DEV Community

Luke Hinds for Stacklok

Posted on • Edited on

1 1 1 1 1

Announcing the Proof-of-Diligence (PoD) algorithm: A method of modeling trust and maintainability in open source ecosystems

Today we went public with some research work turned prototype, and soon to be available feature in the free Stacklok Trusty threat pipeline service. The last time I was honestly this excited about a project was after starting sigstore. It's now the turn of others to feedback what they observe and summarise, so we are opening a private beta test cycle. We are seeking security researchers, developers, and OSPO folks to collaborate and tell us of their impressions, concerns or praise.

For more details have a read of my co-authored blog on stacklok; https://stacklok.com/blog/announcing-the-proof-of-diligence-pod-algorithm-a-new-approach-to-evaluating-open-source-safety-and-sustainability

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more