sigrev/README.md

61 lines
1.3 KiB
Markdown
Raw Normal View History

2024-06-21 22:22:26 +00:00
# Scrutinize Spec
April 24, 2024
Version: 0.1
## Table of Contents
- [Scruitinize Specification](#scrutinize-spec)
- [Table of Contents](#table-of-contents)
- [1 Introduction](#1-introduction)
## 1. Introduction
## 1.1 Scope
This document describes scrutinize, a system for securing the way software is
reviewed. scrutinize attests that software has been independently reviewed. It
does so by providing users an interface
VCS Support
* Git -- `git+`
* Mercurial -- `hg+`
* Subversion -- `svn+`
version: The version of the schema
reviewer: RFC5322 name-addr format (eg. John Doe <johndoe@example.com>)
treehash: sha256sum of treehashes
paths: a list of filepaths reviewed or reproduced, can include globs
artifcts: a list of built artificats with hashes if relevant
vcs-ref: VCS ref
type: The type of review. Allowed values are: function, security, readability, reproducibility
system:
platform:
cpu:
cores:
comments: freeform text
## Format
``
version: 0.1
reviewer:
treehash:
paths:
- list of file paths reviewed or reproduced
- supports glob format
artifacts:
- list of built artificats with hashes if relevant
vcs-ref:
type: "function|security|readability|reproduction",
confidence: "low|medium|high"
system:
platform:
cpu:
cores:
location: "home|aws|gcp|etc"
comments: |
This is a freeform area