Source code, CI/CD, and supply chain security #1022
Labels
devops
type: backlog item
For developer work that is not part of a user-facing epic or user story.
type: epic
User Story
As a project maintainer, in order to have confidence in the code, how it is tested, built, and published, with it dependencies, in this repository hosting system and elsewhere, I want policy, process, and supporting automation to check security properties of the source code, the CI/CD system, and the supply chain of dependent software.
NOTE: Once maintainers (and interested community members) determine the overall policy and process approach, maintainers will integrate the relevant policy, process, and supporting automation into the other repositories. At that time, the list below will be cross-linked to relevant GitHub issues for other projects.
Goals
Dependencies
N/A
Acceptance Criteria
Revisions
The text was updated successfully, but these errors were encountered: