<!DOCTYPE html> <html lang="en"><head> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge" /> <meta name="viewport" content="width=device-width, initial-scale=1" /><!-- Begin Jekyll SEO tag v2.8.0 --> <meta name="generator" content="Jekyll v3.9.5" /> <meta property="og:title" content="What’s new in SLSA v1.0" /> <meta property="og:locale" content="en_US" /> <meta name="description" content="SLSA v1.0 is the first stable release of SLSA. This document describes what has changed since v0.1." /> <meta property="og:description" content="SLSA v1.0 is the first stable release of SLSA. This document describes what has changed since v0.1." /> <meta property="og:site_name" content="SLSA" /> <meta property="og:image" content="/images/icons/android-chrome-192x192.png" /> <meta property="og:type" content="website" /> <meta name="twitter:card" content="summary_large_image" /> <meta property="twitter:image" content="/images/icons/android-chrome-192x192.png" /> <meta property="twitter:title" content="What’s new in SLSA v1.0" /> <script type="application/ld+json"> {"@context":"https://schema.org","@type":"WebPage","description":"SLSA v1.0 is the first stable release of SLSA. This document describes what has changed since v0.1.","headline":"What’s new in SLSA v1.0","image":"/images/icons/android-chrome-192x192.png","publisher":{"@type":"Organization","logo":{"@type":"ImageObject","url":"/images/icons/android-chrome-512x512.png"}},"url":"/spec/v1.0/whats-new"}</script> <!-- End Jekyll SEO tag --> <link rel="stylesheet" href="/vendor/tailwindcss-2.2.19/tailwind.min.css"> <link rel="stylesheet" href="/assets/main.css"> <link rel="apple-touch-icon" sizes="180x180" href="/images/icons/apple-touch-icon.png"> <link rel="icon" type="image/png" sizes="32x32" href="/images/icons/favicon-32x32.png"> <link rel="icon" type="image/png" sizes="16x16" href="/images/icons/favicon-16x16.png"> <link rel="icon" type="image/png" sizes="16x16" href="/images/icons/favicon-16x16.png"> <link rel="icon" type="image/x-icon" href="/images/icons/favicon.ico"> <link rel="mask-icon" href="/images/icons/safari-pinned-tab.svg" color="#5bbad5"> <meta name="msapplication-TileColor" content="#da532c" /> <meta name="msapplication-square150x150logo" content="/images/icons/mstile-150x150.png" /> <meta name="theme-color" content="#ffffff" /> <title>SLSA • What's new in SLSA v1.0</title> <link rel="stylesheet" href="/fonts/inter/inter.css"> <link rel="stylesheet" href="/fonts/ibm_plex/IBMPlexMono-Regular.css"> <link rel="stylesheet" href="/fonts/prodigy/ProdigySans.css"> <script src="/vendor/swiper-6.8.4/swiper-bundle.min.js"></script> <link rel="stylesheet" href="/vendor/swiper-6.8.4/swiper-bundle.min.css"> <script defer src="/vendor/alpinejs-3.10.2/cdn.min.js"></script><link type="application/atom+xml" rel="alternate" href="/feed.xml" title="SLSA" /></head> <body x-data="{navOpen: false}" x-init="$refs.body.style.setProperty('--scrollbar-width', `${window.innerWidth - document.body.offsetWidth}px`)" x-ref="body" ><aside class="site-aside flex flex-col flex-none" :class="{'is-open': navOpen}" > <div class="aside-header p-5 flex justify-between items-center show-laptop"> <a rel="author" href="/" class="logo block"> <img class="logo-white" src="/images/logo.svg" alt="SLSA logo" /> </a> <a class="desktop-github-icon" href="https://github.com/slsa-framework/slsa" target="_blank"> <svg width="22" height="22" viewBox="0 0 22 22" fill="currentColor" xmlns="http://www.w3.org/2000/svg"> <path fill-rule="evenodd" clip-rule="evenodd" d="M11.2344 0.150879C5.28641 0.150879 0.468811 4.96848 0.468811 10.9165C0.468811 15.6803 3.55046 19.7039 7.82978 21.1303C8.36806 21.2245 8.56991 20.9016 8.56991 20.619C8.56991 20.3633 8.55646 19.5155 8.55646 18.6139C5.8516 19.1118 5.15184 17.9545 4.93653 