Skip to content

Issues: slsa-framework/slsa

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
37 Open 46 Closed
37 Open 46 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Clarification for completeness of builder ID clarification Clarification of the spec, without changing meaning
#1261 opened Dec 16, 2024 by arewm
What is the best term to describe a build runtime environment's storage? build-environment-track Issues/PRs related to the SLSA BuildEnv track clarification Clarification of the spec, without changing meaning
#1107 opened Aug 6, 2024 by marcelamelara
@marcelamelara
Clarify what "control plane" means clarification Clarification of the spec, without changing meaning
#1062 opened May 30, 2024 by MarkLodato
Update supply-chain-threats.svg to reflect current 1.0 scope clarification Clarification of the spec, without changing meaning
#1004 opened Nov 30, 2023 by cqueern
2
Clarify threat model by highlighting trust boundaries clarification Clarification of the spec, without changing meaning
#992 opened Oct 23, 2023 by MarkLodato
Clarify where to use SLSA Provenance vs. VSA build-environment-track Issues/PRs related to the SLSA BuildEnv track clarification Clarification of the spec, without changing meaning source-track
#974 opened Oct 3, 2023 by joshuagl
6
Rename "hosted" to "dedicated"? build-environment-track Issues/PRs related to the SLSA BuildEnv track clarification Clarification of the spec, without changing meaning
#947 opened Aug 17, 2023 by MarkLodato
23
Consistency: "attestation" vs "provenance attestation" vs "provenance" clarification Clarification of the spec, without changing meaning
#758 opened Mar 28, 2023 by MarkLodato
4
SLSA V1.0 - relationship between SLSA level in builder.id and VSAs clarification Clarification of the spec, without changing meaning
#752 opened Mar 27, 2023 by khalkie
2
Review use of terminology associated with the build word clarification Clarification of the spec, without changing meaning
#714 opened Mar 21, 2023 by Nikokrock
@MarkLodato
5
Clarify "inventory" claim of SLSA Build L1 clarification Clarification of the spec, without changing meaning
#709 opened Mar 20, 2023 by MarkLodato
SLSA v1: Explain that you must define a security model for your build system clarification Clarification of the spec, without changing meaning
#706 opened Mar 20, 2023 by MarkLodato
@MarkLodato
10
Recommend SPDX and CycloneDX for BOM links in byproducts clarification Clarification of the spec, without changing meaning shovel-ready Issues ready to be resolved
#691 opened Mar 15, 2023 by MarkLodato
@MarkLodato
10
Clarification of diagram and terminology clarification Clarification of the spec, without changing meaning
#682 opened Mar 13, 2023 by laurentsimon
2
resolvedDependencies clarification clarification Clarification of the spec, without changing meaning status:waiting-for-answer This issue is blocked by feedback from a user.
#681 opened Mar 13, 2023 by laurentsimon
5
Common Requirements track is missing from Future Directions clarification Clarification of the spec, without changing meaning
#674 opened Mar 8, 2023 by seaylg
3
Feedback on v1.0 RC clarification Clarification of the spec, without changing meaning
#653 opened Mar 1, 2023 by jchestershopify
4
Clarify: supply chain represented as a DAG (Direct Acyclic Graph) clarification Clarification of the spec, without changing meaning
#647 opened Feb 27, 2023 by kommendorkapten
Provenance: clarify parameters can point to the source of the parameter clarification Clarification of the spec, without changing meaning provenance Applies to SLSA provenance spec
#397 opened Jun 9, 2022 by samwhite-gl Provenance v1.0
@MarkLodato
2
Clarify (and scope?) "policy" as referenced in provenance format specification (v0.2) clarification Clarification of the spec, without changing meaning
#394 opened Jun 8, 2022 by joshuagl
Request for more detail in definition of "build service" clarification Clarification of the spec, without changing meaning slsa 2 Applies to a SLSA 2 requirement
#369 opened Apr 15, 2022 by bobcatfish SLSA spec backlog
2
What counts as service generated? clarification Clarification of the spec, without changing meaning slsa 2 Applies to a SLSA 2 requirement
#365 opened Apr 14, 2022 by mlieberman85
1
Question on blob post about "Service Generated" clarification Clarification of the spec, without changing meaning slsa 2 Applies to a SLSA 2 requirement
#362 opened Apr 13, 2022 by laurentsimon
26
Provide guidance on level of granularity for "build" clarification Clarification of the spec, without changing meaning
#351 opened Apr 6, 2022 by MarkLodato
1
Provenance: better guidance on what should and should not go in materials clarification Clarification of the spec, without changing meaning provenance Applies to SLSA provenance spec
#350 opened Apr 6, 2022 by MarkLodato Provenance v1.0
@MarkLodato
1
ProTip! Type g p on any issue or pull request to go back to the pull request listing page.