-
Notifications
You must be signed in to change notification settings - Fork 41
Roadmap
Brian Dussault edited this page Oct 31, 2023
·
9 revisions
Our roadmap is where you can learn about what features we're working on, what stage they're in, and when we expect to bring them to you. Have any questions or comments about items on the roadmap? Share your feedback via GitHub public feedback discussions.
- New scoring dimension: Security: Introduce a new scoring dimension that incorporates factors such as SLSA provenance and package behavior.
- Add more features to repo and author Activity score: Bolster depth of Activity score by adding more features, e.g. information on package maintainers.
- Improve package to repo link verification: Add statistical verification, e.g. of release timestamps, to improve the confidence of the mapping from a repo to a package.
- Show additional context on each score component for each package: Provide key indicators to explain why a package received a particular score, based on the underlying features of the score.
- Provenance for Python and Rust packages: Enable provenance data from Sigstore for Python and Rust packages, based on Sigstore community efforts.