Macaron is an extensible supply-chain security analysis framework from Oracle Labs that supports a wide range of build systems and CI/CD services. It can be used to prevent supply chain attacks, detect malicious Python packages, or check conformance to frameworks, such as SLSA. Documentation:
We are planning to add some tutorials for Macaron that demonstrate some main use cases of Macaron. These tutorials will mainly target new users.
In these tutorials, we can, for example, walk new users through how to: