Modules§
- branch_
history_ integrity - branch_
protection_ enforcement - build_
isolation - build_
provenance - change_
request_ size - codeowners_
coverage - conventional_
title - dependency_
completeness - dependency_
provenance - dependency_
signature - dependency_
signer_ verified - description_
quality - hosted_
build_ platform - issue_
linkage - merge_
commit_ policy - provenance_
authenticity - release_
traceability - required_
status_ checks - review_
independence - scoped_
change - secret_
scanning - security_
file_ change - security_
policy - source_
authenticity - stale_
review - test_
coverage - two_
party_ review - vulnerability_
scanning
Functions§
- all_
controls - Returns all controls (all SLSA + compliance).
- all_
slsa_ controls - Returns all SLSA controls (Source L4 + Build L3 + Dependencies L4).
- compliance_
controls - Returns compliance controls (non-SLSA, SOC2/ASPM mapped).
- control_
description - Returns the SARIF-friendly description for a built-in control ID. Falls back to “Custom control” for unknown IDs.
- slsa_
controls - Returns all SLSA controls across both tracks up to the given levels.
- slsa_
controls_ for_ level - Returns all SLSA controls required for the given track up to the given level.