Hi There,
SLSA 1.0 has some breaking changes that conflict with some Build Profile
terms. Specifically, some provenance terms have been lifted off SLSA 0.2
that have now been removed from SLSA 1.0
<https://slsa.dev/spec/v1.0/provenance#v10>. I would like to re-align
the SPDX 3.0 build profile with SLSA 1.0. Should we restart the build
profile meetings for this?
---
nisha
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#5693): https://lists.spdx.org/g/Spdx-tech/message/5693
Mute This Topic: https://lists.spdx.org/mt/107795144/21656
Group Owner: [email protected]
Unsubscribe: https://lists.spdx.org/g/Spdx-tech/unsub [[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
