Adam is a software developer who has worked on a number of interesting and occasionally even useful things in his two decade career. These include prototyping the worst mesh network of all time (based on Android phones), discovering how to reliably lock up a Windows computer by writing an in-browser video editor, and (most usefully) removing the original mysql_* API from PHP.

Today he works for the Rust Foundation to help improve ecosystem security. In his spare time, he plays cricket, kayaks, throws tennis balls for his golden retriever, and tries to convince people that his Australian accent is actually flawless Canadian.

Adrian has been building containers from the early days of Docker and authored the O’Reilly book “Using Docker” . He is a Technical Community Advocate at Chainguard (chainguard.dev) whose mission is to make the software lifecycle secure by default.

Building awesome tools @prefix.dev

Software developer interested in package managers. Previously interested in Debian/Apt but using and contributing to GNU Guix for the last 7 years.

Co-founder and CEO at Chainloop and one of the maintainers of Chainloop OSS. Product Leader with over a decade of expertise building applications around Open Source and Software Supply Chain Security at Bitnami (Engineering) and VMware (Product Management). Dad, biker, and backcountry skier, tunning his campervan in his free time.

Daniel Nichols is a Computer Science PhD student at the University of Maryland, College Park studying topics in high performance computing, applied machine learning, and performance modeling.

Typing free software to break the shoulders of giants from golden handcuffs. Working on extending the Signal protocol to replace gpg.

Have previously worked on:
- spack at LLNL (https://llnl.gov)
- pants at Twitter

Can be found at:
- @hipsterelectron on Twitter,
- @[email protected] on Mastodon,
- @cosmicexplorer on GitHub.

Elad Pticha is a passionate security researcher with a focus on software supply chain and API security. Elad specializes in finding vulnerabilities in SDLC-related software. In his free time, Elad loves to code, hunt for vulnerable technologies, and use his skills to help companies mitigate their security risks. Before his current work at Cycode, Elad dedicated his time to finding critical vulnerabilities in web applications, IoT devices, and pretty much anything with an IP address, but his recent focus has shifted towards software supply chain security vulnerabilities. Elad is committed to staying up-to-date with the latest security trends and technologies and always seeking new challenges to tackle.

Gary is a contributor to the Software Package Data Exchange® (SPDX™) - an open standard for communicating software bill of material information, including components, licenses, copyrights, and security references. Gary has contributed several open source tools including the SPDX Java Libraries and Tools which can be found at https://spdx.dev/spdx-tools/.
Gary O’Neall is responsible for product development and technology for Source Auditor Inc., a software and service company helping software companies manage the technical and legal risks of open-source software.

Gregory Becker is a computer scientist at Lawrence Livermore National Laboratory. His focus is on bridging the gap between research and production software at LLNL. He works on Spack, a package manager for high performance computing, and on research projects around ABI compatibility and software modeling. Gregory has been at LLNL since 2015. He received his B.A. in Computer Science and Mathematics from Williams College in 2015.

I am a Research Scientist in the Center for Applied Scientific Computing (CASC) at Lawrence Livermore National Laboratory. I joined CASC as a postdoctoral research staff in 2016. My research focuses on approximate computing, floating-point mixed-precision, machine learning, and fault tolerance of HPC applications. I also have expertise in load balancing algorithms, cosmology simulations application, and HPC runtime systems.

I received my Ph.D. (2016) and M.S. (2012) in Computer Science from University of Illinois Urbana Champaign (UIUC). Prior to enrolling for graduate studies, I was a software engineer at Google.

Jaime holds a PhD in Biotechnology and believes that packaging is one of the pillars for reproducible research. He became a conda enthusiast while working on molecular modelling frameworks and machine learning pipelines for drug design.

Kairo is a Senior Open Source Software Engineer at VMware Open Source Program Office (OSPO) on the Security Supply Chain team. He contributed to python-tuf and is the author of Repository Service for TUF (RSTUF). Prior roles include System Engineer Specialist and Senior Software Engineer at IBM, ING, and Forescout.

Kat is the former lead architect/maintainer for the NPM CLI, and is currently the lead dev for the Orogene package manager. They have been a JavaScript/TypeScript tooling engineer for a decade or so, and is currently part of the JavaScript/TypeScript tooling team at Microsoft's Developer Division.

