Flash Translation Layer library for embeddedsystems

LeanFTL is a "Flash Translation Layer" library targeting embedded systems. An FTL library is needed on all embedded systems to deal with the constraints inherent to flash memories and to be able to resume operations safely after an unexpected loss of power (AKA "tearing events"). LeanFTL aims at being a minimal library easily portable to any MCU and able to manage both internal and external flash memories. LeanFTL goal is to avoid fragmentation by design, this means that fragmentation never occurs no matter the usage pattern. Another important feature is the emulator which allows running LeanFTL on a personal computer, allowing the integrator to provide such an emulator for its firmware. Last but not least, the emulator is able to simulate "tearing events" - this is key to ensure robustness and security of an embedded system. In other words, LeanFTL not only provide the Flash Translation Layer, it also provides a tool for validating it is correctly used, something which is typically lacking even in commercial libraries.

>> Read more about LeanFTL

Lens/FreeCAD integration — Collaborate on parametric CAD Models for hardware design

This project advances an open source software stack that enables the free exchange of parametric CAD models for Open Source Hardware. FreeCAD -- software for designing and manufacturing physical objects in 3D -- has recently reached its 1.0 release milestone. Ondsel Lens, now also open source, is server software that complements FreeCAD. Together, Lens and FreeCAD enable users to share and configure designs: FreeCAD users can use Lens to collaborate, while others can customize parametric models through a Lens website and download them, for example for 3D printing. This project will enhance FreeCAD to better support collaboration via Lens and to incorporate models hosted on Lens servers into new designs. We will also improve the Lens plugin for FreeCAD, providing tight and seamless integration, for example enabling users to embed online models directly into their projects. This taps into the internet as a digital commons for open hardware, powered by a fully open software stack.

>> Read more about Lens/FreeCAD integration

LiberaForms — Self-hostable E2EE libre form server

LiberaForms is an online form tool to easily create and manage forms. It can be used by neighbours, friends, colleagues and anyone else who values privacy. The server can be self-hosted and form answers can be end-to-end OpenPGP encrypted. LiberaForms comes with a comprehensible list of features for both form authors and site administrators alike, such as integrated GDPR policies. This grant will be used to make a number of usability improvements, to make LiberaForms a relevant tool for educational use cases, and add many new features requested by the people who already use it.

>> Read more about LiberaForms

Libre-Chip CPU with proof of No Spectre bugs — Open Hardware high performance CPU with speculative execution

Modern computers suffer from a constant stream of new speculative-execution security flaws (Spectre-style bugs). To address this major category of flaws, we are working towards building a high-performance computer processor (CPU) with speculative execution and working on a mathematical proof that it doesn't suffer from any speculative-execution data leaks, thereby demonstrating that this major category of flaws can be eliminated without crippling the computer's performance.

>> Read more about Libre-Chip CPU with proof of No Spectre bugs

LibrePCB 2.0 — New UI & powerful features for a future-proof LibrePCB

LibrePCB is a free and open source electronics design automation (EDA) software suite to develop printed circuit boards (PCBs). It runs on all major platforms and aims to be easy to use, while still beeing able to create professional schematics and PCBs. While it is already used productively by people all around the world, the development of new features became to stuck because of limitations of the current UI concept. To pave the way for new features, a completely new UI will be developed with the goal of having a unified, tabbed window as known and proven by many other applications. In addition, a first attempt of moving from C++ to the safer language Rust will help us to benefit from modern technologies. Together with more import/export capabilities, performance improvements and other frequently requested features the outcome will be released to users by a new major version LibrePCB 2.0.

>> Read more about LibrePCB 2.0

LibreSilicon: Pad Cell Generator — Custom pad cells for integrated chip layout generation

The LibreSilicon pad cell generator is the last missing puzzle piece needed for an integrated chip layout generation flow, from Design Rules and Mixed Signal designs to a layout which can be manufactured by foundries. A straightforward solution to turn the mixed signal HDL (Verilog-AMS) into a unified layout, helps to get rid of hairy IP issues when it comes to using standard cells and pad cells and other gateware from third party provider. Pad cells are used to generate the pad frame, the part of the chip around the internal logic which actually connects silicon circuits to the outside world through the pins of the package. Pad cells also protect the internal circuitry from overvoltage, overcurrent and electrostatic discharge (ESD).

>> Read more about LibreSilicon: Pad Cell Generator

Librecast Studio — Community platform for multimedia collaboration and events

Multicast is both a network technology and a design methodology where the recipient is always in control of the data they receive and the medium in which they receive it. Multicast design is based on consent.

Building on Librecast's multicast network layer, Librecast Studio is developing a multi-purpose community platform enabling communities to build their own spaces for multimedia collaboration and events. This will allow groups of people to organize, work, play, and participate in communities for any purpose.

Unlike many other platforms used for live events and playback, Librecast Studio delivers separate streams of raw data, letting the end user choose what they hear, see, and how it is rendered.

>> Read more about Librecast Studio

Livebook — Robust and distributed data and ML workflows with Python, Elixir, and Livebook

Livebook is an open-source interactive notebook application for the Elixir programming language and the Erlang VM ecosystem. It enables users to write, execute, and document code in real-time within a browser interface, making it ideal for exploratory programming, data analysis, teaching, and documentation. Livebook features built-in markdown support, real-time collaboration, custom visualizations, "smart cells" to automate common workflows, as well as built-in concurrent and distributed execution. The project supports the Elixir and Erlang languages and is integrating additional ones.

>> Read more about Livebook

MNT Reform Touch — Open Hardware tablet device

For an increasing amount of people tablets are the main computing device - as a simpler, more portable alternative to laptop or desktop computers. Tablets are particularly suited for consuming entertainment and web browsing. They also serve some specialized use cases in digital design, AR, and education. This rise in usage has not been accompanied by an equivalent openness in terms of development and maintenance. Desktop computers are typically easy to take apart and upgrade with commodity components, and for laptops this is often possible to some extent as well.

The tablet devices consumers typically use are locked down black boxes running operating systems that consistently compromise privacy and security. This project aims to develop an open source hardware table based on modular principles, with a focus on Linux Mobile integration. A such its contributes meaningfully to a growing ecosystem of FOSS devices.

>> Read more about MNT Reform Touch

Test Procedures for MOSFET SPICE Model Validation — Verilog-A compact models validation for Open PDK's

The emergence of open PDK initiatives reduce barriers to entry for integrated circuit (IC) design and manufacturing, serves thelong term goal of promoting academic/industrial collaboration, and stimulate innovation in the field of semiconductor IC design. Open PDKs have the potential to "standardize" PDKs (process design kit), and move away from proprietary/licensed EDA vendor formats. This is needed to democratize open source IC design flow and manufacturing. Open PDKs provide open access to IC design resources.

The compact/SPICE models of semiconductor devices are the core of open PDK efforts. SPICE executes implemented Verilog-A compact models. A model of a semiconductor device (passive elements and active, eg: diodes, mosfets, bjts) is primarily a "compact device model". Validation benchmarks are not yet available in the public domain. This project represents the very first attempt to implement these tests for the compact model available in open PDKs. It aims to establish such tests for the compact models in open PDKs, which are intended to be generic enough for model quality assurance testing with FOSS circuit simulators such as GnuCAP, ngspice, xyce, Qucs, among others.

>> Read more about Test Procedures for MOSFET SPICE Model Validation

MOTIS — European Public Transport Door to Door Real-Time Routing with MOTIS

This project aims to enhance MOTIS, an open-source, scalable, intermodal real-time routing system that powers the provider-neutral public transport routing service transitous.org. This grant will add support for the relevant European Transmodel data standards NeTEx, SIRI-ET, SIRI-SX, and OJP. Hereby, we will enable open and privacy friendly borderless routing across Europe from door to door using data published by European National Access Points (NAP) in compliance with EU regulation 2017/1926. Its results will be deployed via transitous.org and integrated into applications such as KDE Itinerary, KTrip, and Gnome Maps, fostering a fully open alternative to proprietary solutions.

>> Read more about MOTIS

Machine Usable Output for Sequoia — Reliable, scriptable memory-safe OpenPGP with JSON input/output

The project summary for this project is not yet available. Please come back soon!

>> Read more about Machine Usable Output for Sequoia

Maemo Leste Daedalus — Improve device coverage and advanced security for mobile Linux distro

Maemo Leste is a Free and Open Source mobile operating system based on GNU/Linux. The goal of the initiative is to provide a secure and modern mobile operating system that consists only of free software, obeys and respects the users' privacy and digital rights. Maemo Leste is currently focussing on upgrading and modernising it's core to the latest Debian and Devuan versions, improving the stability and security of the system as well as widening the array of supported devices.

