The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously improve the S2C2F guide which outlines and defines how to securely consume Open Source Software (OSS) dependencies into the developer’s workflow.
The OpenSSF governance structure now provides for specification development work to take place in Projects rather than SIGs (see TAC PR#225). The mailing list will need to be renamed accordingly.
The OpenSSF governance structure now provides for specification development work to take place in Projects rather than SIGs (see TAC PR#225). The mailing list will need to be renamed accordingly.