Published:
Last updated:
Open Source Definition (OSI) and SLSA
The Open Source Initiative (OSI), through its Open Source Definition, sets the criteria for the distribution terms and licences that qualify software as open source. Complementing this, the SLSA standard protects the integrity of the software supply chain.
Core concept
True open-source software guarantees free redistribution, access to the source code, and permits modifications. SLSA (Supply-chain Levels for Software Artifacts) defines maturity levels for hardening against manipulation in the build process.
Relevance
- Licence Compliance: Evaluation of software against OSI criteria to avoid open-source washing.
- Supply Chain Security: Implementation of SLSA levels to harden CI/CD pipelines.
- Digital Sovereignty: Open source as the foundation for independent IT architectures.
Related topics
- Strategy: Digital Sovereignty, the control and ownership context for Open Source Definition (OSI) and SLSA.
- Standards, the standards section that frames Open Source Definition (OSI) and SLSA.
Ask AI
These links open external AI services, the conversation and its content are sent to their providers.