Kenneth Hoste, a.k.a. 'boegel', is a computer scientist and FOSS enthusiast from Belgium. He holds a Masters (2005) and PhD (2010) in Computer Science from Ghent University. His dissertation topic was "Analysis, Estimation and Optimization of Computer System Performance Using Machine Learning".

Since October 2010, he is a member of the HPC team at Ghent University (Belgium) where he is mainly responsible for user support & training. As a part of his job, he is also the lead developer and release manager of EasyBuild (https://easybuild.io), a software build and installation framework for (scientific) software on High Performance Computing (HPC) systems.
He is also actively involved in EESSI (https://www.eessi.io), the European Environment for Scientific Software Installations, and in MultiXscale (https://www.multixscale.eu), a EuroHPC JU Centre of Excellence in multiscale modelling.

In his free time, he is a family guy and a fan of loud music, frequently attending gigs and festivals.
He enjoys helping people & sharing his expertise, and likes joking around.
He has a weak spot for stickers and beer.

Guten Tag! I work @ NVIDIA on packaging for CUDA Toolkit, NVIDIA driver, cuDNN, cuQuantum, nvTIFF, etc. into various formats: Binary Archives (tarball), Conda, Debian, RPM, Runfile, Windows exe

At PackagingCon 2021, presented about Debian and RPM repository management.

In a past life, contributed Debian packages for the Maemo community and maintained an ArchLinux-based kiosk LiveUSB distro & AUR helper.

Lara Peeters is a Digital Art Historian, who holds master degrees in Art History (2021) and Digital Humanities (2022) from the KU Leuven (Belgium).

Since May 2023, she is a member of the HPC team at Ghent University (Belgium) where she was hired to work on the EESSI project (https://www.eessi.io), the European Environment for Scientific Software Installations, and the MultiXscale project (https://www.multixscale.eu), a EuroHPC JU Centre of Excellence in multiscale modelling.

In her free time she plays the double bass in an orchestra, rides horses, goes sailing, loves going to musea and listening to music.

Laurent is a security engineer in the Open Source Security Team (GOSST) at Google. His team works in collaboration with the open-source community and the OpenSSF on novel security solutions, such as Scorecards, Allstar, Sigstore, SLSA, OSS-Fuzz, OSV, etc.

Lukas Pühringer is a research scholar and software developer at the NYU Center for Cyber Security (CCS), where he leads the development of The Update Framework (TUF), and has been co-maintaining several of Prof. Justin Cappos’ software projects, most notably the supply chain security framework in-toto. Lukas also supervises students and gives talks about TUF and in-toto.

Matthew Suozzo is a Software Engineer at Google working on supply chain security.

Max McDonnell is a packaging system enthusiast and hobbyist. He is a Staff Engineer at Voltus Inc where he is responsible for the existence of an internal packaging system that is on its way to feature parity with more mature software that probably should have been used in the first place.

He has created a Nix-inspired package manager and build system called Bramble. It is not intended for adoption, but is a fun exploration of Nix's functionality in Go if that is of interest to others.

Maximilian Huber is a open source compliance nerd and principal consultant at TNG Technology Consulting, where he is specialized on building and integrating Open Source compliance solutions from Open Source.

He is a commiter and maintainer in several Open Source projects like FOSSology, SW360, LDBcollector, yacp and the license-compliance-toolbox. His activity can be found on https://github.com/maxhbr.

Maximilian other most prominent interests are functional programming languages like Haskell and functional package managing with NixOS.

May comes from a software development and cyber security background, with an interest in how infrastructure and software supply chains can be made both simpler and more secure.

Mihai Maruseac is a member of Google Open Source Security team (GOSST), working on Supply Chain Security, mainly on GUAC. Before joining GOSST, Mihai created the TensorFlow Security team after joining Google, moving from a startup to incorporate Differential Privacy (DP) within Machine Learning (ML) algorithms. Mihai has a PhD in Differential Privacy from UMass Boston.

Mike Landau is a full-stack software engineer with 13+ years of experience. He's worked at large companies (Facebook, Airbnb), started several startups (Storylane, Cut+Dry, Jetpack.io), and contributed to open source projects (devbox, launchpad, graphp). Some of Mike's areas of focus include improving developer productivity, helping engineering teams scale, and making writing code in large companies as productive and enjoyable as it is in small teams.

Paul is an Engineer at heart, with a love of PowerShell, Automation, Chocolatey, Scottish single malt whisky and wireless earphones. He has given workshops and spoken at many events across the UK, Europe and the US. He has a real passion for passing on knowledge and loves to talk with aspiring techies.

