Area
core
NestForge Version
1.9.0
Rust Version
1.87
Summary
To protect the NestForge ecosystem from low-quality AI-generated contributions, we need to implement Vouch: a community trust management system.
Inspired by the Trustdown (.td) format, this system will allow maintainers to vouch for or denounce contributors. Unvouched users will be restricted from certain interactions (e.g., opening PRs or Issues) until a trusted member of the community vouches for them.
Technical Spec
The implementation will focus on a decentralized, flat-file database and CLI integration.
1. The VOUCHED.td Format:
A minimal, line-based format stored in .github/VOUCHED.td:
username (Vouched)platform:username (Explicit platform, e.g., github:vernonthedev)-username [reason] (Denounced user with optional metadata)
2. CLI Commands (nf vouch):
nf vouch check <user>: Returns exit code 0 (vouched), 1 (denounced), or 2 (unknown).nf vouch add <user> --write: Appends a user to the local trust list.nf vouch denounce <user> --reason "AI slop": Marks a user as untrusted.
3. GitHub Action Integration:
check-pr: Automatically labels or closes PRs from unvouched users.manage-by-comment: Allows maintainers to trigger /vouch @user or /denounce @user directly from Issue/PR comments to update the .td file.
4. Web of Trust Logic:
The CLI will support a vouch.toml config to include external trust lists:
[trust]
include = [
"[https://raw.githubusercontent.com/ghostty-org/ghostty/main/.github/VOUCHED.td](https://raw.githubusercontent.com/ghostty-org/ghostty/main/.github/VOUCHED.td)",
"[https://raw.githubusercontent.com/nestforge/community/main/VOUCHED.td](https://raw.githubusercontent.com/nestforge/community/main/VOUCHED.td)"
]
Breaking Change Analysis
None. This is an opt-in governance layer. It does not change the Rust compilation logic or existing framework APIs. It only affects the CI/CD workflow and community interaction policies.
Performance Impact
-
Parsing: The .td format is designed for $O(n)$ linear parsing. Using a simple line-iterator in Rust, parsing 10,000+ entries will take $<1ms$
-
Zero Runtime Overhead: No code is injected into the production binary.
Alternatives Considered
-
GitHub Interaction Limits: Too restrictive (blocks all new users). We want to allow new users if they are already trusted by our partners (Zig, Ghostty, etc.).
-
Manual Whitelisting: Doesn't scale and doesn't allow for a "Web of Trust" across different repositories.
Area
core
NestForge Version
1.9.0
Rust Version
1.87
Summary
To protect the NestForge ecosystem from low-quality AI-generated contributions, we need to implement Vouch: a community trust management system.
Inspired by the Trustdown (.td) format, this system will allow maintainers to vouch for or denounce contributors. Unvouched users will be restricted from certain interactions (e.g., opening PRs or Issues) until a trusted member of the community vouches for them.
Technical Spec
The implementation will focus on a decentralized, flat-file database and CLI integration.
1. The
VOUCHED.tdFormat:A minimal, line-based format stored in
.github/VOUCHED.td:username(Vouched)platform:username(Explicit platform, e.g.,github:vernonthedev)-username [reason](Denounced user with optional metadata)2. CLI Commands (
nf vouch):nf vouch check <user>: Returns exit code 0 (vouched), 1 (denounced), or 2 (unknown).nf vouch add <user> --write: Appends a user to the local trust list.nf vouch denounce <user> --reason "AI slop": Marks a user as untrusted.3. GitHub Action Integration:
check-pr: Automatically labels or closes PRs from unvouched users.manage-by-comment: Allows maintainers to trigger/vouch @useror/denounce @userdirectly from Issue/PR comments to update the.tdfile.4. Web of Trust Logic:
The CLI will support a
vouch.tomlconfig to include external trust lists:Breaking Change Analysis
None. This is an opt-in governance layer. It does not change the Rust compilation logic or existing framework APIs. It only affects the CI/CD workflow and community interaction policies.
Performance Impact
Alternatives Considered
GitHub Interaction Limits: Too restrictive (blocks all new users). We want to allow new users if they are already trusted by our partners (Zig, Ghostty, etc.).
Manual Whitelisting: Doesn't scale and doesn't allow for a "Web of Trust" across different repositories.