Joshua Lock
VMware
Staff Open Source Engineer
UK
Joshua is a Staff Open Source Engineer in VMware’s Open Source Program Office where he works on software supply chain security standards and tools. He is a steering committee member and maintainer for the Supply chain Levels for Software Artifacts (SLSA) project, an editor of The Update Framework (TUF) specification and maintainer of python-tuf and go-tuf implementations, and a root key holder for and design contributor to Sigstore. Joshua has a long history of contributing to open source software. His noted works to date are on build tools (Yocto Project, OpenEmbedded), CI/CD systems, Linux distributions (MeeGo, Moblin, Tizen), UX for clamshell and tablet devices (GNOME), and more that he can't remember.