![](https://1.bp.blogspot.com/-7XZuqH6mscI/YMxJGAq5EzI/AAAAAAAAC6Q/Op2uaOCjqIUGREyLoa0pqWCj3Nm4dHfaACLcBGAsYHQ/s72-c-e100/software-developer.jpg)
As software supply chain attacks emerge as a point of concern in the wake of SolarWinds and Codecov security incidents, Google is proposing a solution to ensure the integrity of software packages and prevent unauthorized modifications.
Called “Supply chain Levels for Software Artifacts” (SLSA, and pronounced “salsa”), the end-to-end framework aims to secure the software development and