|
|
|
|
|
|
by adityasaky
968 days ago
|
|
|
It's multi-pronged and I imagine adopters may use a subset of features. Broadly, I think folks are going to be interested in a) branch/tag/reference protection rules, b) file protection rules (monorepo or otherwise, though monorepos do pose a very apt usecase for gittuf), and c) general key management for those who primarily care about Git signing. For those who care about a and b, I think the work we want to do to support in-toto attestations [0] for SLSA's upcoming source track [1] could be very interesting as well. [0] https://github.com/in-toto/attestation [1] https://github.com/slsa-framework/slsa/issues/956 |
|
|