Bug#1019904: ITP: slsa-verifier -- Verifies SLSA provenance (slsa.dev)

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1019904: ITP: slsa-verifier -- Verifies SLSA provenance (slsa.dev)
From: Laurent Simon <laurentsimon@google.com>
Date: Fri, 16 Sep 2022 00:12:58 +0000
Message-id: <[🔎] 166328717888.1765042.18295533460516290814.reportbug@laurentsimon.c.googlers.com>
Reply-to: Laurent Simon <laurentsimon@google.com>, 1019904@bugs.debian.org

Package: wnpp
Severity: wishlist
Owner: Laurent Simon <laurentsimon@google.com>
X-Debbugs-Cc: debian-devel@lists.debian.org, laurentsimon@google.com

* Package name    : slsa-verifier
  Version         : 2.0.0
* URL             : https://github.com/slsa-framework/slsa-verifier
* License         : Apache License 2.0
* Programming Lang: Go
  Description     : Verifies SLSA provenance

Supply chain Levels for Software Artifacts, or SLSA (salsa).
It’s a security framework, a check-list of standards and controls to prevent tampering, improve integrity, and secure packages and infrastructure in your projects, businesses or enterprises.

The slsa-verifier project is a utility to verify SLSA provenance generated by builders:
- Google Cloud Builders
- GitHub native builders
(https://github.com/slsa-framework/slsa-github-generator).

How do you plan to maintain it? Inside the Go packaging team

Are you looking for co-maintainers? No

Do you need a sponsor? I already have one.

Reply to:

Prev by Date: Bug#1019902: ITP: golang-github-emersion-go-imap-move -- MOVE extension for go-imap
Next by Date: Bug#1019905: ITP: golang-github-emersion-go-imap-quota -- QUOTA extension for go-imap
Previous by thread: Bug#1019902: ITP: golang-github-emersion-go-imap-move -- MOVE extension for go-imap
Next by thread: Bug#1019905: ITP: golang-github-emersion-go-imap-quota -- QUOTA extension for go-imap
Index(es):
- Date
- Thread