Skip to content

Commit

Permalink
Reformat requirements sections
Browse files Browse the repository at this point in the history
Signed-off-by: Chris Abraham <[email protected]>
  • Loading branch information
cjyabraham committed Jul 15, 2024
1 parent 557577b commit ad5123e
Showing 1 changed file with 9 additions and 4 deletions.
13 changes: 9 additions & 4 deletions publications/supply-chain-security-tools/securing-source-code.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,19 +6,24 @@ Here are the list of requirements for securing the source code, which is a subca

## 1. Require signed commits

Tool capability: sign commits, verify signed commits
<div class="h4">Tool capability</div>

### Tools
- Sign commits
- Verify signed commits

<div class="h4 mt-4">Tools</div>

- Sigstore (gitsign)
- gittuf
- GUAC

## 2. Enforce full attestation and verification for protected branches

Tool capability: monitor protected branches
<div class="h4">Tool capability</div>

- Monitor protected branches

### Tools
<div class="h4 mt-4">Tools</div>

- gittuf

Expand Down

0 comments on commit ad5123e

Please sign in to comment.