Slot: controlsEnforced
Technical controls actively enforced by the Source Control System when this revision was created (e.g., "two-party review", "branch protection", "status checks").
URI: slsa:controlsEnforced
Alias: controlsEnforced
Applicable Classes
| Name |
Description |
Modifies Slot |
| SourceProvenanceAttestation |
An attestation describing how a source revision came to exist: where it was h... |
no |
Properties
Type and Range
Cardinality and Requirements
| Property |
Value |
| Multivalued |
Yes |
In Subsets
Notes
- Two-party review feasibility (Tamanna et al., 2024, LF.2): Many open-source projects have a single maintainer, making the two-party review requirement impractical. Pair programming and mob programming were raised as contested alternatives whose security equivalence has not been formally established. Use the reviewType slot on SourceRevision to record the specific form of review applied.
Schema Source
- from schema: https://w3id.org/lmodel/slsa
Mappings
| Mapping Type |
Mapped Value |
| self |
slsa:controlsEnforced |
| native |
slsa:controlsEnforced |
LinkML Source
name: controlsEnforced
description: Technical controls actively enforced by the Source Control System when
this revision was created (e.g., "two-party review", "branch protection", "status
checks").
notes:
- 'Two-party review feasibility (Tamanna et al., 2024, LF.2): Many open-source projects
have a single maintainer, making the two-party review requirement impractical. Pair
programming and mob programming were raised as contested alternatives whose security
equivalence has not been formally established. Use the reviewType slot on SourceRevision
to record the specific form of review applied.'
in_subset:
- slsa_source_track
from_schema: https://w3id.org/lmodel/slsa
rank: 1000
alias: controlsEnforced
domain_of:
- SourceProvenanceAttestation
range: string
multivalued: true