... | ... | @@ -1309,6 +1309,12 @@ the time of writing, by: |
|
|
[Santiago Torres]: https://github.com/SantiagoTorres
|
|
|
[Bob Callaway]: https://github.com/bobcallaway
|
|
|
|
|
|
Similar projects:
|
|
|
|
|
|
* [SLSA](https://slsa.dev/), which has a well documented [threat model](https://slsa.dev/spec/v0.1/threats)
|
|
|
* [Trillian](https://github.com/google/trillian-examples) (Google)
|
|
|
* [sigsum](https://www.sigsum.org/), similar to sigstore, but more minimal
|
|
|
|
|
|
### Other caveats
|
|
|
|
|
|
Also note that git has limited security guarantees regarding
|
... | ... | |