Skip to content

Milestones

List view

  • Next release

    Milestone for next release. Not particular features, mostly updates, fixes and improvements

    No due date
    9/15 issues closed
    60% complete6 open9 closed

  • BYOB framework GA

    No due date
    2/15 issues closed
    13% complete13 open2 closed

  • Node.js builder GA

    This milestone will add a new reusable workflow to build and publish Node.js npm packages with that means the provenance requirements for SLSA Level 3 by simply adding a new job to their existing GitHub Actions workflow. This will serve as the "Trusted Builder" for npm RFC-0049.

    No due date
    17/19 issues closed
    89% complete2 open17 closed

  • Bazel builder GA

    A SLSA compliant builder for https://bazel.build/ projects, using v1.0 specs

    No due date
    4/7 issues closed
    57% complete3 open4 closed

  • Gradle builder GA

    Gradle Java builder, using BYOB framework

    No due date
    3/4 issues closed
    75% complete1 open3 closed

  • Maven package builder GA

    A builder to build and publish packages to Maven central, using the BYOB framework

    No due date
    0/1 issues closed
    0% complete1 open0 closed

  • BYOB framework pre-release

    A framework to bring / build your own builder, allowing existing tools / GitHub Actions to be safely wrapped into a SLSA level 3 reusable workflow.

    No due date
    40/48 issues closed
    83% complete8 open40 closed

  • Support for SLSA v1.0

    This milestone tracks support for SLSA v1.0

    No due date
    2/9 issues closed
    22% complete7 open2 closed

  • Dockerfile builder

    A new reusable workflow will be developed (likely in another repository) to build Docker images from a Dockerfile. This will add a new Dockerfile builder workflow which will allow OSS projects to generate provenance for their Docker images that satisfies the provenance requirements for [SLSA Level 3](https://slsa.dev/spec/v0.1/levels). This workflow will use the [BYOB framework](https://github.com/slsa-framework/slsa-github-generator/milestone/11).

    No due date
    0/1 issues closed
    0% complete1 open0 closed

  • Docker image based builds for arbitrary binaries

    Add the ability to execute builds by running a Docker image and generate provenance for the build. This will add a new container workflow which will allow projects to build artifacts using a docker image and generate provenance for SLSA Level 3.

    No due date
    5/10 issues closed
    50% complete5 open5 closed