Joshua Lock
Staff Open Source Engineer
VMware
UK
Joshua has spent most of his career as a software engineer working on open source in the software supply chain and secure software delivery space. In his role as the security domain lead at the VMware Open Source Technology Center, he contributes to upstream secure software supply chain projects and their integrations into the open source ecosystem. Most notably, Supply chain Levels for Software Artifacts (SLSA) and as a maintainer of The Update Framework (TUF) and leading a team working to integrate TUF into the Python ecosystem. In addition to his upstream contributions, he acts as a developer advocate at VMware for open standards, open source technologies and best practices around securing software supply chains and contributing to open source projects. His noted works to date are on build tools (Yocto Project, OpenEmbedded), CI/CD systems, Linux distributions (MeeGo, Moblin, Tizen), UX for clamshell and tablet devices (GNOME), and more that he can't remember.