Enum: AdoptionStrategyEnum
The five empirically identified themes of strategies practitioners suggested to overcome SLSA adoption challenges, derived from thematic analysis of 1,523 SLSA-related GitHub issues (Tamanna et al., 2024, arXiv:2409.05014). Each strategy theme contains 2–4 sub-strategies (13 total).
URI: slsa:AdoptionStrategyEnum
Permissible Values
| Value | Meaning | Description |
|---|---|---|
| ENHANCE_ALIGNMENT_FLEXIBILITY | None | (S1) Enhance SLSA alignment and flexibility: incorporate build-system tracks ... |
| PROVIDE_DETAILED_DOCUMENTATION | None | (S2) Provide specific and detailed documentation: enhance docs with clear def... |
| STREAMLINE_PROVENANCE_GENERATION | None | (S3) Streamline provenance generation processes: simplify and standardize the... |
| IMPROVE_VERIFICATION_PROCESS | None | (S4) Improve the SLSA verification process: strengthen verification with bett... |
| COLLABORATE_WITH_COMMUNITY | None | (S5) Collaborate with the community: foster engagement by aligning SLSA verif... |
Slots
| Name | Description |
|---|---|
| strategies | The mitigation strategies being employed or recommended in this attestation o... |
In Subsets
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/slsa
LinkML Source
name: AdoptionStrategyEnum
description: The five empirically identified themes of strategies practitioners suggested
to overcome SLSA adoption challenges, derived from thematic analysis of 1,523 SLSA-related
GitHub issues (Tamanna et al., 2024, arXiv:2409.05014). Each strategy theme contains
2–4 sub-strategies (13 total).
in_subset:
- slsa_adoption_study
from_schema: https://w3id.org/lmodel/slsa
rank: 1000
permissible_values:
ENHANCE_ALIGNMENT_FLEXIBILITY:
text: ENHANCE_ALIGNMENT_FLEXIBILITY
description: '(S1) Enhance SLSA alignment and flexibility: incorporate build-system
tracks for more tailored approaches (S1.1); gamify adoption levels so producers
aim for higher levels (S1.2); ensure flexibility for diverse organizational
and ecosystem needs (S1.3); align SLSA with OpenSSF best practices including
SECURITY.md and silver/gold criteria (S1.4).'
PROVIDE_DETAILED_DOCUMENTATION:
text: PROVIDE_DETAILED_DOCUMENTATION
description: '(S2) Provide specific and detailed documentation: enhance docs with
clear definitions, standard terms, revised requirements, and patches (S2.1);
use negative examples to explain complex concepts and improve website diagrams
and navigation (S2.2).'
STREAMLINE_PROVENANCE_GENERATION:
text: STREAMLINE_PROVENANCE_GENERATION
description: '(S3) Streamline provenance generation processes: simplify and standardize
the generation process via tools and templates to reduce confusion and improve
consistency (S3.1); fix semantic-release tool inconsistencies with clear versioning
rules and parallel pre-submit job execution (S3.2).'
IMPROVE_VERIFICATION_PROCESS:
text: IMPROVE_VERIFICATION_PROCESS
description: '(S4) Improve the SLSA verification process: strengthen verification
with better security guarantees and level-determination algorithms (S4.1); implement
versioning tagging early to facilitate progress tracking (S4.2); enhance framework
tooling with more downstream signaling information (S4.3).'
COLLABORATE_WITH_COMMUNITY:
text: COLLABORATE_WITH_COMMUNITY
description: '(S5) Collaborate with the community: foster engagement by aligning
SLSA verification with industry standards and providing guidance for novice
users (S5.1); promote learning and knowledge-sharing, including cross-project
collaboration for single-maintainer projects (S5.2).'