Trusty provides a free-to-use service with scoring and metrics about a package’s repo and author activity.
Minder is an open source platform that helps project owners build more secure software and prove that what they’ve built is secure.
We're excited to announce the launch of Minder and Trusty, two free-to-use tools that build on the power of the open source project Sigstore to help developers and open source communities keep their software safe.
Today, we’re excited to announce the launch of Minder and Trusty, two complementary tools that build on the power of the open source project Sigstore to help developers and open source communities keep their software safe.
Sigstore has been gaining traction as a much simpler way for developers to sign and verify artifacts and make sure they aren’t malicious or compromised. Developers can now publish npm packages with provenance, and Google’s Open Source Security Team announced intentions to use Sigstore for AI model signing and verification. But it’s still not a routine practice, even though malware injection and security threats for open source software are becoming more common. So how do we get there?
First, we need to make it easier for teams and open source communities to automate artifact signing and make it part of the software development lifecycle. Doing so ensures that artifacts are tamper-proof and have a verifiable chain of trust back to the source code. That’s where Minder comes in: Minder is an open source platform that helps teams automate and enforce security practices like artifact signing and verification consistently across multiple repos.
Secondly, we need to help developers easily understand whether an open source package is what it says it is, and is safe to use. We built Trusty to help with this—it’s a free-to-use service that helps developers make safer dependency choices. While there are existing tools today that provide information on open source packages, it’s possible to get the wrong information from malicious actors. Trusty uses Sigstore to show proof of a package’s origin and verify that our data maps back to the right source repo.
Let’s take a closer look at both of these products and how they can help.
Open source is a key part of the development process: nearly all developers rely on open source libraries and frameworks. As executive orders call for stricter standards for software security and AI, companies will expect those standards to be in place for the software their developers consume. We need to help open source communities—often unpaid volunteers—more easily adopt and enforce security best practices and prove that their software is secure.
That’s why we’re introducing Minder. Minder is an open source platform that helps development teams and open source communities proactively manage their security posture. It provides a set of checks and policies to minimize risk along the software supply chain, and attest security practices to downstream consumers.
Minder’s key features include:
Repo configuration and security: Simplify configuration and management of practices like secrets scanning, branch protections, and dependency management across multiple project repos.
Dependency and license management: Manage dependency security posture by helping developers make better choices and enforcing controls.
Artifact signing and verification: Continuously verify that packages are signed to ensure they’re tamper-proof, using the open source project Sigstore.
Minder also integrates with Trusty to enforce safe dependency usage based on Trusty scoring. (Note: Using Minder does not directly influence Trusty scoring.)
Minder can be deployed as a Helm chart, and for public repos, we provide a Stacklok-hosted version of Minder for ease of use.
In February 2022, JFrog’s security research team discovered the malicious package "markedjs". The author used a technique called “masquerading” or “starjacking” to make the package’s metadata look identical to a reputable package ("marked"). One thing that wasn’t identical was the number of actual downloads: while "marked" had an average of 5,611,123 weekly downloads, the "markedjs" package only had 10.
Before taking a dependency on an open source package, developers need to know that it’s authentic, actively maintained, and not malicious. The absence of CVEs alone doesn't tell you this. That's why Trusty takes a holistic approach to vetting open source packages. We use statistical analysis of factors like author and repo activity, along with source-of-origin verification and other safety checks, to provide a clear signal about a package’s trustworthiness.
Key capabilities of Trusty include:
Data-driven scoring: Our scoring is based on statistical analysis of public GitHub package data. This rating system establishes a benchmark for average levels of package activity, and is based on individual scores for repo and author activity.
Note that a low activity score could also mean that the package and/or its maintainer are new. We don't want to discourage adoption of promising new software, which is why we include additional metadata, provenance, and safety checks for further evaluation.
Package provenance: Trusty displays Sigstore provenance information for npm packages when available, helping to deflect starjacking attempts like the one above.
Malicious activity checks: Trusty looks out for and flags signs of potentially malicious behavior, like the presence of multiple packages with similar names (“typosquatting”) and multiple packages pointing to the same repo (“starjacking”).
“Package activity is a key predictor of its health and safety. That's why Envoy's policy on external dependencies includes evaluation factors like number of commits in the last 90 days, release notes, and whether other projects depend on it, so that we can make safe choices."
— Matt Klein, founder, Envoy proxy
We are committed to providing Minder and Trusty as free-to-use tools, because we believe that developers and open source communities need open access to tools that can help them make their software safer. We’re also committed to continuing our work upstream with the Sigstore and OpenSSF communities, particularly on new initiatives like securing AI models and encouraging more ecosystems to support publishing packages with provenance.
In the meantime, you can stay up to date on product updates by signing up for our newsletter below, or following us on X (Twitter).