>> Read more about Maemo Leste Daedalus

Manyfold — ActivityPub-powered tool for storing and sharing 3d models

Manyfold is a web application for managing collections of 3d models, with a focus on the needs of the 3d printing community. It is designed to be self-hosted, and lets users browse, organise, and analyse their downloaded models. With NLNet’s support, the project has recently launched federation features using ActivityPub, progressive transmission of 3d models, and a wide range of core feature enhancements. The next phase of the project will build on this base to create richer social features, better ways to get models into and out of the system, features to help financially support creators, and improvements to search and discovery features, all of which will help build an open, decentralised ecosystem for 3d model hosting.

>> Read more about Manyfold

Massive FOSS scan — License scan on the whole Software Heritage archive

ScanCode is a comprehensive open source license and code origin scanner. It is actively used by many proprietary and FOSS tools for Software Composition Analysis. This project will make detecting FOSS licenses an issue of the past by running a massive license scan on the whole Software Heritage archive of over 20 billion unique source code files from more than 327 million projects, and the PurlDB index of all major package registries and linux distro's. The outcomes will be a massive commons reference database to speed up future scanning and matching processes with accurate license information, and a massive collection of fingerprints to enable approximate code matching at scale. This will be applied to the Software Assurance/MatchCode project, and available for other users and organizations as open data to improve FOSS code matching and discovery at an unprecedented scale.

>> Read more about Massive FOSS scan

Mastodon for institutions — Features for institutional instances of Mastodon

Mastodon is a widely used open-source social media platform and the best alternative to the big tech text-based social media. This proposal aims to enhance its suitability for institutional use deploying their own server by introducing features such as customizable branding and landing pages, stronger security options like enforced 2FA and WebAuthn, the ability to embed timelines on external websites, and email-based post subscriptions for broader public reach.

Those features have been asked by many organizations that are working on establishing a presence on the open social networks and will allow them to use Mastodon as their official Fediverse presence.

>> Read more about Mastodon for institutions

Mautic Portability — Portable marketing campaigns for Mautic

Mautic is an open source marketing automation platform. It helps organizations to better understand their customers throughout their lifecycle, and, combined with what they already know about the customer and how they interact with marketing campaigns, enables full personalization of the digital experience across multiple channels. This project lays the foundation for an important feature which is much-requested and much-needed, to create a library of example campaign workflows and associated resources which marketers can install with a single click, saving time and improving best practice adoption. This project sees the establishment of an export and import functionality for campaigns and all associated resources. This project will also enable the export and import of this data between Mautic instances, further improving data portability.

>> Read more about Mautic Portability

Maven Heaven — Scan, review, curate and fix metadata of Java packages

The Apache Maven Central repository is the center of the Java development world, where all open source dependencies are fetched from, hosting over 3 million Java packages. Java JAR origin metadata and licensing documentation is declared by the authors as part of a POM metadata, but this can be misleading or incorrect. There are also thousands of copies of Java packages, such as Log4J embedded (or shaded) in other JARs, and these go undetected by most tools. Accurate Java origin and license metadata is essential to safely automate the consumption of Java packages in the software supply chain.

Maven Heaven fixes this problem in multiple steps: it will scan, review, curate and fix the metadata of the most popular Java packages. The data will be released under an open license, and the project will work with the Maven community to provide it as part of the Maven services and repo, allowing to cross-check and report code borrowing and reuse between Java projects. The team will deploy an AboutCode toolchain as a service for all Java authors to review, validate and enrich metadata.

This project is a collaboration between AboutCode and Log4J maintainers to help uncover issues, and help upstream authors fix these issues. It should allow Maven packages to be shared with better, more accurate origin and license metadata, possibly right at creation time. The increased level of trust in Maven Java JARS will make it easier to consume more Java packages safely.

>> Read more about Maven Heaven

Mobile Typst editor — Mobile editor/viewer for Typst documents

Typst is a new markup-based typesetting system that is designed to be as powerful as LaTeX while being much easier to learn and use. The Typst for iOS project focuses on creating a smooth Typst document editing experience akin to Swift Playground's editing experience. Additionally it allows the compilation, presenting and sharing of pdf files all from an iPhone or iPad.

>> Read more about Mobile Typst editor

Open Terms Archive vendor lock-in break — Public tracking of the evolution of terms and conditions

Open Terms Archive is a digital public good that archives every version of the terms of over 800 digital services to support democratic oversight by regulators, lawmakers, journalists, researchers, and civil society. Open Terms Archive has prioritized adoption in multiple industries and jurisdictions over the past four years, by enabling easy connection from its fully open-source engine to free but proprietary platforms. The "Open Terms Archive vendor lock-in break" project aims at replacing the hardcoded interconnections with proprietary software with standardized APIs and connectors for at least one open-source platform for issue reporting, email notifications, dataset distribution, and RSS feeds publishing, while keeping compatibility with existing integrations that are used by community members.

>> Read more about Open Terms Archive vendor lock-in break

muchrooms — XMPP group chat implementation in Rust

The project summary for this project is not yet available. Please come back soon!

>> Read more about muchrooms

Mustang - UI components — Integrated email, team chat, video conference, calendar and file exchange

Mustang is an Open-Source desktop and mobile app that seamlessly integrates email with team chat, video conference, calendar and file exchange into a single app for communication. It is available for Windows, macOS, Linux and planned for Android and iOS. It respects user privacy and data sovereignty, keeping the data on your own computer systems. By supporting various open protocols (and optionally through extensions also closed protocols of multiple vendors), it allows for a smooth transition to openness. In this project, certain UI components will be developed, the File Sharing UI be improved, and a prototype UI for Structured Data in email (SML) be implemented. As time permits, other components will be developed as well.

>> Read more about Mustang - UI components

Mustang UX — Integrated email, team chat, video conference, calendar and file exchange

Mustang is an Open-Source desktop and mobile app that seamlessly integrates email with team chat, video conference, calendar and file exchange into a single app for communication. It is available for Windows, macOS, Linux and planned for Android and iOS. It respects user privacy and data sovereignty, keeping the data on your own computer systems. By supporting various open protocols (and optionally through extensions also closed protocols of multiple vendors), it allows for a smooth transition to openness. In this project, the focus is on UX design, connecting the various apps together to create a unified whole.

>> Read more about Mustang UX

Timing Modeling and Integrated Verification in Naja — Timing aware netlist optimisation with Logic Equivalence Checking

Naja is an open-source Electronic Design Automation (EDA) project focused on the editing, optimization, and verification of post-synthesis netlists—data structures that describe the logical connectivity of electronic circuits after synthesis.

This project will introduce two key components to Naja and the broader open hardware and EDA ecosystems: a flexible high-performance timing model engine designed for tight integration with placement and routing algorithms, and a built-in logic equivalence checking (LEC) infrastructure, optimized for incremental verification of netlist modifications—particularly in the context of Engineering Change Orders (ECOs). By addressing these important gaps in timing-aware design and incremental formal verification, the project aims to contribute important technological bricks to the open-source community, supporting the development of more capable and reliable open source EDA tools.

>> Read more about Timing Modeling and Integrated Verification in Naja

NextGraph Framework — SDK's and API's for the NextGraph Framework

NextGraph is an open source ecosystem that provides solutions for end-users (a platform) and software developers (a framework), wishing to use or create decentralized apps featuring: real-time collaboration, peer to peer communication with end-to-end encryption, local-first, portable and interoperable data, total ownership of data and software, security and privacy. Centered on repositories containing semantic data (RDF), rich text, and structured data formats like JSON, synced between peers belonging to permissioned groups of users, it offers strong eventual consistency, thanks to the use of CRDTs. Documents can be linked together, signed, shared with others, queried using the SPARQL language and organized into sites and containers. Using our framework, SDK and APIs, developers will be able to create standalone or embedded apps that can make capability-based access requests on the user's data, define smart-contracts and implement any business logic within cross-document transactions. With NextGraph, users and apps can securely access and traverse their authenticated data graph (web of data) and social graph (social network), while enabling resilience and data integrity, and preserving privacy and decentralization.

>> Read more about NextGraph Framework

Nitrokey 3 Storage — Add encrypted storage capabilities to Nitrokey 3

The Nitrokey 3 Storage project develops a next-generation variant of the successful Nitrokey Storage 2 USB security key that combines modern authentication and cryptographic token capabilities with high-performance encrypted storage functionality. Building upon Nitrokey's extensive experience in secure USB devices and leveraging a more powerful microcontroller with embedded eMMC storage, this project addresses the significant performance limitations of existing solutions while maintaining open-source principles. The development will also ensure the device is future-proof for post-quantum cryptography applications. Unlike proprietary encrypted storage solutions currently available, the Nitrokey 3 Storage will be fully open-source device to seamlessly integrate security token features with high-performance encrypted storage, providing organizations and individuals with a comprehensive security solution that bridges the gap between pure authentication devices and secure storage systems, while contributing valuable open-source reference implementations to the broader security community.

