Slot: hermeticBuild

Whether all build inputs are fully isolated to the dependencies declared in resolvedDependencies, with no network access or filesystem references outside the explicit build graph. Hermetic builds are a stated requirement for SLSA Build L3; practitioners identified this as one of the most commonly cited implementation barriers, with over 50% of surveyed practitioners finding hermetic build requirements difficult to implement (Tamanna et al., 2024, CI.1).

URI: slsa:hermeticBuild Alias: hermeticBuild

Applicable Classes

Name	Description	Modifies Slot
BuildDefinition	Describes all inputs to the build in enough detail to initialise and reproduc...	no

Properties

Type and Range

Property	Value
Range	Boolean
Domain Of	BuildDefinition

Cardinality and Requirements

Property	Value

In Subsets

• SlsaBuildTrack
• SlsaAdoptionStudy

Identifier and Mapping Information

Schema Source

• from schema: https://w3id.org/lmodel/slsa

Mappings

Mapping Type	Mapped Value
self	slsa:hermeticBuild
native	slsa:hermeticBuild

LinkML Source

name: hermeticBuild
description: Whether all build inputs are fully isolated to the dependencies declared
  in resolvedDependencies, with no network access or filesystem references outside
  the explicit build graph. Hermetic builds are a stated requirement for SLSA Build
  L3; practitioners identified this as one of the most commonly cited implementation
  barriers, with over 50% of surveyed practitioners finding hermetic build requirements
  difficult to implement (Tamanna et al., 2024, CI.1).
in_subset:
- slsa_build_track
- slsa_adoption_study
from_schema: https://w3id.org/lmodel/slsa
rank: 1000
alias: hermeticBuild
domain_of:
- BuildDefinition
range: boolean