Maintainers play a vital role in the OpenSSF and the Linux Foundation and we think you should get a chance to meet some of the amazing individuals powering open source software (OSS) security initiatives. Over the next few weeks we’ll be featuring maintainers and contributors and hearing how they came to the community, what their experiences have been like, and what advice they have for others.
Meet Priya Wadhwa, Software Engineer, Chainguard
Priya Wadhwa is a software engineer working on open source security at Chainguard. She maintains a variety of open source projects including Sigstore and Tekton, and is passionate about making security easy and available for everyone.
How are you involved in the OpenSSF?
I am a maintainer for Sigstore’s Rekor and Cosign projects. I’ve also been working on getting the public Rekor and Fulcio services Generally Available.
Why did you choose to become involved?
There were a few reasons I chose to become involved. First, I found the mission of Sigstore compelling and I wanted to work on a project that I thought was doing important and fulfilling work. Supply chain security is a huge problem space and there’s a lot of work to be done, and I thought Sigstore could have a huge impact. I also liked that it was an open source project with the goal of making security easier for everyone. The other major reason I wanted to get involved was the community. The Sigstore community has been so welcoming and fun to work with, and it really made my Sigstore experience a positive one.
Tell us about your experience being a maintainer.
I’ve really enjoyed my experience as a maintainer. I’ve gotten to work with a lot of different people and learned from their expertise and experiences. It’s really rewarding to see the project grow and to hear feedback from users who have actually started using Sigstore in their own projects and seen value from using it.
Why is being a maintainer important?
Contributors are critical to keeping these projects healthy and useful for everyone. They ensure that important features are added, bugs are fixed, and documentation is kept up to date.
How has your educational and/or professional career led you here?
When I started working at Google I was lucky to be placed on an open source team focused on Kubernetes developer tools, and being on that team really opened my eyes to the power of open source. I loved learning from the community, making new friends and building tools people (hopefully) found useful. I later moved on to a team focused on open source security, which is where I started working on the Sigstore and Tekton projects. When I joined Chainguard, I was excited to continue maintaining these projects and working on open source!
What makes being a maintainer rewarding for you?
I’ve been lucky enough to attend a few different conferences in the past year where I’ve gotten to speak to users of Sigstore. Getting the opportunity to chat with folks who are actually using it and have seen value from integrating with Sigstore has been really rewarding.
What advice do you have for others?
If you’re interested in working on any of these projects or have an idea you want to share, don’t hesitate to bring it up! Whether that’s in the Slack channel or the community meeting, we would love to hear your ideas and get more people involved.
Tell us something interesting about yourself.
My most recent trip was to Iceland. I visited for a week with my best friend and we did a road trip around the Southern and Eastern part of the country. It was the most beautiful place I’ve visited. I got to see a bunch of awesome waterfalls, drive a snowmobile on a glacier, and do some really beautiful hikes.
To meet other individuals featured in this series, check out our Meet a Maintainer and Contributor Q&A feed as we continue to shine the spotlight on our awesome maintainers and contributors.