 It is my pleasure and honor to welcome you all to ChaosCon 2023 North America in Vancouver. Super excited that you're all here with us. Also shout out to everyone who is online and joining us remotely. I am super stoked that we can come together again and have some interactions. And I'll go over a few housekeeping things and then get into the program for today. First I have a few thank yous. First I want to thank our sponsors that we are able to come together and provide the environment that we are providing. So thank you to Google and the Alfred Pease Loan Foundation. I also want to thank our program committee. It takes a lot of time, a lot of effort, a lot of planning ahead of time to put together a program to plan this all out. And so thank you to everyone who has helped in that process. I also want to thank you all for coming and for being good participants today. This is my shout out that we have a code of conduct. We are sharing it with the Linux Foundation event. For being here you've all agreed to it. And this just reminds me we want to be welcoming and inclusive to everyone. And if you have any issues please let me know or the Linux Foundation staff that we can address any concerns. I do hope that we have a good time together. Now this is for everyone. This is for you here. Everyone online please join our Slack channel where we can ask questions, where we can ask common and communicate throughout the conference. When we have a hybrid event like this with people online and here in the room, it is really we need some kind of tool to connect and bridge that gap. So we are using the Chaos Slack. We have a dedicated channel, the ChaosCon channel. And that's where we'll look for comments online for the speakers later if we have any discussion. I'll leave this up here for just another moment. It has worked really well at the last ChaosCon events. For those taking pictures, I assume right now you're scanning the QR code. As you are taking pictures throughout the event and posting status updates, we do encourage you to share it on social media. We have a Twitter account. We have a Macedon account. There is a LinkedIn profile. Please use any of those and use the hashtags ChaosCon and Chaos. That way we can find it and share it and we can create some excitement around what we are doing here today. We have an agenda and my role today is to keep us on track for time. We have three keynotes and then a lot of discussion and interaction. This is intentional. We wanted to have a lot of collaboration going on. We have first, Sofia Vargas, with how do we build towards open source sustainability. Discussion of issues, opportunities, expectations and the role of individuals, companies and organizations. And then we'll have a discussion. I'm super excited for what Sofia has prepared here. And then we'll have a coffee and tea break that is great for connecting and talking with each other and getting hydrated again. And then we'll move into the keynote two by Emma Irvin, which I'm so excited that you're back at ChaosCon. It's been a while. And the topic is how do you interpret, motivate to improve and share results of open source software community health related findings within an organization? So how do we go beyond just looking at the data but actually talk about it and convince others that we have some really good insights? We'll have a discussion session. And Emma, we didn't talk about this, maybe during the break we can talk about this. There's a discussion that comes directly out of your talk or if we use some other prompt that we have prepared. And then the third keynote, this is shared between our software groups in the Chaos Project where we will see some of the latest developments and get to see what we have today in the Chaos Project for collecting metrics and getting insights. And we'll round it all off with some lightening talk style closing to the discussion. So the two discussions that we have in the beginning or throughout the day, we'll ask you to collect notes and then at the end we'll report out. And that's where we get to share this and have a conversation about it. So that's the plan. For everyone online, we will have, for the discussions, we'll pause the stream because this is really where we'll have conversations here in the room. You're of course welcome to take the discussion to Slack. We're just not quite sure how that will work, so that's why we decided to pause the stream. Now, to kick off today's event, we have a few thoughts that I would like to share about where we are today, what's going on, and then also about the Chaos Project so that we understand where we are, what are we doing here. When we look at the industry as a whole, there are several challenges. I just cherry-picked a few challenges here. One is open source has immense value. There's a lot of interest in open source. The open forum Europe has published a report where the value, the contribution to the European growth domestic product is estimated between 65 to 95 billion euros. Adjust in Europe. Open source available worldwide. There's a lot more value that is being created. And from study after study after study, we also know that open source has found its way into almost every source code, every source software base. Anywhere between 70 to 100% are the studies that we have seen in the last years coming out. So open source is everywhere. What we also know is that a lot of open source projects fail. Whatever that means that it fails, usually that there's no more development, there's no community forming. And then we have some open source projects that get really big communities. And we need to understand these dynamics a little bit better. So there's a demand for software to demonstrate the value of metrics as we are looking at our communities to understand this, what is going on here at the project and ecosystem level. The risks, so one was the value, but there's also huge risks. We have seen, and again just cherry picking two examples here. There was a lock for shell only two years ago. If you remember that, it was right before Christmas and there was a huge scramble trying to fix this vulnerability and close it, which has existed for years in the software without anyone knowing. And it was affecting 93% of enterprise clouds and a lot of other systems. Huge investment to mitigate that vulnerability, find it wherever it was in our software and our supply chain and close it. And then a couple years earlier just to say this is not just a problem