Andrew Nesbitt
Andrew Nesbitt is a package manager researcher who builds tools and datasets for understanding open source software at scale. He created ecosyste.ms, an open data platform indexing package metadata, repository data, and CI configurations across crates.io, PyPI, npm, and dozens of other ecosystems.
He maps the infrastructure that supports open source: package managers, dependency graphs, and the security properties of software supply chains. ecosyste.ms tracks over 6.5 million Dependabot pull requests, extracts SBOMs from hundreds of thousands of Docker images, and provides open APIs for researchers and maintainers working on ecosystem health.
Andrew shares this work through talks at FOSDEM, PackagingCon, Open Source Summit, and Ruby conferences. He organises the Package Management devroom at FOSDEM.
Previously he created Libraries.io, one of the first large-scale dependency tracking platforms for open source.
Events
| Title | Day | Room | Track | Start | End |
|---|---|---|---|---|---|
| git blame for your dependencies |
Sunday | H.2215 (Ferrer) | /dev/random | 14:40 | 14:55 |