Commit 0fa7651f authored by Mark Lodato's avatar Mark Lodato
Browse files

Remove duplicate paragraph "SLSA is..."

parent f48f17ce
...@@ -6,8 +6,7 @@ ...@@ -6,8 +6,7 @@
<!--{% endif %}--> <!--{% endif %}-->
Supply-chain Levels for Software Artifacts (SLSA, pronounced Supply-chain Levels for Software Artifacts (SLSA, pronounced _[salsa]_) is an
_[salsa](https://www.google.com/search?q=how+to+pronounce+salsa)_) is an
end-to-end framework for ensuring the integrity of software artifacts throughout end-to-end framework for ensuring the integrity of software artifacts throughout
the software supply chain. The requirements are inspired by Google’s internal the software supply chain. The requirements are inspired by Google’s internal
"[Binary Authorization for Borg]" that has been in use for the past 8+ years and "[Binary Authorization for Borg]" that has been in use for the past 8+ years and
...@@ -41,11 +40,6 @@ face of the eye-opening, multi-billion dollar attacks in recent months (e.g. ...@@ -41,11 +40,6 @@ face of the eye-opening, multi-billion dollar attacks in recent months (e.g.
been prevented or made more difficult had such a framework been adopted by been prevented or made more difficult had such a framework been adopted by
software developers and consumers. software developers and consumers.
Supply-chain Levels for Software Artifacts (SLSA, pronounced "salsa") is an end-to-end framework for ensuring the integrity
of software artifacts throughout the software supply chain. It is inspired by
Google's internal "[Binary Authorization for Borg]" which has been in use for the past 8+ years and is mandatory for all of Google's
production workloads.
SLSA addresses three issues: SLSA addresses three issues:
- Software producers want to secure their supply chains but don't know - Software producers want to secure their supply chains but don't know
...@@ -444,3 +438,4 @@ Other takes on provenance and CI/CD: ...@@ -444,3 +438,4 @@ Other takes on provenance and CI/CD:
[curlimages/curl]: https://hub.docker.com/r/curlimages/curl [curlimages/curl]: https://hub.docker.com/r/curlimages/curl
[feedback form]: https://forms.gle/93QRfUqF7YY2mJDi9 [feedback form]: https://forms.gle/93QRfUqF7YY2mJDi9
[mailing list]: https://groups.google.com/g/slsa-discussion [mailing list]: https://groups.google.com/g/slsa-discussion
[salsa]: https://www.google.com/search?q=how+to+pronounce+salsa
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment