Issues: slsa-framework/slsa
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
Update supply-chain-threats.svg to reflect current 1.0 scope
clarification
Clarification of the spec, without changing meaning
#1004
opened Nov 30, 2023 by
cqueern
Clarify threat model by highlighting trust boundaries
clarification
Clarification of the spec, without changing meaning
#992
opened Oct 23, 2023 by
MarkLodato
Clarify Provenance is Unforgeable requirements at Build L3
#986
opened Oct 12, 2023 by
marcelamelara
Workstream: Build Platform Operations Track
workstream
Major effort comprising multiple sub-issues
#985
opened Oct 11, 2023 by
MarkLodato
Workstream: SLSA Build L4
workstream
Major effort comprising multiple sub-issues
#977
opened Oct 9, 2023 by
MarkLodato
3 tasks
Workstream: Hardware Attested Platforms
workstream
Major effort comprising multiple sub-issues
#975
opened Oct 3, 2023 by
chkimes
1 task
Clarify where to use SLSA Provenance vs. VSA
clarification
Clarification of the spec, without changing meaning
#974
opened Oct 3, 2023 by
joshuagl
Clarifying values of Updates to attestation formats
vsa
Applies to SLSA VSA spec
verifiedLevels
in VSA v1
attestation
#968
opened Sep 20, 2023 by
AdamZWu
Workstream: Dependency Track
workstream
Major effort comprising multiple sub-issues
#961
opened Aug 28, 2023 by
kpk47
Clarifying common builder pitfalls regarding source material reporting
dependencies
Pull requests that update a dependency file
slsa 4
Applies to a SLSA 4 requirement
#959
opened Aug 25, 2023 by
AdamZWu
Workstream: Source Track
workstream
Major effort comprising multiple sub-issues
#956
opened Aug 22, 2023 by
kpk47
1 task
Rename "hosted" to "dedicated"?
clarification
Clarification of the spec, without changing meaning
#947
opened Aug 17, 2023 by
MarkLodato
Standardize Applies to SLSA provenance spec
externalParameters
for CI/CD builds
provenance
#940
opened Aug 4, 2023 by
MarkLodato
Fix broken links to .md files
shovel-ready
Good issues for newcomers
website
Issues with the slsa.dev website
#938
opened Aug 3, 2023 by
MarkLodato
discussion: How to interpret "was built from the official source and build process" in Build L3
#926
opened Jul 21, 2023 by
behnazh-w
Workstream: Release SLSA v1.1
workstream
Major effort comprising multiple sub-issues
#900
opened Jul 6, 2023 by
kpk47
3 of 7 tasks
Discussion: Possibly ambiguous language regarding the use of cache artifacts
#894
opened Jun 29, 2023 by
adityasaky
discussion: Verifying package names
discussion
policy
Policy / verification of provenance
#891
opened Jun 28, 2023 by
ianlewis
Previous Next
ProTip!
Mix and match filters to narrow down what you’re looking for.