Class: Builder
Represents the transitive closure of all software, hardware, and entities trusted to faithfully execute the build and record provenance. The builder.id is the primary basis for determining SLSA Build Level.
URI: slsa:Builder
classDiagram
class Builder
click Builder href "../Builder/"
Builder : builderDependencies
Builder --> "*" ResourceDescriptor : builderDependencies
click ResourceDescriptor href "../ResourceDescriptor/"
Builder : id
Builder : version
Builder : versionTag
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| id | 1 String |
A URI uniquely identifying an entity (build platform, verifier, build image, ... | direct |
| builderDependencies | * ResourceDescriptor |
Dependencies used by the control plane orchestrator that are not run within t... | direct |
| version | 0..1 String |
Map of component names to their version strings, represented as a JSON object... | direct |
| versionTag | 0..1 String |
A semantic version tag (e | direct |
Usages
| used by | used in | type | used |
|---|---|---|---|
| RunDetails | builder | range | Builder |
In Subsets
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/slsa
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | slsa:Builder |
| native | slsa:Builder |
LinkML Source
Direct
name: Builder
description: Represents the transitive closure of all software, hardware, and entities
trusted to faithfully execute the build and record provenance. The builder.id is
the primary basis for determining SLSA Build Level.
in_subset:
- slsa_build_track
from_schema: https://w3id.org/lmodel/slsa
slots:
- id
- builderDependencies
- version
- versionTag
Induced
name: Builder
description: Represents the transitive closure of all software, hardware, and entities
trusted to faithfully execute the build and record provenance. The builder.id is
the primary basis for determining SLSA Build Level.
in_subset:
- slsa_build_track
from_schema: https://w3id.org/lmodel/slsa
attributes:
id:
name: id
description: A URI uniquely identifying an entity (build platform, verifier, build
image, or source repository). The primary trust anchor for consumers.
in_subset:
- slsa_build_track
- slsa_source_track
- slsa_dependency_track
- slsa_build_env_track
from_schema: https://w3id.org/lmodel/slsa
rank: 1000
alias: id
owner: Builder
domain_of:
- Builder
- Verifier
- BuildPlatform
- SourceRepository
- BuildImage
range: string
required: true
builderDependencies:
name: builderDependencies
description: Dependencies used by the control plane orchestrator that are not
run within the build workload but may affect provenance generation or security
guarantees.
in_subset:
- slsa_build_track
from_schema: https://w3id.org/lmodel/slsa
rank: 1000
alias: builderDependencies
owner: Builder
domain_of:
- Builder
range: ResourceDescriptor
multivalued: true
inlined: true
inlined_as_list: true
version:
name: version
description: Map of component names to their version strings, represented as a
JSON object (string → string).
in_subset:
- slsa_build_track
from_schema: https://w3id.org/lmodel/slsa
rank: 1000
alias: version
owner: Builder
domain_of:
- Builder
- Verifier
range: string
versionTag:
name: versionTag
description: A semantic version tag (e.g., "v1.2.3") assigned to the builder or
the produced artifact at the time of the build. Practitioners recommended implementing
versioning tagging early in SLSA framework deployment to facilitate progress
tracking, reduce maintenance confusion from breaking changes, and enable more
straightforward verification (Tamanna et al., 2024, S4.2).
in_subset:
- slsa_build_track
- slsa_adoption_study
from_schema: https://w3id.org/lmodel/slsa
rank: 1000
alias: versionTag
owner: Builder
domain_of:
- Builder
range: string