Learn how to build packages with SLSA 3 provenance using GitHub Actions.
Jose Palafox, Author at The GitHub Blog
gCTS with Gogs, Github Actions (and some thoughts)
Improve your software with SLSA on Github Actions Security Day 2022 on Google Open Source Live
CI: Achieve SLSA Level 3+ · Issue #12099 · argoproj/argo-workflows · GitHub
A First Step to Attaining SLSA Level 3 on GitHub - Open Source Blog
Improve your software with SLSA on Github Actions Security Day 2022 on Google Open Source Live
The GitHub Blog: Security News and Updates
Cosign image signing In AWS CodePipeline
Software Supply Chain Security with Google Software Delivery Shield