To me this sounds like the most vital thing to improve trust. Having browser developers review all the source code in detail is unrealistic, and even then, won't defeat underhanded programming (is it a bug or a deliberate vulnerability?). Legal accountability combined with auditability at least provide a deterrent to publishing malicious software.
