issues
search
slsa-framework
/
slsa
Supply-chain Levels for Software Artifacts
https://slsa.dev
Other
1.53k
stars
222
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
blog: Dependency Confusion and Typosquatting Attacks
#1109
meder
closed
3 weeks ago
5
Getting Triage access to this repo
#1108
marcelamelara
closed
1 month ago
2
What is the best term to describe a build runtime environment's storage?
#1107
marcelamelara
opened
1 month ago
0
impl: build(deps-dev): bump rexml from 3.2.8 to 3.3.3 in /docs
#1106
dependabot[bot]
closed
1 month ago
2
Discussion on path to S2C2F aligning with SLSA as its dependency track
#1105
camaleon2016
opened
2 months ago
5
build(deps-dev): bump rexml from 3.2.8 to 3.3.2 in /docs
#1104
dependabot[bot]
closed
1 month ago
2
Translate SLSA to Chinese
#1103
linghaokong1
opened
2 months ago
2
Codifying organization and repositories
#1102
haydentherapper
opened
2 months ago
5
Proposing new org members for tooling
#1101
haydentherapper
closed
2 months ago
4
Audit org members
#1100
mlieberman85
opened
2 months ago
0
Repository vs. project: review and define as appropriate
#1099
joshuagl
opened
2 months ago
0
impl: Update actions/setup-node action to v4.0.3
#1098
renovate-bot
closed
2 months ago
1
content: source track draft: simplify and clarify level goals
#1097
zachariahcox
closed
1 month ago
8
nonspec: add instructions for checking markdown formatting
#1096
TomHennen
closed
2 months ago
1
should the source track focus on "proposed changes" or "sequences of revisions?"
#1095
zachariahcox
opened
2 months ago
0
content: draft: define how downstream users can verify the SLSA source track level of revisions
#1094
TomHennen
closed
6 days ago
6
nonspec: Document the spec versions management
#1093
lehors
closed
1 month ago
1
content: Add v1.1 without source track
#1092
lehors
closed
2 months ago
5
nonspec: Add TomHennen as a maintainer
#1091
TomHennen
closed
2 months ago
3
impl: Rename latest draft (v1.1) to draft
#1090
lehors
closed
2 months ago
1
Enable codeowners restriction for pull request review?
#1089
TomHennen
opened
2 months ago
1
content: source track v.next draft, address remainder of pre-merge issues
#1088
zachariahcox
closed
2 months ago
3
editorial: Expand SLSA acronym in docs
#1087
swickersh
closed
2 months ago
1
Create SLSA Draft specification
#1086
arewm
closed
2 months ago
2
what is the process for getting added to a role in slsa-framework/slsa?
#1085
zachariahcox
closed
3 months ago
2
impl: Update amannn/action-semantic-pull-request action to v5.5.3
#1084
renovate-bot
closed
3 months ago
1
content: draft: define source-track objective in terms of revisions and provenance.
#1083
zachariahcox
closed
2 months ago
1
content: Source Track Draft
#1082
Nikokrock
opened
3 months ago
3
Clarify how previous changes get reviewed
#1081
TomHennen
opened
3 months ago
2
Clarify Robot Approval
#1080
TomHennen
closed
3 weeks ago
4
Clarify what must be retained during source migrations
#1079
TomHennen
opened
3 months ago
2
Create guidance for consumers on how to evaluate the source platform
#1078
TomHennen
opened
3 months ago
2
Clarify that self-hosted SCPs are allowed
#1077
TomHennen
closed
1 month ago
3
VCS and SCP concerns are mixed or too prescriptive
#1076
TomHennen
closed
3 weeks ago
3
Source control platforms also provide identity
#1075
TomHennen
closed
1 month ago
2
Clarify the 'merger' identity in source track
#1074
TomHennen
closed
3 weeks ago
3
Should the source track mention 'administrator robots'?
#1073
TomHennen
closed
3 weeks ago
2
Clarify source-track objective
#1072
TomHennen
closed
2 months ago
1
How to communicate SLSA source track metadata?
#1071
TomHennen
closed
6 days ago
2
Clarify the value of L1 in the source track
#1070
TomHennen
closed
3 weeks ago
3
Structure & formatting don't match the build track
#1069
TomHennen
opened
3 months ago
2
impl: Update actions/checkout action to v4.1.7
#1068
renovate-bot
closed
3 months ago
1
content: Add Source Track Level definitions
#1066
Nikokrock
opened
3 months ago
1
Clarify level 1 - getting started - Provenance Exists
#1064
abacchilb
opened
3 months ago
3
[docs] clarify which build level one will reach when using a provided GitHub Action
#1063
norbjd
opened
4 months ago
6
Clarify what "control plane" means
#1062
MarkLodato
opened
4 months ago
0
In spec address of tie-ins with OpenChain ISO 18974 and S2C2F
#1061
camaleon2016
opened
4 months ago
0
impl: Update dependency markdownlint-cli to v0.41.0
#1060
renovate-bot
closed
4 months ago
1
impl: Update actions/checkout action to v4.1.6
#1059
renovate-bot
closed
4 months ago
1
impl: bump rexml from 3.2.6 to 3.2.8
#1058
dependabot[bot]
closed
4 months ago
1
Previous
Next