| CARVIEW |
Select Language
HTTP/2 200
date: Sun, 28 Dec 2025 08:45:19 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With,Accept-Encoding, Accept, X-Requested-With
etag: W/"14562dfba617b73c0dab78d280ceab09"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: no-referrer-when-downgrade
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com github.githubassets.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com wss://alive-staging.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com marketplace-screenshots.githubusercontent.com/ copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com github.githubassets.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
server: github.com
content-encoding: gzip
accept-ranges: bytes
set-cookie: _gh_sess=53nB42a%2FoOwwTelkcWer6mWsKSs%2BUfey5vjYqPJUVOs3d0OZPWFr7p4jDrnH5R%2BXLAOIW2PScrZ9yAmNumqLKkUSC0fMckJEYoX00wWG4hvBfcAf5jBuK76NzVfGYLKTgdaf1nv2Kyi3gtg2Iu3QitL%2FKcybSAqHQxdl%2FwA3JX8kllfiJjr8LhxLka9tWLuwx3WwiL7DABvuPWpfyjFMFInYceHzU%2F3bo%2FsQ8uREeYRQS0d9xRQtN6KeKptiKj6Q2hFHXFy%2BSCaeBjqoBIMTxg%3D%3D--NWkt5k3ppLwwT3q7--9zodD8hhtht6YrtocRnoaA%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.1342687788.1766911518; Path=/; Domain=github.com; Expires=Mon, 28 Dec 2026 08:45:18 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Mon, 28 Dec 2026 08:45:18 GMT; HttpOnly; Secure; SameSite=Lax
x-github-request-id: DE08:3159FD:4D3FAFF:5D7718B:6950EE1E
GitHub · Where software is built
Search
Skip to content
Navigation Menu
{{ message }}
-
Notifications
You must be signed in to change notification settings - Fork 273
Issues
is:issue state:open
is:issue state:open
Search results
- Status: Open.#1531 In slsa-framework/slsa;
Restructure BuildEnv threat model for clarity
build-environment-trackIssues/PRs related to the SLSA BuildEnv trackIssues/PRs related to the SLSA BuildEnv trackStatus: Open.#1520 In slsa-framework/slsa;Convert BuildEnv flowchart to Figma
build-environment-trackIssues/PRs related to the SLSA BuildEnv trackIssues/PRs related to the SLSA BuildEnv trackStatus: Open.#1519 In slsa-framework/slsa;- Status: Open.#1518 In slsa-framework/slsa;
Group SLSA Source Track requirements into higher level abstractions
clarificationClarification of the spec, without changing meaningClarification of the spec, without changing meaningStatus: Open.#1509 In slsa-framework/slsa;Clarify role of attestations in SLSA
clarificationClarification of the spec, without changing meaningClarification of the spec, without changing meaningStatus: Open.#1508 In slsa-framework/slsa;- Status: Open.#1507 In slsa-framework/slsa;
Explain, how this related to GitHub's new "built-in" artifact attestation (update docs/website)
websiteIssues with the slsa.dev websiteIssues with the slsa.dev websiteStatus: Open.#1501 In slsa-framework/slsa;Workstream: Verifier Track
workstreamMajor effort comprising multiple sub-issuesMajor effort comprising multiple sub-issuesStatus: Open.#1495 In slsa-framework/slsa;- Status: Open.#1492 In slsa-framework/slsa;
- Status: Open.#1486 In slsa-framework/slsa;
Ensure capitalization of defined terms is consistent in source track
clarificationClarification of the spec, without changing meaningClarification of the spec, without changing meaningwebsiteIssues with the slsa.dev websiteIssues with the slsa.dev websiteStatus: Open.#1480 In slsa-framework/slsa;
You can’t perform that action at this time.