Today we’re pleased to announce the release of SLSA Version 1.2, the latest version of the SLSA specification.
With the introduction of the Source Track, SLSA v1.2 represents a major milestone in the development of SLSA. The Source Track covers threats from the authoring and reviewing and management of source code. For more details on how SLSA addresses these threats please refer to Threats & mitigations.
Please, refer to the What’s new section for further details.
SLSA v1.2 is backwards compatible with SLSA v1.1.
The SLSA specification follows the Community Specification lifecycle going through several stages of maturation. This release is the culmination of that process. During the development of SLSA v1.2 we received and addressed feedback from the community. We’d like to thank everyone that took the time to review the release candidates and PRs and everyone that contributed to its development.
After today’s release development of the SLSA specification continues with the development of the Build Environment Track and the Dependency Track. Learn how you can get involved with their development.