Open Source Summit India 2026

PyTorch is a widely adopted library for deploying ML workloads. It provides robust support for resource optimization, including CPU offload capabilities, memory and distributed workload management. The primary objective of any ML workload is to achieve maximum performance during inference or training. PyTorch enables acceleration of these workloads through support for torch.compile and distributed library capabilities. This session will cover the internals of the torch.compile stack, including the reasons for performance improvements such as internal graph representation optimization. These benefits will be demonstrated in the hands-on part of the session. While torch.compile can provide performance improvements on a single GPU, most production workloads require multiple GPUs to significantly reduce overall execution time. This session will examine how tensor distribution across GPUs is performed using various parallelization techniques, including data, tensor, and pipeline parallelism. The hands-on part of the session will involve implementing these parallelization techniques within a mini-PyTorch implementation, enabling practical understanding of distributed training strategies.

Open source projects often attract many new contributors, but only a small percentage stay long enough to become long-term community members. What makes some communities different?

In this talk, I share lessons from my journey from a first-time contributor to a maintainer and community manager in the CircuitVerse ecosystem. Through mentoring contributors, reviewing pull requests, and helping grow a community used by hundreds of thousands of learners, I discovered that retention in open source is less about technical complexity and more about belonging.

This session explores practical strategies for building communities where contributors feel welcomed, supported, and empowered. From responsive communication and mentorship to giving contributors ownership and encouraging collaboration, small actions can significantly impact contributor retention.

Attendees will leave with actionable practices that maintainers and community leaders can apply to build open source communities where contributors not only participate, but choose to stay.

Quantum computing is moving from theory to practice, but getting started can feel challenging. This session offers an accessible, open‑source path to writing and running quantum programs. We begin by explaining how quantum computing differs from classical computing starting with bits, then introducing qubits, superposition, and entanglement using clear, intuitive descriptions rather than heavy math.

We then explore why quantum computing matters, highlighting problems where classical methods struggle and quantum techniques may help. Next, we shift to hands‑on work: participants will build simple circuits with Qiskit, run them on simulators, and learn how to execute the same code on real quantum hardware. We also demonstrate hybrid quantum‑classical workflows for practical use.

Throughout, we focus on intuition, visuals, and step‑by‑step guidance. By the end, attendees will understand how quantum programs are structured and feel confident continuing their exploration—whether they’re developers, students, researchers, or curious learners.

Every npm install or pip install pulls in dozens of packages which includes transitive dependencies no one has reviewed. This is the most unguarded moment in the software supply chain: malicious code enters a developer's machine before any CI/CD check or SBOM scan even runs.

Attackers know this. Typosquatting, dependency confusion, and pre/post-install script exploitation all target the install step specifically, because that's where defences are weakest.

In this talk, I'll discuss a different approach: guarding the package manager itself. Instead of scanning after installation, what if we could analyse packages in real-time and block threats before they execute? I'll walk through real attack patterns, explain how combining malware analysis with OS-native sandboxing makes this practical, and share what we've learned building open source tooling in this space.

You'll get to know about:
- Why install-time is the critical gap in dependency security
- How real supply chain attacks bypass pipeline-stage scanning
- Practical ways to add real-time package protection using open source tools

What if two independent builds of the same source code produced byte-identical artifacts every time? That’s the goal of reproducible builds and one of the strongest guarantees we can provide for software supply chain integrity. Yet in many CI/CD systems, builds still include hidden sources of nondeterminism.

In this session we’ll break down what reproducible builds actually mean, why they matter beyond simple bit-for-bit equality, and the common pitfalls that quietly break reproducibility—embedded timestamps, non-deterministic file ordering, and environment leakage.

As a Tekton maintainer, I’ll show how Tekton pipeline primitives such as hermetic execution, parameterized TaskRuns, and provenance via Tekton Chains can make deterministic builds practical in real pipelines. Through a live demo, we’ll build a container image, verify identical digests across independent pipeline runs, and generate SLSA-compliant provenance.

Attendees will leave with a clear mental model of reproducibility and concrete patterns for auditing and improving their own pipelines.

Securing software supply chains requires more than just standard formats like SBOMs or SLSA Provenance. Organizations often need custom attestations, metadata that proves how an artifact was built, what dependencies were used, and whether policies like vulnerability scans or unit tests were executed.

In this session, I will show how to extend supply chain security using open-source tools such as Cosign, InToto, and Witness to generate, ingest, and verify these custom attestations.

You’ll learn:

- How to produce attestations for builds, tests, and security checks.

- Methods to sign and verify artifacts, ensuring integrity and authenticity.

- Ways to maintain provenance and chain-of-custody for all artifacts.

- How to enforce custom compliance policies in CI/CD pipelines using OPA.

Through an end-to-end practical demo, you will gain actionable strategies to go beyond standard attestations, giving full visibility and trust in your software supply chains.

Last week, a developer's AI coding agent was asked to refactor a module. Instead, it read .env files, ran git push --force on main, and made 300 API calls costing $47. The agent worked exactly as designed - there were just no guardrails with teeth.

AI agents can now execute shell commands, access secrets, call APIs, and spawn sub-agents. But today's safety approaches are just filters - they can't prove an agent actually stayed within bounds.

Aflock is an open source framework built on Witness and in-toto that treats agent permissions like a lockfile treats dependencies - signed, immutable, and verifiable.
No trusted hardware needed. Just policy files and attestations.

https://github.com/aflock-ai/aflock (Apache 2.0)