issues
search
slsa-framework
/
slsa
Supply-chain Levels for Software Artifacts
https://slsa.dev
Other
1.48k
stars
212
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
impl: Update amannn/action-semantic-pull-request action to v5.5.3
#1084
renovate-bot
opened
11 hours ago
1
content: update source-track objective to reference revisions and provenance.
#1083
zachariahcox
opened
18 hours ago
1
content: Source Track Draft
#1082
Nikokrock
opened
4 days ago
1
Clarify how previous changes get reviewed
#1081
TomHennen
opened
1 week ago
1
Clarify Robot Approval
#1080
TomHennen
opened
1 week ago
2
Clarify what must be retained during source migrations
#1079
TomHennen
opened
1 week ago
1
Create guidance for consumers on how to evaluate the source platform
#1078
TomHennen
opened
1 week ago
1
Clarify that self-hosted SCPs are allowed
#1077
TomHennen
opened
1 week ago
1
VCS and SCP concerns are mixed or too prescriptive
#1076
TomHennen
opened
1 week ago
1
Source control platforms also provide identity
#1075
TomHennen
opened
1 week ago
1
Clarify the 'merger' identity in source track
#1074
TomHennen
opened
1 week ago
1
Should the source track mention 'administrator robots'?
#1073
TomHennen
opened
1 week ago
1
Clarify source-track objective
#1072
TomHennen
opened
1 week ago
1
How to communicate SLSA source track metadata?
#1071
TomHennen
opened
1 week ago
2
Clarify the value of L1 in the source track
#1070
TomHennen
opened
1 week ago
2
Structure & formatting don't match the build track
#1069
TomHennen
opened
1 week ago
1
impl: Update actions/checkout action to v4.1.7
#1068
renovate-bot
closed
1 week ago
1
content: Add Source Track Level definitions
#1066
Nikokrock
opened
2 weeks ago
1
Clarify level 1 - getting started - Provenance Exists
#1064
abacchilb
opened
2 weeks ago
0
[docs] clarify which build level one will reach when using a provided GitHub Action
#1063
norbjd
opened
3 weeks ago
6
Clarify what "control plane" means
#1062
MarkLodato
opened
4 weeks ago
0
In spec address of tie-ins with OpenChain ISO 18974 and S2C2F
#1061
camaleon2016
opened
1 month ago
0
impl: Update dependency markdownlint-cli to v0.41.0
#1060
renovate-bot
closed
1 month ago
1
impl: Update actions/checkout action to v4.1.6
#1059
renovate-bot
closed
4 weeks ago
1
impl: bump rexml from 3.2.6 to 3.2.8
#1058
dependabot[bot]
closed
1 month ago
1
content: refactor threat diagram and add overview
#1057
MarkLodato
closed
3 weeks ago
10
content: re-add threats (A) and (B) from v0.1
#1056
MarkLodato
closed
1 month ago
1
impl: refactor diagram in figma (no visual change)
#1055
MarkLodato
closed
1 month ago
1
impl: Update actions/checkout action to v4.1.5
#1054
renovate-bot
closed
1 month ago
1
nonspec: clean up meeting notes page
#1053
MarkLodato
closed
1 month ago
1
impl: Update dependency markdownlint-cli to v0.40.0
#1052
renovate-bot
closed
1 month ago
1
content: Add attested build environments level requirements
#1051
marcelamelara
opened
1 month ago
2
impl: Update github-actions
#1050
renovate-bot
closed
2 months ago
1
fix: fixing typos
#1049
deining
closed
2 months ago
1
blog: Add blog post on Tekton Chains and IBM DevSecOps
#1048
lehors
closed
2 weeks ago
4
Google preferring v0.1 instead of v1.0
#1047
MarkLodato
opened
2 months ago
2
content: refine dependency threats
#1046
MarkLodato
closed
1 month ago
2
impl: add a script to easily diff two built sites
#1045
MarkLodato
closed
2 months ago
1
nonspec: Update meeting schedule on the community page.
#1044
kpk47
closed
2 months ago
1
SLSA YouTube playlist not updating
#1043
MarkLodato
opened
2 months ago
0
Source track attestation claims
#1042
laurentsimon
opened
2 months ago
2
Is "Source track" a misnomer?
#1041
kpk47
opened
3 months ago
4
How should the Source track address merge strategies?
#1040
kpk47
opened
3 months ago
5
Unclear difference between dependency and package threats
#1039
NVolcz
opened
3 months ago
9
impl: bump nokogiri from 1.15.5 to 1.15.6 in /docs
#1038
dependabot[bot]
closed
2 months ago
1
content: Add draft of the Source track.
#1037
kpk47
closed
19 hours ago
12
Consolidate meetings
#1036
kpk47
closed
2 months ago
4
impl: Update dependency github-pages to v231
#1033
renovate-bot
closed
2 months ago
2
impl: fix comparison instructions
#1032
MarkLodato
closed
4 months ago
2
impl: add instructions on how to diff builds
#1031
MarkLodato
closed
4 months ago
1
Next