all InfoSec news
Adding build provenance to Homebrew
Malware Analysis, News and Indicators - Latest topics malware.news
By William Woodruff
This is a joint post with Alpha-Omega—read their announcement post as well!
We’re starting a new project in collaboration with Alpha-Omega and OpenSSF to improve the transparency and security of Homebrew. This six-month project will bring cryptographically verifiable build provenance to homebrew-core
, allowing end users and companies to prove that Homebrew’s packages come from the official Homebrew CI/CD. In a nutshell, Homebrew’s packages will become compliant with SLSA Build L2 (formerly known as Level 2). …
alpha-omega announcement build collaboration companies end homebrew omega openssf packages project prove provenance security transparency