He is an MVP in Cloud and Datacenter for his work in PowerShell, a Microsoft Certified Trainer (MCT), Lead Engineer on the Boxstarter and DSC cChoco Chocolatey projects and is an organiser of the DATA:Scotland event. His career has seen him work in many sectors for over 30 years. As somebody kindly put it, he's been about a bit.

In his spare time, he usually continues to stare at computer screens and works on his own or Chocolatey projects. But on those rare occasions, when he is not staring at computer screens and listening to a strange mix of music on his wireless earphones, you can find him relaxing with a nice single malt whisky and reading ... usually ancient, medieval or military history books.

Software engineer on the package security team at GitHub helping secure open source packages, previously worked on automating dependency updates with Dependabot.

Philipp Burckhardt is Lead Data Scientist at Socket (socket.dev), where he is helping to secure software supply chains by utilizing artificial intelligence.

Together with Athan Reines, he is engaged in the development of a standard library for JavaScript bringing numerical and statistical computing to the web (https://github.com/stdlib-js/stdlib). An avid open-source contributor, he has spoken at various international conferences on topics ranging from political science, health-care informatics to machine learning and software engineering.

He holds a PhD ins Statistics & Data Science from Carnegie Mellon University,

Maintainer of ETOOMANYTHINGS, including CPython, pip, TOML, resolvelib, Furo, and more.

In my spare time, I have been one of the Poetry maintainers since spring 2022.

At my day job, I am a software developer at TraceTronic, working on a large multiplatform Python application.

I'm a Software Engineer and Devrel at Wasmer.io . I help around the WASIX ecosystem and promote WebAssembly. I recently graduated from Trinity College Dublin. I love cooking, culture exploration, reading history and playing guitar whenever I find the time.

I am currently working as Senior Staff Software Engineer at Meetup. And I am also helping out as maintainer for Homebrew.

Student at ENS Ulm in computer science, interested in formal verification and programming languages, NixOS developer and contributor in UEFI (Secure Boot) and boot ecosystems, NixOS release manager for 23.05 and 23.11.

Slightly addicted to Nixpkgs packaging and fascinated by the treasure induced by all of this data.

I'm a Principal Engineer at Buildkite, plugging together pipelines, artifacts, and packages, constantly looking for better ways to ship more reliable software to production.

Samuel is a developer well-versed in the rituals of writing software that occasionally work. By day, Samuel is doing random interesting things for Nerdsniped LLC; by night he can be found breaking open source projects such as RubyGems.org, Bundler, and Bazel (let’s be honest, the day and night activities are starting to converge). Before this whole "developer" thing, Samuel studied in the highly impractical Mathematics & Economics departments at UChicago, learning subjects such as "numbers", "social theory", and "memes". When not coding, Samuel is often in the kitchen, marveling at the fact that dinner smells better than it looks.

Sebastian Schuberth is an Open Source enthusiast and automation freak. He has more than 20 years of experience with professional software development and DevOps topics, and recurrently contributes to Open Source projects like the Gradle package manager, Package URL, or SPDX.

I am a scientific software dev at QuantStack

Todd Gamblin is a Distinguished Member of Technical Staff in the Livermore Computing division at Lawrence Livermore National Laboratory. He created Spack, a popular open source HPC package management tool with a rapidly growing community of contributors. He leads the Packaging Technologies Project in the U.S. Exascale Computing Project, LLNL's DevRAMP project on developer productivity, and an LLNL Strategic Initiative on software integration. His research interests include dependency management, software engineering, parallel computing, performance measurement, and performance analysis.

Software supply chain security expert with 10+ years of knowledge. SLSA v1.0 and in-toto steering committee, Uptane advisor, TUF and SBOMit maintainer, Sigstore contributor.

William Woodruff is an Engineering Director at Trail of Bits, a NYC-based cybersecurity consultancy. He currently splits his time between open source engineering (primarily supply chain and cryptographic engineering) and running the Ecosystem Security group, which is responsible for contributing security and usability improvements to a wide range of open source tools and services (PyPI, Homebrew, pip-audit, Sigstore, LLVM, PyCA Cryptography, etc.).

Outside of work, William is a member of the Homebrew project and is a contributor to a wide variety of open source projects. He maintains a personal blog at https://blog.yossarian.net.

Software engineer at Google, I have been working on Bazel since 2016.