-
URL: [https://www.sciencedirect.com/science/article/pii/S0167739X17314917](https://www.sciencedirect.com/science/article/pii/S0167739X17314917)
# This paper does
This paper discussing reproduci…
-
An ecosystem structure would facilitate the modularization of software into feature driven packages that could then be related in terms of their functional and conceptual inter-dependencies.
This w…
MKLau updated
7 years ago
-
# Reproduction
We use the `macaron analyze` command under the use case of "user providing both a PackageURL to identify a software component and a repo URL explicitly".
```
macaron analyze \
…
-
### Description
Add table/column remarks for core waltz schema
- [x] access_log
- [x] actor
- [x] allocation
- [x] allocation_scheme
- [x] application
- [x] application_group
- [x] applica…
-
## Update proposal for BIDS Prov (BEP028)
By @yarikoptic in https://github.com/bids-standard/BEP028_BIDSprov/issues/125#issuecomment-2492133921
* dissolving "Justification for Separating Provenance…
-
These comments on the sections related to black box models made on the version which was live on Friday 8 November 2024. The sections outlined below are what was covered.
**Definitions**
- [ ] A…
-
In addition to existing formats, it'd be handy to have scorecards result emitted as an in-toto attestation. The attestation framework is described here: https://github.com/in-toto/attestation.
## W…
-
I'm trying to fit classic "pwn request" in an existing Build Threat (https://slsa.dev/spec/v1.0/threats#e-compromise-build-process) and it's not 100% clear in which one it neatly fits in.
It clearl…
-
### Problem
> Any software can introduce vulnerabilities into a supply chain. As a system gets more complex, it’s critical to already have checks and best practices in place to guarantee artifact i…
rugk updated
5 months ago
-
Created based on discussions in https://github.com/slsa-framework/slsa/pull/376#discussion_r861836404 and https://github.com/slsa-framework/slsa/pull/376#discussion_r861843826
### Definitions from …