Wenxin Gong is a software developer based in Sydney with six years' experience building secure, scalable backend and DevOps tooling at major tech companies including Google, Microsoft, and Huawei. At Google she worked on the Open Source Security Team contributing to high-impact projects like OSS-Fuzz and ClusterFuzz—authoring automation helpers, dependency and build improvements, and security-related fixes that streamline large-scale fuzzing infrastructure. Her work on the OSV-scanner added practical scanning subcommands and Go stdlib version extraction, reflecting a focus on practical developer tooling and vulnerability detection. Wenxin combines production-grade engineering with security-minded automation, and her contributions often sit at the intersection of build systems, CI automation, and cloud auth workflows. She holds a Bachelor of Information Technology from The University of Queensland and brings an international academic background from exchange study in China.
6 years of coding experience
5 years of employment as a software developer
Bachelor of Information Technology - BInfoTech, Software Design, Bachelor of Information Technology - BInfoTech, Software Design at The University of Queensland
Exchange, Information system, Exchange, Information system at Soochow University
Year 12, Year 12 at IES College
High School Diploma, HIGH SCHOOL/SECONDARY DIPLOMAS AND CERTIFICATES, High School Diploma, HIGH SCHOOL/SECONDARY DIPLOMAS AND CERTIFICATES at Chongqing Bashu Secondary School
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
Role in this project:
Back-end Developer
Contributions:272 reviews, 150 PRs, 90 pushes in 1 year 6 months
Contributions summary:Wenxin primarily contributed to improving the `osv-scanner` tool. Their work focused on refactoring the call analysis behavior by introducing new flags and disabling it. They also implemented features related to the Go standard library version extraction. Furthermore, they enhanced the project by adding OSV-Scanner subcommands, including a "scan" command with source and image subcommands, and modifying the output results.
Contributions:45 reviews, 82 PRs, 136 pushes in 6 months
Contributions summary:Wenxin primarily contributed to the infrastructure and build process of the project. They updated the `pipenv` version and made changes to the `local/install_deps_linux.bash` file, which is related to the setup of dependencies. The user also implemented a proxy for firebase auth and added related configurations. Further, they fixed the CSP error. Finally, the user added bug throttling and bug fixes.
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.