Closed SecurityCRob closed 3 months ago
What do we consider a "consistent release cadence" to be? I believe this needs to be less subjective. Are we thinking at least once a year? every couple of years?
Way may want to have them either point to a Specific SLSA Track in the framework, point to the use of a different framework and justify why. If the desire is to use the SLSA framework then the track used and adherence to the track should be discussed in previous stages. Consider feasibility stage and security requirements.
6 of 9 tac members approved, merging
suggested changes to graduated projects template