✕

Version 1.1 is the current version. See the Version 1.1 documentation.

What's new

This document describes the major changes brought by SLSA 1.2 RC2 relative to the prior release v1.1 and the prior release candidate v1.2 RC1.

Summary of changes since v1.2 RC1

Improved instructions for verifying source VSAs.
Reorganized the Source Track levels. Level 2 now focuses on history and provenance while Level 3 focuses on continuous enforcement of technical controls.
Moved example source controls to their own page.
Minor copy editing improvements.

Summary of changes since v1.1

Addition of the Source Track which helps organizations secure their source code development process and consumers establish trust in that source.
Updated the threat model to account for the threats mitigated by the Source Track.
Improved the structure of the spec to accommodate multiple tracks.

‹ SLSA v1.2 RC2 About SLSA ›