There’s an active community of members, contributors and collaborators behind the SLSA framework. We’re drawn together by the shared goals of improving software supply chain security and codifying best practices for development, deployment and governance, all collaborating on an objective framework that works for open source projects and organizations, influences policy and regulations, empowers engineers and builds for the future. Learn about and get involved in the SLSA community.| SLSA
Description of SLSA provenance specification for verifying where, when, and how something was produced.| SLSA
SLSA is a specification for describing and incrementally improving supply chain security, established by industry consensus. It is organized into a series of levels that describe increasing security guarantees. This is version 1.0 of the SLSA specification, which defines the SLSA levels.| SLSA
Today, we are excited to announce the important milestone of a release candidate (RC) SLSA Specification. This is the first major update to SLSA since its v0.1 release in June 2021, and the RC finalizes multiple revisions to the SLSA specifications and requirements. We’re grateful for the huge community engagement that went into shaping this work.| SLSA