Difference between revisions of "Provenance attestation"

From wikieduonline

Jump to navigation Jump to search

Revision as of 19:21, 27 October 2024

Provenance attestation

https://docs.docker.com/build/metadata/attestations/slsa-provenance/

Provenance attestations include facts about the build process, including details such as:

Build timestamp
Build parameters and environment
Version control metadata
Source code details
Materials (files, scripts) consumed during the build

Provenance attestation (https://slsa.dev/provenance/v0.2) with max mode exists
slsa.dev
SBOM Attestations

See also

Docker Scout, SBOM Attestation (Supply Chain Attestations remediation), Provenance attestation

Retrieved from "https://www.wikieduonline.com/index.php?title=Provenance_attestation&oldid=352903"

Docker Scout

Advertising: