Published:
Last updated:
Open Source Definition (OSI) and SLSA
The Open Source Initiative (OSI) defines the criteria software must meet to officially qualify as open source. Complementing this, the SLSA standard protects the integrity of the software supply chain.
Core Concept
True open-source software guarantees free redistribution, access to the source code, and permits modifications. SLSA (Supply-chain Levels for Software Artifacts) defines maturity levels for hardening against manipulation in the build process.
Relevance
- Licence Compliance: Evaluation of software against OSI criteria to avoid open-source washing.
- Supply Chain Security: Implementation of SLSA levels to harden CI/CD pipelines.
- Digital Sovereignty: Open source as the foundation for independent IT architectures.