>> Read more about Nitrokey 3 Storage

Nitrokey 3 FIDO2 Level 2 — Achieve formal certification for open hardware security key

The Nitrokey 3 Mini is an open-source and open hardware FIDO-compliant USB security key that currently holds FIDO2 level 1 certification. This project aims to achieve FIDO2 level 2 certification, which requires significantly higher security through hardware-based protection of cryptographic keys and operations. By ensuring all sensitive operations occur within secure hardware boundaries, this will become the first open-source FIDO authenticator with L2 certification. As governments increasingly deploy citizen services requiring L1-certified+ devices for authentication, this project addresses a critical gap in the market where only proprietary solutions from large manufacturers currently meet these standards. The certification process and technical implementation will be openly documented and shared with the community, providing a reference implementation that benefits the entire open-source security ecosystem and enables citizens and companies to use truly open hardware for accessing government services.

>> Read more about Nitrokey 3 FIDO2 Level 2

NodeBB context discovery — Improving safety, long-form text + threaded discussion elements

The project summary for this project is not yet available. Please come back soon!

>> Read more about NodeBB context discovery

Oils for Unix — An upgrade path for legacy shell

The Oils project is an upgrade path from the widely used GNU bash and POSIX shell to a better language and runtime. OSH runs existing shell scripts of any size, while YSH is a new shell without legacy, and with real data structures and reflection. Oils is implemented with high-level, memory safe languages, but it's as fast as shells written in C. In this grant, we focus on validating OSH with real-world Linux distro builds. We also investigate new use cases for shell programming (with reflection) and new shell interfaces (GUIs).

>> Read more about Oils for Unix

Owi 2 — Cross-language symbolic execution via Wasm

Owi is a toolkit for Wasm. It features a symbolic execution engine that can be used to analyze languages compiling to Wasm. So far, it has built-in support for Wasm, C, C++, Rust and Zig. It allows to perform automatic bug-finding, test-case generation, solver-aided programming and proof of programs. It differs from other engines by a few characteristics: it performs *parallel* symbolic execution, it does not perform approximations, it supports multiple SMT solvers, and can be used for cross-languages programs analysis. For instance, it identified a bug in the Rust standard library. The most exciting current goals are to extend it to be able to support new programming languages such as Haskell, TinyGo, OCaml and Guile, along with the ability to analyze real world projects by adding compatibility with various build systems and modeling complex interactions with the host system.

>> Read more about Owi 2

Ontogen and Mud — Advanced versioning and identity management for RDF datasets

Ontogen is a specialized version control system for RDF datasets, addressing unique challenges in semantic web data management. In this project, we aim to significantly enhance Ontogen's capabilities and usability. A key improvement is extracting and expanding Ontogen's configuration language into Mud, a standalone RDF preprocessing language for comprehensive identity management. Mud will extend beyond configuration, offering expanded identity management for all resources in RDF datasets and providing extensible support for other common operations when working with RDF data, like RDF smushing for example. Also a robust synchronization protocol should be implemented in Ontogen, enabling a complete repository copy in the file system, allowing seamless use of text editors and other file-based utilities for working with the versioned dataset, as well as integration with Git or other file-based version control systems. Additionally, support for datasets with multiple graphs should be extended. These advancements will make Ontogen more flexible, accessible, and secure, paving the way for its adoption in production environments and opening up new possibilities in RDF data management.

>> Read more about Ontogen and Mud

OpenEPT Ecosystem — High-end open hardware to analyse energy consumption

With the increasing prevalence of battery-powered embedded systems, the efficient utilization of limited energy resources has become a critical priority in firmware development. Our goal is to provide a compatible set of hardware and software tools that will facilitate analysis of energy consumption and support systematic firmware energy optimization. The Open Energy Profiler Toolset (OpenEPT) ecosystem will provide diverse hardware solutions, a user-friendly interface encapsulated in a GUI application, and a collaborative database infrastructure that brings together engineers and researchers to drive innovations in the field of battery-powered technologies. OpenEPT hardware will enable energy measurements for a diverse range of applications from low-power, single-cell battery-powered embedded systems to multi-cell LiPo battery-powered systems with high current consumption. The user-friendly OpenEPT Graphical User Interface will incorporate advanced features for analyzing firmware energy footprints and easy identification of energy bottlenecks in the system. The OpenEPT database infrastructure will facilitate collaboration between engineers and researchers by promoting data exchange. This shared data will be crucial for battery models development and validation, energy optimization in embedded systems, algorithm training and testing, educational purposes, and the further development of open-source solutions in battery-powered embedded systems.

>> Read more about OpenEPT Ecosystem

Open Everything Facts — Powering consumer choice on anything with a bar code

When we started Open Food Facts, it already seemed like a bold endeavour to compile comprehensive food product data into a single database, with far-reaching positive impacts, and the rest is history. Why not extend this concept further? Why should consumers not have the same level of informed decision-making power for products beyond food, like their shampoo, bicycles, refrigerators, or ventilation systems? Our ambition is to integrate our existing product databases — Open Food Facts, Open Product Facts, Open Beauty Facts, and Open Pet Food Facts — into one unified, easy-to-navigate mobile application. This will include a universal scan, a new unified versatile and simplified product page, simplified personal and private preferences, as well as the matching contribution experience. Ultimately, this project is a stride towards a world where transparency and informed choices are the norms, not the exception, in every aspect of consumer goods.

>> Read more about Open Everything Facts

OpenFlexure Microscope — Enabling telepathology with open hardware high end microscopes

The OpenFlexure Microscope is an open-source laboratory-grade robotic digital microscope. Robotic digital microscopy opens up huge potentials for remote collaboration in the diagnosis of disease, i.e. telepathology. Telepathology allows remote second opinions, or specialist diagnosis when no local specialist is available. It also opens up possibilities for scientific collaboration and online education. This project will enable us to work on the usability and robustness of our open source telepathology features. Clinical teams should be able to use the OpenFlexure Microscope for diagnosis in field conditions, anywhere in the world.

>> Read more about OpenFlexure Microscope

Open Prices - Scaling price collection — Crowdsourced consumer product price collection

Open Prices is the first open database of food prices collected through crowdsourcing. In less than a year, over 100,000 prices have been added by the Open Food Facts community. This project aims to scale price collection by developing machine learning tools to extract prices and barcodes from store shelf images. We will also build tools to improve data quality and enable community moderation. The overall goal is to make price data openly available for consumers, researchers, and public bodies, and to foster transparency, accessibility, and reuse of food pricing information.

>> Read more about Open Prices - Scaling price collection

OpenStreetMap-NG — Alternative implementation of OpenStreetMap

OpenStreetMap-NG is an innovative rethinking of how open mapping platforms can be built and maintained, as an alternative to the current openstreetmap.org setup. Leveraging Python and other widely used technologies and guided by user-centric design principles, this project creates a more accessible, privacy-respecting, and developer-friendly mapping platform. By prioritizing both solid technical foundations and ease of use, OpenStreetMap-NG wants to make open-source mapping more approachable while pushing the boundaries of what's possible.

>> Read more about OpenStreetMap-NG

Openki Roles — Restructuring role management in libre tool for crowd-sourced education

How do you discover what you can learn from the people around you? How do you search what other people in the same region have to offer, like a training course or a debating event?

Openki is an interface between technology and culture. It provides an interactive web platform developed with the goal to remove barriers for universal education for all. The platform makes it simple to organise and manage "peer-to-peer" courses. The platform can be self-hosted, and integrates with OpenStreetMap. At the moment Openki is focused on facilitating learning groups and workshops. The project will add course templates, streamline roles when organising courses and redesign parts of the interface in order to improve the overall user experience.

>> Read more about Openki Roles

Configurable Communication Channels for qaul — Distributed messaging over verifiable P2P channels

qaul is a privacy-preserving, internet-independent, off-the-grid, delay-tolerant P2P mesh messenger that can be used even in emergency situations. In this project, we will implement configurable communication channels in qaul. This implementation will create an enhanced proximity-aware and connection-aware publish/subscribe protocol with verifiable channels. These channels can be configured for open discussions, trusted information channels, distributed spam protection, or distributed network protection. The project will also optimize the onboarding process for new users in local communities.

