laurentsimon

Results 281 issues of laurentsimon

See https://github.com/slsa-framework/slsa-verifier/pull/521#discussion_r1131610475

type:feature
area:npm

See https://github.com/slsa-framework/slsa-verifier/pull/495#discussion_r1116675186 This requires changing the interface, and would probably not work as a service since the tarball would not be transmitted.

type:feature
area:npm

We need e2e tests.

type:feature
area:npm

GitLab has some support in https://github.com/npm/cli/pull/6375 https://gist.github.com/wlynch/42e89527d51bc72a61279f0c7f3be1cd

area:npm
area:gitlab
specs:v1.0

verification counterpart for https://github.com/slsa-framework/slsa-github-generator/issues/2079 To think about: if the sha1 != GitHub event, options like `--source-branch`, `--source-tag` or another source option should fail because we can no longer trust the...

status:blocked

Counterpart of https://github.com/slsa-framework/slsa-github-generator/issues/2192

specs:v1.0

We need a new repo `example-trws` with TRWs to call from `example-packages` to tests the delegator workflow features and catch regressions

area:tests
e2e
area:BYOB

We want to allow some exceptions for TRWs to test their workflows `@` where `ref != vx.y.z`. I think we need: - `[email protected]` and `[email protected]` allowed, that's the default, common...

area:tests
area:BYOB