Every mif-docs release ships a reproducible source tarball
(mif-docs-<version>.tar.gz) carrying a SLSA build-provenance attestation.
The attestation is keyless (Sigstore/Fulcio) and its signer identity is this
repository's release workflow. Publication is fail-closed: the release job
re-verifies the attestation before uploading, so a tag publishes nothing
unattested.
To verify a downloaded artifact yourself:
# 1. Download the artifact from the GitHub Release.
gh release download <tag> --repo modeled-information-format/mif-docs-plugin \
--pattern 'mif-docs-*.tar.gz'
# 2. Verify SLSA build provenance. --repo scopes trust to this repository;
# --signer-workflow pins the certificate identity to the release workflow,
# so an attestation from any other workflow would not pass.
gh attestation verify mif-docs-<version>.tar.gz \
--repo modeled-information-format/mif-docs-plugin \
--signer-workflow modeled-information-format/mif-docs-plugin/.github/workflows/release.ymlA non-zero exit means the artifact is not the attested bytes — do not use it.
- Every GitHub Action is pinned to a full 40-char commit SHA; the central
pin-checkreusable enforces this on every push and PR. - Workflows are linted via the central
reusable-actionlint. - The release artifact is built with
git archive(deterministic from the commit tree) and attested withactions/attest-build-provenance.
Open a private security advisory on the repository, or contact the
modeled-information-format maintainers.