What is ASF Tooling?
ASF Tooling is an ASF Initiative launched in March 2025 to meet the growing global demand for ASF software by hardening ubiquitous Apache projects that benefit the greater open source ecosystem.
We are developing new tooling that will help ASF’s open source project communities streamline development, automate repetitive tasks, reduce technical debt, and better collaborate. Additional Initiatives are in the planning stages including security capabilities that meet the EU's Cyber Resilience Act (CRA) and US’s CISA recommendations. New products being developed under the Tooling Initiative are separate from the tools developed by ASF Infrastructure.
Tooling Goals
- Automate the Release Process around compliance guiding ASF open source projects to providing the SBOMs and other attestations needed in a secure software supply chain.
- Automate the Release Process for the benefit of PMCs while also reducing infrastructure costs and management complexity.
Contribute to the Discussion
- Repository: https://github.com/apache/tooling-docs
- ASF Slack Channels: #tooling-discuss – #apache-trusted-releases
- Mailing List: dev@tooling.apache.org – archives
- Subscribe to Mailing List: dev-subscribe@tooling.apache.org
Security Issues
To report a new vulnerability you have discovered please follow the ASF vulnerability reporting process.
Copyright 2025, The Apache Software Foundation, Licensed under the Apache License, Version 2.0.
Apache® and the Apache feather logo are trademarks of The Apache Software Foundation.