Lessons learned from `oapi-codegen`'s time in the GitHub Secure Open Source Fund
Summary
The article reflects on participating in GitHub's Secure Open Source Fund for oapi-codegen, highlighting how dedicated time and funding helped improve security governance, maintainer onboarding, and compliance with best practices. It details concrete steps taken (security policy, branch protections, Code Scanning, govulncheck) and discusses community access, risk awareness, and future plans for secure, well-maintained open-source projects.