>> Read more about Configurable Communication Channels for qaul

Modernizing Paged.js Web-to-Print — Quality typesetting based on HTML and CSS

Paged.js is a free and open source JavaScript library that paginates content in the browser to create print/PDF output from HTML and CSS content. This is necessary for instance for delivering browser-native office productivity solutions - users expect these to produce good output but don't want to have the burden of legacy formats. The proposed project will fundamentally revisit/upgrade the architecture of paged.js. to support additional layouts, add advanced layout capabilities and implement PDF/UA tagging.

>> Read more about Modernizing Paged.js Web-to-Print

Panoramax — Digital, collaborative immersive street level imagery

Panoramax is an immersive views project. It is a digital, collaborative, free and open community. Access to the photos is free. Panoramax operates as an instance or federation of instances for hosting images. Today, most contributions are made using web interfaces that are not suitable for smartphones. However, this is an important lever for increasing the number of contributions. The aim of the “A mobile app for Panoramax” project is to enable contributions from smartphones, while making them easy for everyone. The application will enable geolocated and sequenced photos to be taken and uploaded to the various community instances.

>> Read more about Panoramax

Peertube plugin livechat — Public and private messaging for Peertube content + live streams

Peertube is a free, decentralized and sovereign alternative to video-on-demand and live-streaming platforms. The Peertube Livechat project is a popular plugin for PeerTube that adds chatting capabilities to Peertube, so the audience can interact with streamers during their live streams. The functionality goes way beyond a mere chat system: it also provides moderation tools, polls, chat integration in the live stream, TODO-list for streamers and moderation team, and more. Its ambition is to become a complete ecosystem for live streaming.

>> Read more about Peertube plugin livechat

PeerTube for Institutions — Make PeerTube easier to manage and moderate at scale

PeerTube is a free-libre and federated video platforms that empowers anyone to self host video content without being isolated in the wide web. Many institutions have started using PeerTube, to reclaim control over their video hosting. By choosing PeerTube, they offer a wider audience the opportunity to familiarize themselves with PeerTube.

A significant part of this project focuses on enabling these institutional use cases, and is designed from their feedback. We plan to add ownership transfer and shared administration for video channels, quality of life features for moderation and administration, more control on an instance look and experience and a set-up wizard with relevant presets (and more). We also want to adapt the mobile app to tablet and TV devices, and add a watch offline option.

>> Read more about PeerTube for Institutions

Yrs persistent documents — Yrs/Yjs compatible layer for persistent key-value stores

Yrs is a local-first collaboration library widely used for real-time collaborative editing. Yrs is a a CRDT-based solution that currently works on documents fully loaded into memory, with disk storage happening through plug-ins. The primary goal of this effort is to make it more robust (and less resource-heavy) by creating an alternative implementation that works directly with the on-disk database. All of this needs should happen while remaining compatible with the existing in-memory Yrs implementation as well as the original Yjs JavaScript implementation.

>> Read more about Yrs persistent documents

Pnut — Reproducible build of GCC on POSIX shell

The C programming language underpins many critical components of modern infrastructure, with most programming languages relying on it, directly or indirectly, for their bootstrap. Given this pivotal role, reproducible builds for C are fundamental for the adoption of reproducible builds across the software landscape. The Pnut project aims to create a new bootstrapping path for GCC and the C ecosystem, leveraging Diverse Double-Compilation and POSIX shell instead of the usual auditable binary seed approach. This approach reduces the number of steps by starting at a higher abstraction level, in addition to not having platform specific seeds. The ultimate goal of Pnut is to deliver fully reproducible and auditable bootstrap for GCC, starting with Linux x86, requiring only a POSIX compliant shell and human-readable source files.

>> Read more about Pnut

PodOS — Personal Online Data Operating System aimed at exploring W3C Solid pods

PodOS is an operating system for data on Solid Pods, designed to bridge the gap between specialized apps and raw data management. It is built from the ground up for mobile-first UX, accessibility and maintainability, on top of re-usable custom elements. In the upcoming phase, PodOS will introduce new ways for users to structure, link, and repurpose their data, allowing them to organize information beyond the constraints of individual applications. Users will be able to extract information from classic documents or notes and transform them into structured resources that could be used with other Solid Apps. New developments will emphasise modularity and interoperability by integrating existing data modules, dynamically loaded dashboards and seamless transitions between PodOS and specialized apps. These advancements will give individuals and organizations greater flexibility and control over their data, making the Solid ecosystem more practical, interactive, and user-friendly.

>> Read more about PodOS

Podlibre — Dedicated, customizable podcast editor

Podlibre is an all-in-one, customizable podcast editor designed to empower podcasters with a tool they can rely on daily. In the past decade, the popularity of podcasts has exploded - but so far there was no good podcast-specific workflow for creators to handle the process. Obviously one can use generic sound editors, but these are typically geared toward music production and lack features that make it easy for podcasters and journalists to produce consistent podcast content. With a customizable workflow and plugin architecture, Podlibre allows users to tailor their experience while integrating with third-party services. It provides all essential features in one place, including noise reduction, mouth noise editing, multi-channel audio editing, music insertion, local transcription with manual correction, chapter editing, metadata editing (ID3, RSS), local publishing, and publishing to hosting platforms (Castopod, Funkwale, Faircamp).

>> Read more about Podlibre

Polyglot jaq — Data wrangling tool focusing on correctness, speed, and simplicity.

Data often needs to be processed going from one tool to another. Doing that is potentially a point of failure, as 'quick and dirty' solutions often fail to take into account edge cases. This project will build on top of Jaq, a Rust re-implementation of the widely popular jq syntax with rigorously defined semantics, and extend its approach to other data formats - from legible formats such as XML, YAML, TOML, CSV and Markdown to binary formats. For the latter, the project builds on the versatile parsing toolbox of Kaitai Struct.

>> Read more about Polyglot jaq

Pomme d’API — Improvements around the Open Food Facts API

Open Food Facts is an open and collaborative database of 3.5M food products from around the world. This project will improve the Open Food Facts API to make it easier for the 250+ apps and services that use it daily to access and contribute food products data. In particular, it will focus on providing easier means to contribute photos and data, better structured data, OpenAPI specifications, and extensive documentation.

>> Read more about Pomme d’API

PyCM — Machine learning post-processing and analysis

PyCM is an open-source Python library designed to systematically evaluate, quantify, and report the performance of machine learning algorithms. It offers an extensive range of metrics to assess algorithm performance comprehensively, enabling users to compare different models and identify the optimal one based on their specific requirements and priorities. Additionally, PyCM supports generating evaluation reports in various formats. Widely recognized as a standard and reliable post-processing tool, PyCM has been adopted by leading open-source AI projects, including TensorFlow, Google’s scaaml, Torchbearer, and CLaF. In this grant, the team will implement several new features, such as data distribution analysis, dissimilarity / distance matrices and curve analysis. In addition the project will improve benchmarking and confidence, and introduce an API and GUI for wider adoption.

>> Read more about PyCM

Reduced Feature-set Packet Filter — High throughput software firewall

The RFPF project aims at bridging the performance gap between the traditional software firewalls (typically choking at 10 Gbit/s line speeds or less) and the already ubiquitous 100 Gbit/s Ethernet. We are developing a user-space software firewall capable of sustaining 100 Mpps processing rates while doing multiple longest prefix matching (LPM) lookups in large datasets (such as BGP or GeoIP) on each packet. The main focus is on locally dampening large-scale packet-flooding attacks, while still being sufficiently flexible for many general-purpose firewalling application scenarios. RFPF uses a multithreaded, lockless userspace datapath, and forwards 60+ Mpps while doing multiple LPM lookups per packet with randomized traffic load, all at a fraction of max. CPU frequency. Working both on Linux and FreeBSD, RFPF currently relies on Netmap for fast packet I/O in user space, with a more efficient DPDK based datapath variant being on the near-term roadmap, along with improvements in our LPM lookup engine.

>> Read more about Reduced Feature-set Packet Filter

Re-isearch Schmate — Extending re-Isearch with a flat vector datatype for embeddings

Schmate is the development name for the evolving next iteration of re-Isearch adding vector datatypes for embeddings and applications like retrieval augmented generation (RAG). Schmate (pronounced "SHMAH-teh") is Yiddish for rag (שמאטע).

In contrast to typical vector stores the proposed re-Isearch+ shall offer a full passage information retrieval system (index and retrieval) using a combination of dense and sparse vectors as well as structure. It is dense passage retrieval (DPR) and a whole lot more. It addresses the stumbling blocks of chunking, has a tight integration of ingest, tokenisation, a number of alternative vector stores and similarity algorithms and, above all, uses a novel combination of understanding document structure (implicit and explicit) to provide a better contextual passage retrieval to solve the problem of misaligned context. This builds on the observation that meaning is also communicated through structure so needs to be viewed in the context of structure. Since structure like the words are meant by the sender (writer) to be received and understood (reader) our approach is to exploit the original author's organization of content to determine appropriate passages rather than relying solely on the chunks.

