Open source software doesn't just happen—it relies on the dedication, expertise, and often unseen labor of maintainers. These individuals are the backbone of any healthy project, carrying the weight of responsibility for stability, security, and forward momentum. In the case of OpenStack and Zuul, a number of maintainers have stepped up in remarkable ways to push critical work across the finish line. It's time we spotlight some of these efforts and the people behind them.

Scaling Vulnerability Management in OpenStack

In the realm of vulnerability management—a vital yet demanding part of any open source ecosystem—Jay Faulkner from G-Research and Brian Rosmaita from Red Hat have taken on an increasing share of responsibility within the Vulnerability Management Team (VMT). As security concerns continue to grow in complexity, having dependable maintainers ensuring timely, thoughtful responses to potential threats is more crucial than ever. Jay and Brian's leadership and diligence have brought resilience and consistency to the security lifecycle of OpenStack.

Image Encryption: A Long-Awaited Milestone

Another standout story is the tireless effort behind Image Encryption, an OpenStack feature that has been long in the making and is finally nearing completion. Josephine Seifert and Markus Hentsch from Cloud&Heat have been instrumental in pushing this initiative forward. Their commitment to privacy and data protection in cloud infrastructure is a model of how specialized, focused contributions can deliver high-impact results across the community.

Zuul and Identity Federation: Quiet Giants

Of course, no conversation about OpenInfra maintainers would be complete without mentioning Jim Blair at Acme Gating, who continues to be the primary force behind Zuul, including many aspects of its security-related functionality. Jim's consistent stewardship ensures that Zuul remains a robust CI/CD system trusted by numerous projects.

Alongside that, the OpenID Connect (OIDC) identity federation work deserves recognition. This critical effort allows Zuul to mediate authentication with third party services for CI jobs, reducing the number of credentials that would otherwise need to be managed and shared. This reduces the overall risk to CI managed supply chains improving security for Zuul users. The progress here is a collaborative achievement involving Jim Blair, Dong Zhang at BMW, and Tobias Henkel at BMW. Their combined efforts are helping pave the way for more scalable and interoperable identity management.

Why This Matters

Maintainers are not just contributors—they are caretakers, strategists, and often the first line of defense in security. Their work is what transforms community collaboration into production-grade infrastructure. Recognizing their contributions is not only a gesture of gratitude—it’s a reminder of what sustains open source: people.

So to Jay, Brian, Josephine, Markus, Jim, Dong, and Tobias: thank you. Your work doesn’t go unnoticed—and the OpenStack community is stronger for it. Happy #MaintainerMonth!