Open TomHennen opened 2 weeks ago
More a follow up question about the current text:
Administrators have the ability to expunge (remove) content from a repository and its change history without leaving a record of the removed content.
I'm trying to understand the "without leaving a record" requirement. Would we have no trace of an object whatsoever? As in, not even its git ID / digest?
In https://github.com/slsa-framework/slsa/pull/1094#discussion_r1722170324 @marcelamelara said
Let's make sure we're happy with this process before release.