Skip to content

Issues: slsa-framework/slsa

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
37 Open 46 Closed
37 Open 46 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Clarify 'dependencies complete' at L4 clarification Clarification of the spec, without changing meaning slsa 4 Applies to a SLSA 4 requirement
#326 opened Mar 16, 2022 by TomHennen
4
v0.2: Simplify terminology and concepts: "platform" vs "service", "trusted person", "non-falsifiable", etc. clarification Clarification of the spec, without changing meaning
#306 opened Mar 1, 2022 by MarkLodato [DEPRECATED] SLSA spec v1.0
9
How does SLSA fit into broader supply chain security? clarification Clarification of the spec, without changing meaning
#276 opened Jan 26, 2022 by MarkLodato
10
Add Bad Design as a supply chain scenario blocked Blocked by another issue clarification Clarification of the spec, without changing meaning
#249 opened Dec 14, 2021 by moshe-apiiro
16
Project maintainer package vs. Distribution package applied ruling Documentation of how a specific case maps into SLSA clarification Clarification of the spec, without changing meaning
#235 opened Dec 1, 2021 by mlieberman85 SLSA spec backlog
15
Define more cases for well-understood automatic or reviewless merges clarification Clarification of the spec, without changing meaning slsa 4 Applies to a SLSA 4 requirement
#234 opened Nov 30, 2021 by simonbasle
1
How to convey build service guarantees via attestations attestation Updates to attestation formats clarification Clarification of the spec, without changing meaning
#211 opened Nov 8, 2021 by MarkLodato
1
Differentiate between "data owner" and "system admin"? clarification Clarification of the spec, without changing meaning slsa 4 Applies to a SLSA 4 requirement
#110 opened Jul 26, 2021 by MarkLodato SLSA spec backlog
1
"hermetic" term, ambiguity clarification Clarification of the spec, without changing meaning
#60 opened Jun 17, 2021 by vielmetti
2
Provide audience-specific "how to" guidance clarification Clarification of the spec, without changing meaning
#39 opened May 29, 2021 by dlorenc
6
Add rationale and examples for all of the requirements clarification Clarification of the spec, without changing meaning
#20 opened Apr 14, 2021 by MarkLodato SLSA spec backlog
5
Digital signatures? At least cite sigstore clarification Clarification of the spec, without changing meaning slsa 1 Applies to a SLSA 1 requirement
#15 opened Apr 3, 2021 by david-a-wheeler
1
ProTip! Adding no:label will show everything without a label.