-
### Summary of the new feature / enhancement
> As an infrastructure engineer, I want to be able to review a software bill of materials (SBOM) for a resource before I use it in my production environme…
-
### What is the problem this feature will solve?
@adamginsburg and I were discussing propagation of provenance through calculations using `Quantity` objects. It would be useful for data (i.e., `Qua…
-
This issue tracks the PS SSDF items and will also contain more detail for them:
Work that addresses these items can reference this epic issue.
- PS.1.1: Store all forms of code, including source…
-
[D5.2](https://zenodo.org/records/10047401) p22+p31
## Detailed Description
Good provenance metadata clarifies the origins and intent behind the development of the software, and establishes auth…
-
# Summary
This proposal describes Reference Value Provider Service, a key component to generating reference value, which handles different provenances, extracts reference value, and sends it to Attes…
-
### Summary
Hi there! I wonder if scicookie as a cookiecutter template could generate SLSA3 provenance for Python-based build artifacts (the source distribution and wheels) in the template files by d…
-
When I saw that there was a new field `was_generated_by` I initially thought that this was meant for storing information about which package was used for creating an nwb file, e.g pynwb, matnwb or NWB…
-
### Your idea
- https://github.com/bids-standard/bids-2-devel/issues/80#issuecomment-2437597659
and reflecting on
- https://github.com/bids-standard/bids-specification/pull/440
for GeneratedBy to b…
-
## 📚 Context
### Problem:
Currently, there is a lack of visibility into the build process and contents of Docker images used in the project. This makes it challenging to assess the security ris…
-
[Issue28](https://github.com/oasis-tcs/osim/issues/28) proposes we have a place to start defining terms.
[Issue29](https://github.com/oasis-tcs/osim/issues/29) proposes to define the term "software …