Build Provenance: Lessons from Homebrew
Offered By: OpenSSF via YouTube
Course Description
Overview
Explore the ongoing work on build provenance for the Homebrew package manager in this 16-minute conference talk by Joe Sweeney from Trail of Bits. Gain insights into the technical aspects of Homebrew's architecture and its suitability for build provenance implementation. Learn about key achievements, challenges encountered, and potential applications for similar ecosystems like Chocolatey. Discover the remaining roadmap for the project and understand its alignment with broader supply chain trends and standardization efforts in the software industry.
Syllabus
Build Provenance: Lessons (so Far) from Homebrew - Joe Sweeney, Trail of Bits
Taught by
OpenSSF
Related Courses
Security Is an Ecosystem - We Can't Be Secure in IsolationLinux Foundation via YouTube Improving the Security of a Large Open Source Project One Step at a Time
Linux Foundation via YouTube Simplifying Coordinating Vulnerabilities and Disclosures in Open Source Projects
Linux Foundation via YouTube SLSA in Action: Securing the Software Supply Chain
Linux Foundation via YouTube Implementing OpenSSF Best Practices Badges and Scorecards for Project Security
Linux Foundation via YouTube