Skip to content

Issues: slsa-framework/slsa

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

164 Open 214 Closed
164 Open 214 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

Google preferring v0.1 instead of v1.0 website Issues with the slsa.dev website
#1047 opened Apr 15, 2024 by MarkLodato
2
SLSA YouTube playlist not updating website Issues with the slsa.dev website
#1043 opened Apr 8, 2024 by MarkLodato
Source track attestation claims
#1042 opened Apr 8, 2024 by laurentsimon
1
Is "Source track" a misnomer?
#1041 opened Mar 29, 2024 by kpk47
4
How should the Source track address merge strategies?
#1040 opened Mar 28, 2024 by kpk47
4
Unclear difference between dependency and package threats
#1039 opened Mar 27, 2024 by NVolcz
9
Facilitating the sharing of SLSA user experiences
#1030 opened Feb 12, 2024 by lehors
5
Adding a list of SLSA implementations
#1029 opened Feb 12, 2024 by lehors
3
Slack invite is invalid
#1020 opened Feb 2, 2024 by mlieberman85
Can we use Sigstore (fulcio) certificates as SLSA provenance?
#1019 opened Jan 26, 2024 by kpk47
24
Should the source track treat open and closed source projects differently?
#1018 opened Jan 25, 2024 by kpk47
6
Allow exploded package descriptor as alternative to resource descriptor URI
#1017 opened Jan 19, 2024 by laurentsimon
3
Clarify Attestation Immutability
#1016 opened Jan 8, 2024 by chizou
2
Addressing custom extension fields
#1015 opened Jan 5, 2024 by pxp928
5
Add non-normative examples in the SLSA specifications
#1012 opened Dec 18, 2023 by Nikokrock
1
Comprehensively describe how verification works
#1011 opened Dec 15, 2023 by arewm
2
Clarifications for using tracks sparingly
#1010 opened Dec 12, 2023 by arewm
4
Update supply-chain-threats.svg to reflect current 1.0 scope clarification Clarification of the spec, without changing meaning
#1004 opened Nov 30, 2023 by cqueern
2
Clarify threat model by highlighting trust boundaries clarification Clarification of the spec, without changing meaning
#992 opened Oct 23, 2023 by MarkLodato
Clarify Provenance is Unforgeable requirements at Build L3
#986 opened Oct 12, 2023 by marcelamelara
8
Workstream: Build Platform Operations Track workstream Major effort comprising multiple sub-issues
#985 opened Oct 11, 2023 by MarkLodato
Document how to do SLSA for ML and highlight gaps
#978 opened Oct 9, 2023 by MarkLodato
1
Workstream: SLSA Build L4 workstream Major effort comprising multiple sub-issues
#977 opened Oct 9, 2023 by MarkLodato
3 tasks
@david-a-wheeler
6
Workstream: Hardware Attested Platforms workstream Major effort comprising multiple sub-issues
#975 opened Oct 3, 2023 by chkimes
1 task
1
@chkimes @marcelamelara
27
Clarify where to use SLSA Provenance vs. VSA clarification Clarification of the spec, without changing meaning
#974 opened Oct 3, 2023 by joshuagl
6
ProTip! no:milestone will show everything without a milestone.