Build Provenance: Lessons from Homebrew

Explore the ongoing work on build provenance for the Homebrew package manager in this 16-minute conference talk by Joe Sweeney from Trail of Bits. Gain insights into the technical aspects of Homebrew's architecture and its suitability for build provenance implementation. Learn about key achievements, challenges encountered, and potential applications for similar ecosystems like Chocolatey. Discover the remaining roadmap for the project and understand its alignment with broader supply chain trends and standardization efforts in the software industry.

Build Provenance: Lessons (so Far) from Homebrew - Joe Sweeney, Trail of Bits