The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously improve the S2C2F guide which outlines and defines how to securely consume Open Source Software (OSS) dependencies into the developer’s workflow.
Other
167
stars
23
forks
source link
Discuss with OpenSSF TAC about our plans to submit an Exploratory Report to the PAS process for International Standardization #43
Ensure TAC is aware that S2C2F is stable, and also make TAC aware of possible opportunities to have SLSA join the international standardization alongside the S2C2F.
Ensure TAC is aware that S2C2F is stable, and also make TAC aware of possible opportunities to have SLSA join the international standardization alongside the S2C2F.