v1.0/github-verified certification

Prove what you shipped.

Not what your résumé says you shipped.

Journeymen grades real projects against server-verified GitHub history — merged PRs, commit timestamps, authorship — so a certificate here means something a LinkedIn skill badge never could.

$see how it works
3 confidence tiers
server-verified
not a single number

certification document

A grade you can actually trust

No blended 92/100. Every certificate breaks down into three confidence tiers, each labeled by exactly how sure we are — mirroring how the analysis engine itself tags its findings.

Verified via GitHub

Merged PRs and commit timestamps confirmed directly against GitHub's API.

Self-reported, cross-checked

Local git history, sanity-checked for organic commit cadence.

Inferred

Qualitative structure reads, like README-vs-code consistency.

orbit-scheduler — sample certificationrubric 0.4.0
Verified via GitHub
38/40

Independently re-confirmed against GitHub's own API — never taken on the CLI's word.

Verified third-party contribution38/40
Self-reported, cross-checked
40/45

From the CLI's local git analysis, spot-checked for organic timing rather than trusted outright.

Solo / owned-repo contribution22/25
Recency & breadth18/20
Inferred
14/15

Qualitative signal from Graphify's structural read of the codebase, not a verified fact.

Structural quality14/15
README-vs-graph consistencyNo penalty

process

From local repo to verified certificate

01

OAuth through GitHub — the same identity the CLI authenticates as. One-time.

02

Reads local git history and shows you exactly what it found before sending anything.

03

Anything GitHub can confirm — merged PRs, commit timestamps — is re-verified server-side.

04

Every grade shows what's verified, self-reported, and inferred — never collapsed into one score.

threat model

Built to resist gaming, not just impress

Every design decision is pressure-tested against “how would someone game this.” Four known vectors, and how each is closed:

vectormitigation
!fork-and-claim

Commit SHAs and push timestamps are cross-checked directly against GitHub's server-side history.

!solo-repo inflation

Owned-repo contribution is always graded at a lower-confidence tier than third-party-verified work.

!merged-PR forgery

PR credit is only ever granted by querying GitHub's actual PR object — never taken on the CLI's word.

!README mismatch

Graphify's structural graph is checked automatically against every scope claim the README makes.

get certified

Ready to prove it?

Join developers who let their work speak for itself.