- [ ] Achieve level 1: https://slsa.dev/get-started - [ ] Add container signing: https://github.com/sigstore/cosign - [ ] Document validation of keyless signatures - [ ] Add table with links to Binary, SBOM, certificate and signatures for convenience See [slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator) and [slsa-verifier](https://github.com/slsa-framework/slsa-verifier)
See slsa-github-generator and slsa-verifier