laurentsimon
commented
1 year ago Also, the v1 specs indicate which fields to record so that we may not have to mask sensitive fields at all: for example, it does not ask to record the actor
Open laurentsimon opened 1 year ago
laurentsimon
commented
1 year ago Also, the v1 specs indicate which fields to record so that we may not have to mask sensitive fields at all: for example, it does not ask to record the actor
Besides vars and inputs, there are other objects to populate based on the event type, see https://github.com/slsa-framework/slsa/blob/main/docs/github-actions-workflow/v1-rc1.md