>> Read more about Re-isearch Schmate

io_uring-like IO for Redox — Introduce ring buffers in Redox to increase I/O performance

Redox OS is a Unix-like microkernel-based operating system written in Rust, intended for both the cloud and the desktop. The purpose of this project is to implement ring buffers for requests and data transfers between key microkernel components, and to measure the potential for performance gains. We will be examining ring buffers connecting drivers to system services, system services to the kernel, and system services to applications. We will also investigate compatibility APIs such as liburing.

>> Read more about io_uring-like IO for Redox

Redwax Server Modernisation — Self-hostable X509 certificate based identity management solution

The Redwax Project is a set of tools and web server modules to make it easy to build and deploy secure services on the web. The Redwax modular certificate authority mod_ca provides a set of Apache http server modules that can be combined to form various types of certificate authorities, issuing certificates from a Certificate Sign Request, or with the SPKAC and SCEP protocols, servicing certificate revocation with CRLs and OCSP, and creating timestamps.

The Redwax tool provides a mechanism to read certificates and keys from a wide variety of sources, automatically associating leaf, intermediate, and trusted certificates, and optionally their private keys, then showing the metadata of or writing the certificates in a wide variety of target formats. This project will update the key modules, adjust to the current Apache API's and also fully implement the meanwhile published RFC 8894.

>> Read more about Redwax Server Modernisation

Renderling ecosystem — Renderling

Renderling is a state-of-the-art, GPU-driven renderer that focuses on maximizing GPU capabilities for efficient scene rendering. The project is currently in the alpha stage and aims to enhance its adoption by addressing ecosystem challenges and collaborating with insdustry leaders from Mozilla and more. Renderling's development prioritizes performance, safety, and modern rendering techniques such as forward+ rendering, physically based shading and global illumination. The project is designed to support both native and web platforms, with a particular focus on the creation of "instant games" that are portable across platforms.

>> Read more about Renderling ecosystem

Repath Studio — SVG editor written in Clojurescript

Repath Studio is a cross platform vector graphics editor, that combines procedural tooling with traditional design workflows. It includes an interactive shell, which allows evaluating code to generate shapes, or even extend the editor on the fly. Supporting multiple programming languages and enriching the existing API is planned. The tool relies heavily on the SVG specification, and aims to educate users about it. Creating and editing SMIL animations - an SVG extension – is an important aspect of the project, that is yet to be fully implemented. An advanced undo/redo mechanism is used to maintain a full history tree of actions in memory, so users will never lose their redo stack. We are exploring ways to persist this history to disk. Some built-in accessibility testing tools are already included, but we want to add more. Extensibility is also something that we want to enhance, in order to allow creating and sharing custom tools and workflows. Integrations with third party tools will also be investigated.

>> Read more about Repath Studio

Reproducible Builds in the Scala ecosystem — Deterministic builds for software written in Scala

While open source components can be audited through their open version history, there is no guarantee that any binaries that are distributed actually correspond to those sources. The technique to validate this is known as "Reproducible Builds": by building the same code on independent infrastructure and verifying the results are identical, you can verify the binary artifacts have not been tampered with. This is useful both for project members who want to verify no malware was inserted via their CI system or developer build machine, and for 'external' auditors who can independently verify the project as a whole is not compromised.

This project intends to improve Reproducible Builds for software written in the Scala language, which typically use the 'sbt' build tool. It will do so by making improvements to the sbt-reproducible-builds sbt plugin and other toolchain components such as sbt plugins and the Scala compiler, so that projects will be reproducible 'out of the box' as much as possible.

>> Read more about Reproducible Builds in the Scala ecosystem

Rusted Platform Module (RPM) — Programming TPMs in pure Rust

The Rusted Platform Module (RPM) project strives to improve and advance Trusted Platform Module (TPM) v2 support and ease of use for the Rust programming language. This includes programming the TPM in pure Rust, without C-based libraries in the background, as well as (commandline) tools for common tasks, etc. This project strives to increase adoption of memory-safe languages for programming of security components like the TPM.

>> Read more about Rusted Platform Module (RPM)

SDCC — Modern compiler for 8-bit microcontrollers

The Small Device C Compiler is the free (apart from GCC having an AVR port) compiler for 8-bit microcontrollers (µC). It is competing with various non-free compilers. 8-bit µC are common in peripheral devices of larger systems, SDCC is an essential part of the free software ecosystem, in particular for developing firmware. We aim to both improve SDCC support for various target hardware, as well as implement machine-independent improvements to make SDCC more competitive vs. non-free compilers. Hardware-specific improvements planned include improving support for Padauk's popular low-cost microcontrollers, improving support for the Rabbit microcontrollers common in older IoT devices, improving code generation for the f8 port, and improving support for Toshiba TLCS microcontrollers. The focus for machine-independent improvements will be in enhancing support for recent ISO C standards, an optimization to reduce memory usage for local variables, and implementing a link-time optimization to optimize out unused functions and objects. The latter is the one feature most-requested by SDCC users in recent years.

>> Read more about SDCC

SSH Stamp — Secure SSH-to-UART bridge for devices with a serial port.

SSH Stamp is a secure wireless-to-UART bridge implemented in Rust (no_std, no_alloc and no_unsafe whenever possible) with simplicity and robustness as its main design tenets. The firmware runs on a microcontroller running Secure SHell Protocol (RFC 4253 and related IETF standards series). This firmware can be used for multiple purposes, conveniently avoiding physical tethering and securely tunneling traffic via SSH by default: easily add telemetry to a (moving) robot, monitor and operate any (domestic) appliance remotely, conduct remote cybersecurity audits on network gear of a company, reverse engineer hardware and software for right to repair purposes, just to name a few examples -a "low level-to-SSH Swiss army knife".

>> Read more about SSH Stamp

An OpenScience flavour of Bonfire on NixOS for preprints — Discuss preprints based on W3C ActivityPub federation

Preprints have revolutionised scholarly publishing, offering a rapid and open way to share research findings, establishing priority, receiving early feedback, and accelerating scientific discovery. Online discussions around preprints regularly take place on social media, but there still exists a gap in encouraging fluid discourse around science and making it a recognised academic activity.

This project aims to address the gap by facilitating and integrating these conversations into the scholarly framework using FOSS tooling. Outcomes include; establishing a Bonfire network tailored for preprints, with reproducible deployment made possible via NixOS, bringing existing communities into the Fediverse, amplifying contributions using existing scholarly infrastructure, exploring new models of peer evaluation, and supporting recognition of this crucial scholarly activity.

>> Read more about An OpenScience flavour of Bonfire on NixOS for preprints

Quantum-Safe Cryptography in Sequoia PGP — Implement draft-ietf-openpgp-pqc in Sequoia PGP

Sequoia is a complete implementation of OpenPGP (as defined by IETF RFC 9580), and various related standards. To address the challenges of quantum computing, cryptographic standards are incorporating new algorithms. For OpenPGP, the new algorithms are specified in a draft which is close to being finalized. This project will add support for post-quantum cryptography to Sequoia when using the Botan cryptographic library as backend, the RustCrypto backend, and the Windows CNG backend.

Another closely related effort involves using symmetric cryptography in places where traditionally asymmetric cryptography is used in OpenPGP. Symmetric cryptography is less susceptible to attacks from quantum computing, and provides performance benefits, enabling novel workflows that improve the user experience and alleviate some of the challenges that post-quantum cryptography brings. This project will therefore also add support for the new symmetric cryptography mechanisms in Sequoia using a number of backends.

>> Read more about Quantum-Safe Cryptography in Sequoia PGP

Serverless and Metadata Reduction for XMPP — Implement RELOAD within XMPP and reduce medata exposure

This project will enhance XMPP’s privacy and resilience by reducing metadata exposure and enabling decentralized, serverless communication. Work will focus on developing new protocol specifications to minimize metadata, particularly by encrypting roster (contact list) information, and implementing these changes in the Libervia ecosystem through Tor integration to anonymize connections and reduce IP tracking, as well as roster end-to-end encryption. A second focus area is advancing serverless communication by implementing the RELOAD protocol (XEP-0415) and leveraging end-to-end authentication via XEP-0416 and XEP-0417. By reducing reliance on centralized servers and minimizing metadata, this project strengthens XMPP and Libervia’s privacy and availability, enabling their use in environments where servers may be unavailable or inaccessible.