for tech companies. This is a problem for society as a whole. We saw this example of Equifax, a company in the United States that is collecting private data, personal data to create credit scores. They were using an open source library and did not update when a security fix was provided because whatever reason, they might not have even known they were using it. No one was paying attention, whatever it was. And 40% of the population of the United States had their data stolen because of this vulnerability and the way that Equifax was managing open source. Huge economic loss that happened here. So this is affecting everyone and the risks are really big. And we've seen governments getting involved. We've seen legislations being drafted for securing the software supply chain and getting a handle on, you know, just how do we secure this infrastructure that is being built with software and open source is super important part of this. So there are several things that need to be done and that are being done. There's software composition analysis that companies are doing to find all of the components in their software, all of their open source libraries, which is good to have a good understanding so that we can find what we actually are using. That's the first problem. A lot of companies don't even know what's all in their source code. We also then can do vulnerability detection, scan the code and have reporting on the ecosystems. That's where we would like to go. We can do proactive risk assessment where we want to see, okay, let's take a look at what is that software that we're using that is in our code base, in our company. Let's collect some metrics on this. And software bill of material, SBITX format, it's a huge initiative that's been going on for, what, 10, 20 years now? Slowly making its way everywhere so that we have a way to communicate. This is all the open source software that we are using and then we can analyze it. So there's a lot of things that are happening. And again, there's probably a lot more that I haven't mentioned. And chaos is at that intersection here. We are providing something valuable as a community around the community health. So there's the source code, there is detecting everything, finding everything. But then how do we actually understand who is making those open source software? Who is in those projects? And there are four primary stakeholders that we thought of when we started chaos. We have the open source contributors that want to know where they should place the efforts to know that they're making an impact. We have the open source communities that want to attract new developers, new members, and want to make sure that they are being consistent, have good quality. We also have open source companies that want to engage with communities, engage with the software, but want to have some guidance on where to put their efforts, what actually needs help, where do we go. Make some good decisions here. And then foundations. Foundations are shepherding a lot of open source projects, and they need some insights to how they're doing, report on that, share to their members, and make sure that their work is being impactful. So that's why we created chaos in 2017. We wanted to improve the transparency around the health of open source communities. We wanted to educate maintainers, companies, foundations, and then help ideally, you know, this is supposed to contribute to creating more healthy communities. By understanding it better, having shared language around metrics, we can build towards best practice around it. The way we imagined this was we'll have metrics that we need to define, create some shared language, we'll have some software that implements this, we start collecting the data and producing it, and that was the idea, and they inform each other. As we are defining metrics, we'll see what we can do in the software. As we're implementing things, we need to update the descriptions because we learn how it's actually being used. This was the idea, basically move from metrics to software and help everyone. And to talk about the chaos project, how we set this up, we have two software projects that are advancing this metrics right now. We have the grimoire lab tool and the auger tool. They take different approaches, they do different things, different metrics that they're focusing on, innovating in different areas. And then we have the metrics. And the metrics are defined in working groups that are focusing on risk metrics, diversity, equity inclusion metrics, common metrics, and then building metric models where we bring them together into use cases or specific scenarios on how they can be viewed as a collective. And then, so that's the working groups in chaos, how we are organized. That's where a lot of the metrics discussion is happening. We also have working groups, not just on the metrics, but also on context. So we have working groups dedicated towards what one is for open source program offices. One is for the app ecosystem, GNOME and KDE specifically, Science, University, Academia. They're different focuses that we want to set and define, okay, these are the metrics relevant here, these are the metric models. And then as chaos, there are also some supporting functions that we need to provide, communications, we need the website, we have the software, we have a diversity, equity inclusion, badging program, we have a podcast, so a lot of different things. And finally, this is a fairly new addition is via added chapters that are providing local communities throughout the world. We have Chaos Africa, Chaos Asia Pacific, we are working towards having one in Latin America and Eastern Europe as well. So this is where I'm going to leave you, a little overview of where the chaos project is today, what we are working on. And I encourage you, if you're here for the first time, just getting interested, come join us. And to everyone who is already here, thank you for being part of this. Another great way to learn more is to listen to our podcast where we bring on different people from the ecosystem to talk about their own metric journey, what they're doing with community health. And we are all chaotic, so thank you for being chaotic, thank you for being chaotic today and being here and participating in this. This closes my part of welcoming you and sharing where we are and we can move forward in our agenda right on time. Well, we are actually five minutes ahead of time, so perfect. And next up we have Sophia.