package-analysis icon indicating copy to clipboard operation
package-analysis copied to clipboard
verified publisher icon ossf

Record analysis runs in Transparency log - Rekor

Open naveensrinivasan opened this issue 4 years ago • 2 comments

Record analysis runs in the Transparency log https://github.com/sigstore/rekor

naveensrinivasan avatar Oct 31 '21 14:10 naveensrinivasan

in-toto attestations for scans https://github.com/in-toto/attestation/issues/58

naveensrinivasan avatar Nov 02 '21 16:11 naveensrinivasan

I think this is important, but needs to come after milestone 5 when we have a more formal data structure.

calebbrown avatar Dec 21 '22 00:12 calebbrown