>> Read more about Serverless and Metadata Reduction for XMPP

Servo Editability and Interactivity Enhancements — Keyboard interaction within the Servo browser

The Servo Editability and Interactivity Enhancements project is about making Servo more responsive to user input. The project will greatly improve interacting with form controls in Servo as well as allowing for selecting page content. In addition, the keyboard will become much more useful as users will be able to navigate with the keyboard via arrow keys, page up, page down, home, end as well as using the tab key to cycle through page content. All of these capabilities are essential for using the Servo engine to build a fully functional browser.

>> Read more about Servo Editability and Interactivity Enhancements

Signature PDF — PDF editing and server-based digital signing workflow

Signature PDF allows users to sign PDFs online, individually or with others. The project offers as well the possibilities to reorganize pages (merge, sort, rotate, delete, extract pages, etc.), edit metadata, and compress PDFs. This tool aims to be a free alternative to existing proprietary web services, offering users more control and guarantee of what happens to the PDF processed by the software.

Signature PDF is easily deployable on a server of any size, a laptop, a container image or a Yunohost instance. Scope of the project is to implement verification of signed PDFs, integration into third-party software, improve smartphone ergonomy and accessibility, and other improvementes to meet the requests/needs identified by users.

>> Read more about Signature PDF

Slintify LibrePCB 2.0 — Add missing features to Slint UI toolkit to accommodate demanding applications

The project summary for this project is not yet available. Please come back soon!

>> Read more about Slintify LibrePCB 2.0

Slips Immune I — Active IDP using ARP poisoning

The "Slips Immune I" proposal marks the initial step in building an "Immune System for the Internet," aimed at enhancing cybersecurity by fostering collaboration among computers using local and global decentralized P2P technology. The project focuses on improving the Slips Intrusion Detection System on local networks using Raspberry Pi devices, incorporating advanced detection ML models, isolation capabilities, and blocking techniques to mitigate cyberattacks. Key goals include implementing defense mechanisms, such as ARP poisoning for isolation and firewall-based protection, as well as training a Large Language Model (LLM) assistant to support security orchestration and decision-making. By leveraging machine learning and a collaborative architecture, Slips aims to evolve into a comprehensive, resilient Internet Immune System, where interconnected devices collectively detect, share information, and defend against cyber threats, enhancing protection through shared knowledge and adaptive responses.

>> Read more about Slips Immune I

Slipshow — A different paradigm for presentations including flipchart style annotations

Slipshow is an innovative presentation tool that moves away from the traditional slide-based approach. Instead, it provides a dynamic experience similar to using a blackboard, while leveraging the advantages of digital technology. Presentations are created from Markdown files with specific annotations, and users can interact with the content during presentations by drawing directly on it using a mouse or tablet. With the scope of this project, Slipshow will be enhanced by introducing the ability to record annotations, seamlessly integrating them into the presentation for future use.

>> Read more about Slipshow

Smart lookup & inference for Semantic Data — Knowledge mapping within a postgresql database

Semantic knowledge representations have not evolved since the Semantic Web was proposed during the 1990s. Modern graph databases offer new possibilities for knowledge representation, but the methods are poorly developed and require the use of specialized query languages and clumsy outdated formats. This project aims to make semantic maps easy for general use, using standard SQL databases and modern lightweight data formats. A user workflow starts from a simple note-taking language, then ingesting into a database using a graph model based on the causal semantic spacetime model, to the use of a simple web application for supporting graph searches and data presentation. The aim is to make a generally useful library for incorporating into other applications, or running as a standalone notebook service.

>> Read more about Smart lookup & inference for Semantic Data

Sniffnet — User-friendly network monitoring application

Sniffnet is a cross-platform, Rust-based, fully open-source network monitoring application to help everyone keep an eye on their Internet traffic. Sniffnet is a technical tool, but at the same time it strongly focuses on the overall user experience: most of the network analyzers out there are cumbersome to use, while one of Sniffnet's cornerstones is to be usable with ease by virtually anyone. In an era dominated by network traffic encryption, Sniffnet doesn’t follow the standard monitoring approach that included reporting full packets’ payloads, but rather it provides flow-level details such as the country, the organization, the domain name, the upper-layer service, and other parameters that enable a more immediate understanding about the nature of the network traffic.

>> Read more about Sniffnet

Solar FemtoTX motherboard — Low-power motherboard that can run on solar power

Solar FemtoTX motherboard is an open, collaborative effort towards designing an ultra-low power motherboard in a mobile device-sized form factor. It aims to enable seamless integration into an open-source hardware laptop for easy repair/replacement/upgrade, and focusses on low power consumption, faclitating solar-powered devices and quick recharging.

Furthermore, the project aims to make the open-hardware framework extensible by supporting socket-based or embedded processors and peripheral devices that meet a defined size and TDP limit. This interoperability allows newer, ultra low power microprocessors to work within the FemtoTX specification, and is optimized for solar power.

The current project focusses on the initial design and validation of a System-on-Chip to be used in this low-power single board computer.

>> Read more about Solar FemtoTX motherboard

FedCM for Solid — User-friendly Federated logins for Solid Community Server

"FedCM for Solid" bridges the gap between the emerging Federated Credential Management API and the Solid ecosystem. By implementing an extension for the Community Solid Server, this project enables Solid-OIDC identity providers to become compatible with FedCM. This makes it possible for users to log into Solid apps without needing to remember and manually enter their Identity Provider URL, significantly improving user experience. In parallel, the project will deliver a FedCM test suite, helping others to integrate FedCM in their own decentralized systems. Together, these efforts will promote a more user-friendly authentication flow for Solid, and help ensure that the development of FedCM accommodates decentralized web architectures.

>> Read more about FedCM for Solid

SolidOS — Data management tool and browser for Solid

SolidOS is envisioned as a full-featured web-based operating system for any Solid-compliant personal data store, offering a window into Sir Tim Berners-Lee’s vision for a decentralized web. It serves as the default frontend for the community server, like solidcommunity.net. This project will deliver a modern, modularized SolidOS frontend with a streamlined CSS theme and clearly defined user-friendly "happy paths".

>> Read more about SolidOS

solidtime — Privacy-friendly time tracking for teams and individuals

Solidtime is a powerful open-source time tracking application built for both teams and individuals. It supports multi-organization setups, offers a flexible role- and permission-based user system, and includes comprehensive tools for managing projects, tasks, and clients. With both web and desktop applications, solidtime ensures a seamless and consistent experience across devices and work environments. Our mission is to provide an open, extensible, and self-hostable time tracking platform that gives users full control over their sensitive, business-critical, or personal data, helping organizations stay compliant with data privacy regulations such as GDPR.

>> Read more about solidtime

StreetComplete Multiplatform — OpenStreetMap editing beyond Android

The goal of this project is to migrate StreetComplete from an Android app to a multiplatform app, making use of Kotlin Multiplatform and Compose Multiplatform for the UI, thus, allowing the app to be released on other platforms, such as iOS and eventually Linux.

This will allow for a significantly larger audience that is able to casually contribute missing data to OpenStreetMap on the go, as StreetComplete is the go-to app for this purpose, aimed at non-tech-savvy people and presented in a slightly gamified fashion. OpenStreetMap, in turn, is the free wiki worldmap.

>> Read more about StreetComplete Multiplatform

T-Rust - In Rust we Trust — Scan, review, curate and fix metadata of Rust crates

crates.io hosts over 160 thousand Rust packages that have been downloaded over 90 billion times. The origin metadata and licensing documentation for Rust crates is declared by the authors as part of the metadata, but can be misleading or incorrect. Accurate origin and license metadata for Rust crates is essential to safely automate the friction-free consumption of Rust packages in the software supply chain of safety-critical applications.

T-Rust intends to fix this problem in multiple steps: it will scan, review, curate and fix the metadata of the most popular crates. This data will be released as open data, working with the Rust community to provide the data as part of the crates.io API, cross-check and report code borrowing and reuse between crates. Subsequently an AboutCode toolchain will be deployed as a service for all crates authors to review, validate and enrich metadata. The outcome should be be that crates.io packages are shared with better, more accurate origin and license metadata at creation time. And that the increased level of trust in Rust crates will make it easier to consume more Rust packages safely.

>> Read more about T-Rust - In Rust we Trust

The Ultimate Bookkeeping System — Bookkeeping but in a portable, offline-first and privacy-friendly way

The project summary for this project is not yet available. Please come back soon!

>> Read more about The Ultimate Bookkeeping System

Tiliqua — Open audio DSP for FPGAs

Tiliqua is an open-hardware DSP library and reference hardware design which aims to make it easier for musicians and engineers to get started in the world of audio DSP in the context of FPGAs. The Tiliqua DSP library is a suite of commonly-used audio DSP components, written in Amaranth HDL, that can be easily composed in Python to construct a custom FPGA-based DSP pipeline. The Tiliqua reference platform is fully compatible with open-source FPGA toolchains and designed to the Eurorack standard (the most popular hardware synthesizer format) lowering the barrier to entry for those with low/no hardware development experience.

>> Read more about Tiliqua

Tin Snipe DAQ — Digital Aquisition module

The Tin Snipe DAQ is a digital acquisition (DAQ) module targeting diverse professional measurement applications typically found in mid to high end hand-held Multimeters. It focuses on digital mixed signal systems while offering an upgrade over traditional Multimeters in terms of sample rate, giving usable time series data for signal integrity analysis of low speed signals. It's designed as a compact fully integrated module that comes with the necessary AFE, ADC and Signal Processor. It exposes a digital control interface over various buses (UART, I2C, USB and potentially more) to be controlled and read out via an external system processor, thus making it easy to integrate into other systems. It is targeting battery operation like traditional handheld Multimeters and will be heavily optimized for low power consumption but can also be used for bench top applications.

>> Read more about Tin Snipe DAQ

Typst PDF Accessibility — Increase a11y of Typst's output

PDF files are often the only venue through which vital information is shared in business, education, and government. Even so, these files more often than not inaccessible to those of low or no vision. This not only prevents compliance with the European Accessibility Act and similar legislation in other countries, but prevents equal participation. This project proposes to implement all the features and tools needed for accessible PDF creation into Typst, a growing open-source automated writing platform. With this project, Typst will implement technical standards for accessibility and give authors tools to accommodate human factors of accessible documents.

>> Read more about Typst PDF Accessibility

Advanced UEFI Capsule Update for coreboot with EDK II — Secure firmware updates, also via fwupd

The project summary for this project is not yet available. Please come back soon!

>> Read more about Advanced UEFI Capsule Update for coreboot with EDK II

Verilog-A distiller — Automated porting of models from C to Verilog-A

Analog circuit simulators require compact device models in order to be able to simulate circuits. The de-facto standard language for compact device model dissemination is Verilog-A. Many legacy models exist that are coded for the SPICE3 circuit simulator in the C programming language. Manual conversion from C to Verilog-A is resource-intensive, time-consuming, and error-prone. This reduces the accessibility of legacy models and limits innovation. The Verilog-A Distiller project aims to automate conversion of SPICE3 device models from C to Verilog-A. By automating this conversion, we aim to streamline model implementation, reduce development time, and enhance compatibility across different simulators. Verilog-A Distiller is a converter written in Python that utilizes the pycparser library for reading the C code of SPICE3 models. The parsed models are pruned of unnecessary SPICE3-specific parts, upon which Verilog-A code is emitted. Projects like Ngspice put a lot of effort into cleaning up and improving legacy SPICE3 models. Verilog-A Distiller makes these models available across a wide range of simulators that support Verilog-A.

>> Read more about Verilog-A distiller

VersaTiles — Simplify vector map tile creation, hosting, and interaction

VersaTiles provides vital digital infrastructure for web maps, offering a free, flexible alternative to commercial services. Web maps are essential in fields like data journalism, research, and emergency response, but current commercial solutions are often costly, proprietary, and pose privacy concerns. VersaTiles addresses this by dividing the complex process of map creation, distribution, and visualization into manageable layers, ensuring interoperability and scalability. With its open, transparent approach, VersaTiles promotes digital sovereignty in Europe, empowering public institutions, media, and developers with an accessible, high-quality map infrastructure that avoids vendor lock-in and supports free access to geospatial data.

>> Read more about VersaTiles

Vivliostyle — Typesetting system leveraging web technologies

Vivliostyle is an open-source typesetting system that uses web technologies to create print and digital publications. It extends the layout capabilities of modern web browsers to support advanced CSS features for paged media, such as page floats, footnotes, and cross-references. The project includes Vivliostyle.js, the core library that runs on all modern browsers and enables advanced page layout, and Vivliostyle CLI, a command-line tool for generating PDFs and EPUBs from HTML or Markdown files with specified themes and stylesheets. Lastly there is Vivliostyle Pub, a web application that simplifies the creation and editing of publications, with content and style editors and real-time preview. The goal is to empower people to create beautiful publications without relying on proprietary software and leverage the power of web standards and ecosystems.

>> Read more about Vivliostyle

ActivityPub Polls for WordPress — WordPress plugin for social polls

This project will develop an ActivityPub-based poll plugin for WordPress that integrates with the WordPress ActivityPub plugin. The plugin will feature a modern editor interface using Gutenberg blocks, a public-facing view for displaying polls and results, and robust ActivityPub-based vote handling. While the WordPress ActivityPub plugin originally focused on broadcasting content to the Fediverse, it is increasingly becoming a foundation for interactive features. This project will contribute to this evolution by enhancing internal APIs where necessary to support third-party extensions. The goal is to strengthen WordPress as a sovereign platform for online identity, enabling to host polls natively without having to create additional identities/accounts on other platforms to carry out common Fediverse activities.

>> Read more about ActivityPub Polls for WordPress

Wsdr — Cloud-based Cellular Network in a Browser

While several open-source cellular network implementations have emerged over the past decade, most remain complex and inaccessible to non-experts—limiting broader exploration and innovation in the field.

This project aims to change that by introducing a browser-based cellular network powered by WebUSB and WebAssembly. By connecting a USB software-defined radio (SDR), users can deploy cellular networks without requiring deep engineering knowledge or complex setups.

The WebSDR architecture runs a full BTS (Base Transceiver Station) directly in the browser, while BSC/MSC components operate in the backend - either locally or in the cloud. This allows rapid, plug-and-play deployment of 2G networks for a wide range of use cases, including emergency response, off-grid expeditions, temporary installations, and prototyping.

By making cellular technology more accessible, the project fosters openness, hands-on experimentation, and inclusive innovation in wireless communications - establishing 2G as a practical starting point for building and understanding more advanced 4G and 5G networks.

>> Read more about Wsdr

Waterfall — Agile framework for the development and deployment of watermarking schemes

Traffic watermarking is a powerful but underutilized technique for network traffic analysis, primarily applied today in evaluating the security of anonymity systems like Tor. This project aims to develop Waterfall, a system designed to provide a unified, flexible framework for the development and deployment of a variety of traffic watermarking schemes. Waterfall operates by intercepting network traffic, embedding and detecting watermarks at multiple points in the network. The goal of Waterfall is to be versatile enough to replicate representative watermarking schemes from the research literature, while adapting them to be more effective and creating new versions. In addition, Waterfall allows the analysis of new protocols such as Tor's Conflux protocol, a recent improvement in Tor's performance that may also increase its susceptibility to watermarking attacks.

>> Read more about Waterfall

Wiktionary QA tools — QA tools to improve the quality, reliability, and consistency of Wiktionary

Part of the Wikimedia family, Wiktionary offers a global open data set pertaining to many languages. This project will create QA infrastructure and tools to further improve the quality, reliability, and consistency of Wiktionary. Expected outcomes include higher quality data, data that is easier to process and consume, and more collaboration among different language editions of Wiktionary.

>> Read more about Wiktionary QA tools

XR Fragments Teamware — Design, deploy, federate and integrate portable XR experiences

XR Teamware will develop a publishing platform/forge for XR content, and a Blender plugin with direct import export capabilities to said forge and to Icosa gallery. This would allow 3D creators to easily publish and share their ideas, and preview metadata in Blender before exporting.

XR Fragments itself is a simple public protocol for networked 3D content to discover, reference, navigate and query 3D online assets (read-only), making it part of the web and thus liberating 3D content creation and content from only existing inside gated products. Within the scope of this project, XR Fragments will streamline the design, deployment, hosting, and integration of portable XR experiences - and thus further simplify embedding, cross-platform support and hosting, as well as add vendor specific support.

>> Read more about XR Fragments Teamware

ZSWatch — Open smartwatch including software, hardware, and mechanics

ZSWatch is a free and open source smartwatch you can build almost from scratch - including software, hardware, and mechanics. Everything from the lowest level BLE radio driver code to PCB and casing is available for introspection or to be customised to suit your needs.In this project, the team will add interesting new capabilities such as Heart Rate and Blood Oxygen sensor hardware, create a new iteration of hardware to improve wearability, improve documentation, make it easier to upgrade, and make various improvements to the software including optimising power consumption

>> Read more about ZSWatch

Zosimos — GPU accellerated image buffer and compute system

Zosimos is a statically typed language with an embeddable interpreter for raster graphics compositing pipelines. Built on Rust's `wgpu` to target WebGPU it abstracts, through native capabilities or emulation, color-space aware editing capabilities across platforms including the web. The implementation builds on SPIR-V graphics and compute shaders to execute largely asynchronously and close to hardware capabilities. The user facing programming language provides an image manipulation interface with operations similar to those found in GEGL and imagemagick.

