Trust as a service for validating OSS dependencies

<p>ICYMI, listen to <a href="https://stackoverflow.blog/2023/11/10/how-the-cocreator-of-kubernetes-is-helping-developers-build-safer-software/">part one</a> of this conversation.</p><p>Craig is the cofounder and CEO of <a href="https://stacklok.com/">Stacklok</a>, which helps developers and open-source communities build safer software, secure the supply chain, and choose safer dependencies. Stacklok’s free-to-use service, <a href="https://stacklok.com/trusty">Trusty</a>, employs a statistical analysis of author/repo activity and a package’s source of origin to assess its trustworthiness.</p><p>Craig cofounded the <a href="https://kubernetes.io/">Kubernetes</a> project, an open-source system for automating deployment, scaling, and management of containerized applications.</p><p>Craig is on <a href="https://www.linkedin.com/in/craigmcluckie/">LinkedIn</a>.</p><p>Stack Overflow user <a href="https://stackoverflow.com/users/1281407/mprivat">mprivat</a> earned a well-deserved <a href="https://stackoverflow.com/help/badges/8842/lifeboat">Lifeboat badge</a> by answering <a href="https://stackoverflow.com/questions/33682403/abstract-class-extending-concrete-classes">Abstract class extending concrete classes</a>.</p>