Jonathan Leitschuh is a software engineer and prolific open source security researcher with 12 years of experience, credited on 40+ CVEs and known for the widely covered 2019 Zoom macOS vulnerability disclosure. He specializes in large-scale OSS vulnerability hunting and automated remediation using tools like CodeQL, GitHub Code Search, and OpenRewrite, and has driven fixes across critical Java ecosystem projects such as Gradle, Maven, and SnakeYAML. Jonathan blends deep build-tooling and JVM expertise with practical automation—authoring Gradle plugins and mass-refactor recipes—to scale disclosure and fixes through bulk pull requests. He’s an inaugural Dan Kaminsky Fellow who has presented at DEF CON, Black Hat, and GitHub Universe, and has applied his research at organizations including Chainguard, the Linux Foundation, HUMAN, and Gradle. Based in Boston, he pairs hands-on engineering (from robotic vision to CI/test frameworks) with an advocacy focus on making open source safer at scale.
12 years of coding experience
11 years of employment as a software developer
Bachelor of Science (BS) Robotic Engineering & Computer Science, Bachelor of Science (BS) Robotic Engineering & Computer Science at Worcester Polytechnic Institute
Diploma High School, Diploma High School at Thetford Academy
Contributions:127 commits, 118 PRs, 82 pushes in 1 year 2 months
Contributions summary:Jonathan contributed to UI improvements and updates within the Angular UI Grid project. Their work involved upgrading Protractor and related grunt-protractor tools, reflecting a focus on testing and component interaction. Further contributions included the creation of new directives, `ui-grid-one-bind`, designed to reduce the number of watchers on the DOM, directly impacting grid performance, particularly concerning accessibility features. They also fixed documentation and test-related issues.
Contributions:89 reviews, 69 commits, 136 PRs in 9 months
Contributions summary:Jonathan primarily focused on improving the `rewrite` repository, which is designed for automated source code refactoring. Their commits showcase the addition of recipes for various refactoring tasks, such as simplifying conditional branches, converting HTTP to HTTPS for Gradle and Maven repositories, and fixing bugs in existing refactoring recipes. They also created a recipe to simplify compound statements and addressed issues related to unused local variables and added support for taint tracking.
masspythonastabstract-syntax-treerefactoring
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.