>> Read more about Zosimos

Bcachefs userspace integration — Next generation filesystem

bcachefs is a next generation filesystem for Linux, with a fully modern featureset and vastly improved performance, scalability and reliability as compared to legacy filesystems. The main focus of this grant is achieving stability, but on the side there will be work on userspace integration with systemd, reworking the cryptographic API to be more robust, as well as adding the potential for users to generate telemetry data - in order to capture edge cases in the real-world.

>> Read more about Bcachefs userspace integration

cables.gl editor features — Create beautiful, interactive, visual web content

Cables is a tool which allows people to create beautiful, interactive, visual web content without knowing how to type a line of code. Your work is easily exportable at any time, so you can embed it into your website, use it an immersive VR experience, or integrate into other kinds of creative output. Cables patches can be published, shared, copied and remixed by the entire community. This allows people to constantly learn new things from each other. There is both a browser based version and a standalone, offline version offering a user-friendly development environment.

This new grant adds an improved keyframing- and animation user interface (timeline) that makes cables.gl much more accessible for animators and motion designers. The team will also add a physics engine, Gaussian Splatting (a new method of rendering realistic 3d scenes), dynamic operator instancing/repeating, a stepping debugger and a comprehensive shadergraph system that allows to create complex shaders by combining small modules.

>> Read more about cables.gl editor features

embedded-cal — An embedded systems-friendly verified crypto provider

Embedded-cal develops a verified implementation of the cryptographic provider in Rust which is compatible with popular embedded platforms. This cryptographic provider will be 1) fast on popular embedded platforms; 2) resistant to certain classes of side-channel attacks; 3) usable without the Rust standard library. The module will lever the available hardware acceleration support of popular microcontroller units for embedded systems and fill in the gaps in hardware support through software implementations. The module will be formally verified for secret independence using the hax framework, a verification tool for high assurance code.

>> Read more about embedded-cal

iTowns — Visualise 2D and 3D geospatial data on virtual globes & maps

iTowns is an open-source framework designed for web-based visualisation, navigation and interaction with 2D and 3D geospatial data on globes and maps. Built on Open Geospatial Consortium (OGC) open standards, it is developed with data and service interoperability in mind. It seamlessly integrates with geographical services, offering support of standard raster and vector data, including aerial imagery and terrain models. The framework supports large, heterogeneous 3D datasets such as OGC's 3D Tiles, making it ideal to build application for urban-planning and environmental monitoring. It can be easily extended to support other open formats, offering a highly customizable platform for developers.

iTowns is a geographic commons, developed collectively by a diverse community of contributors, comprising independent developers, public organizations, research laboratories and private companies. It aims to provide an European alternative to Big Tech products which often overlook a broad class of users. Instead, iTowns offers a modular framework to build a wide range of use cases, including visualisation, GIS, environmental and educational applications, making it versatile and adaptable for different geospatial projects.

>> Read more about iTowns

Kernel DMA Protection Patcher (kdmap-patcher) — Automated UEFI patching for pre-boot DMA protection

Direct Memory Access (DMA) attacks remain an often overlooked vector in many threat models, despite increasing attention in recent I/O interconnects. While Thunderbolt 4 introduces spec-mandated mitigations via Kernel DMA Protection, millions of systems using USB4, Thunderbolt 1–3, and similar modern DMA-capable interconnects remain vulnerable due to unpatched or misconfigured firmware.

Kernel DMA Protection Patcher (kdmap-patcher) is a Free Software, OS-agnostic UEFI (BIOS) extension designed to harden systems against DMA attacks from the pre-boot stage. It programmatically detects and remediates vendor-specific UEFI firmware bugs that disable or misconfigure DMA protection. Where protections are entirely absent, kdmap-patcher extends UEFI firmware with a device-tailored configuration enabling Kernel DMA Protection. Once mitigations are applied, kdmap-patcher seamlessly hands off control to the OS bootloader, enabling a significantly improved DMA security posture from the earliest stages of the boot process.

>> Read more about Kernel DMA Protection Patcher (kdmap-patcher)

librice — Pure Rust implementation of IETFs real-time communication standard ICE

The Interactive Connectivity Establishment (ICE) protocol is everywhere in real-time communication, providing a rendezvous mechanism allowing to establish e.g. a SIP or WebRTC connection. Addition of another protocol, TURN, allows hosts which are behind a middleware box or CPE (which is the most common scenario in the IPv4 realm) to still successfully set up a bi-directional path. This puts ICE/TURN at the heart of communication. This project will implement the four key TURN RFCs in librice - a pure Rust implementation of ICE.

>> Read more about librice

linkblocks — Federated bookmark manager based on ActivityPub

Linkblocks is a federated bookmark manager. By combining a web-like graph structure with collaborative features, it aims to make knowledge discovery on the web more open and productive, providing an alternative to social networks and search engines.

>> Read more about linkblocks

Building blocks for Resilient Time — Implement NTPv5 in ntpd + bootstrap procedure

Time is essential for most security-critical protocols on the internet, such as DNS and TLS. As our time sources, such as GNSS signals, are coming under attack, making time synchronization as resilient as possible becomes even more critical. We need reliable time, even when time sources are unavailable or not trustworthy.

This project will enhance time synchronization by improving how we synchronize time, both when systems are starting up and when they are in operation. Concretely it will contribute to stabilizing the draft of the next version of NTP, NTPv5, and implementing NTPv5 in ntpd-rs, and build a library for synchronizing multiple local clocks, maximizing the use of local stability (thereby providing a resilient building block for time synchronization for others to use). The team will also develop a resilient startup procedure, documenting the approach for implementers - and then implementing it for ntpd-rs.

>> Read more about Building blocks for Resilient Time

postmarketOS v25.12 + v26.06 — New versions of the mobile operating system postmarketOS

postmarketOS keeps smartphones useful after they don't receive updates anymore: the original operating system gets replaced with an up-to-date lightweight open source software stack based on Alpine Linux. With Google's announcement to develop Android behind closed doors and the changing political landscape it is now more important than ever to fund truly open source smartphone operating systems that are developed in the open and independently of Silicon Valley. This project is for the v25.12 and v26.06 releases of postmarketOS, which will bring great improvements to reliability through more continuous testing and will also make the security feature of encrypting phones with postmarketOS easy to use.

>> Read more about postmarketOS v25.12 + v26.06

PurlValidator — Check validity of software package identifiers online and offline

Package-URL, or PURL, is the de-facto standard for identifying software packages, used by open source SCA tools, SBOM and VEX specs, and vulnerability databases. But using a standard syntax does not prevent errors: A recent (not yet published) study on the quality of software bill of materials (SBoM) revealed that for too often PURLs in SBOMs are still inconsistent, fake, incorrect, or misleading. This is a major impairment to any application of SBOMs, and industry-wide cybersecurity and application security.

The PurlValidator project is a public service, based on PurlDB, to validate all the PURLs. An extension of the purl2all project, PurlValidator validates the PURL syntax against any known PURLs by exposing PurlDB's reference data of 20M+ PURLs. PurlValidator also provides decentralized libraries for offline use that can be integrated in multiple tech stacks for all major ecosystems, beyond what is already available for PURL tools. The goal of this project is to provide an accessible, single source of truth to the security and SBOM ecosystem at large and improve the quality and accuracy of PURLs in use, imperative for CRA compliance.

>> Read more about PurlValidator

raylib — Project creator/builder + feature development for raylib graphics library

raylib is a C library intended for high-performance graphics applications creation. It was originally created for education with a focus on simplicity, not only on its exposed API but also on its open source code architecture and its build system. In 12 years raylib has greatly went beyond education to many other fields and today it's being used for videogames development, tools development, data visualization, graphics programming, academic research, embedded devices and, in general, for low-level graphics output in any kind of display. raylib has been binded to +50 programming languages and a very strong community and ecosystem have been created around it.

Future plans for raylib include multiple modules improvements, with a new software backend to support GPU-less computers, with a focus on RISC-V powered devices; improved high-DPI support and skeletal animation system for 3d models; full collection of examples review (+150 examples) with the addition of new ones; new support tooling to ease raylib usage and setup: raylib project creator and raylib project builder; and multiple actions to increase raylib visibility and users reach.

>> Read more about raylib

uMap Vector Tiles — Use vector tiles to build custom maps with OpenStreetMap data

uMap is a web application which lets you quickly build custom maps with OpenStreetMap’s background layers and integrate them on your own website. Vector tiles allow two main things: less duplicated content, and data transmitted at the same time as the tiles, enabling scenarii where data and background could be styled according to the user needs, which required previously to serve custom tiles.

>> Read more about uMap Vector Tiles