17.3489C4.81541 17.0394 4.29059 16.084 3.83306 15.8283C3.45626 15.6264 2.91798 15.1285 3.8196 15.1151C4.66739 15.1016 5.27295 15.8956 5.47481 16.2185C6.44371 17.8468 7.99126 17.3893 8.61028 17.1067C8.70448 16.4069 8.98708 15.9359 9.29659 15.6668C6.90125 15.3977 4.39825 14.4691 4.39825 10.3513C4.39825 9.18051 4.81541 8.21161 5.50172 7.45802C5.39407 7.18888 5.01727 6.08541 5.60938 4.60514C5.60938 4.60514 6.51099 4.32254 8.56991 5.70861C9.43116 5.46639 10.3462 5.34527 11.2613 5.34527C12.1764 5.34527 13.0914 5.46639 13.9527 5.70861C16.0116 4.30909 16.9132 4.60514 16.9132 4.60514C17.5053 6.08541 17.1285 7.18888 17.0209 7.45802C17.7072 8.21161 18.1244 9.16706 18.1244 10.3513C18.1244 14.4826 15.6079 15.3977 13.2126 15.6668C13.6028 16.0032 13.9392 16.6492 13.9392 17.6584C13.9392 19.0983 13.9258 20.2556 13.9258 20.619C13.9258 20.9016 14.1276 21.238 14.6659 21.1303C16.8031 20.4088 18.6602 19.0353 19.9758 17.2031C21.2915 15.3708 21.9994 13.1721 22 10.9165C22 4.96848 17.1824 0.150879 11.2344 0.150879Z" /> </svg> </a> </div> <div class="aside-content px-5 py-1 flex-1 overflow-auto"> <select id="redirectSelect.show-laptop" class="select-dropdown p-1 mx-1 my-4 text-black opacity-80 show-laptop border-gray-400"> <option value="/spec/v1.1/whats-new" class="inline-block">Version 1.1 RC</option> <option selected value="/spec/v1.0/whats-new" class="inline-block">Version 1.0</option> <option disabled value="/spec/v0.1/whats-new" class="inline-block">Version 0.1</option> <option value="/spec/draft/whats-new" class="inline-block">Working Draft</option> </select> <script> var selectEl = document.getElementById('redirectSelect.show-laptop'); selectEl.onchange = function(){ var goto = this.value; window.location = goto; }; </script> <nav class="site-nav"><ul><li> <a class="nav-link" href="/spec/v1.0/"> Overview </a> </li><li> <span class="section-title">Understanding SLSA</span> <ul><li> <a class="nav-link is-active" href="/spec/v1.0/whats-new"> What&#39;s new in v1.0 </a> </li><li> <a class="nav-link" href="/spec/v1.0/about"> About SLSA </a> </li><li> <a class="nav-link" href="/spec/v1.0/threats-overview"> Supply chain threats </a> </li><li> <a class="nav-link" href="/spec/v1.0/use-cases"> Use cases </a> </li><li> <a class="nav-link" href="/spec/v1.0/principles"> Guiding principles </a> </li><li> <a class="nav-link" href="/spec/v1.0/faq"> FAQ </a> </li><li> <a class="nav-link" href="/spec/v1.0/future-directions"> Future directions </a> </li> </ul> </li><li> <span class="section-title">Core specification</span> <ul><li> <a class="nav-link" href="/spec/v1.0/terminology"> Terminology </a> </li><li> <a class="nav-link" href="/spec/v1.0/levels"> Security levels </a> </li><li> <a class="nav-link" href="/spec/v1.0/requirements"> Producing artifacts </a> </li><li> <a class="nav-link" href="/spec/v1.0/distributing-provenance"> Distributing provenance </a> </li><li> <a class="nav-link" href="/spec/v1.0/verifying-artifacts"> Verifying artifacts </a> </li><li> <a class="nav-link" href="/spec/v1.0/verifying-systems"> Verifying build platforms </a> </li><li> <a class="nav-link" href="/spec/v1.0/threats"> Threats &amp; mitigations </a> </li> </ul> </li><li> <span class="section-title">Attestation formats</span> <ul><li> <a class="nav-link" href="/attestation-model"> General model </a> </li><li> <a class="nav-link" href="/spec/v1.0/provenance"> Provenance </a> </li><li> <a class="nav-link" href="/spec/v1.0/verification_summary"> Verification Summary </a> </li> </ul> </li><li> <span class="section-title">How to SLSA</span> <ul><li> <a class="nav-link" href="/get-started"> For developers </a> </li><li> <a class="nav-link" href="/how-to-orgs"> For organizations </a> </li><li> <a class="nav-link" href="/how-to-infra"> For infrastructure providers </a> </li> </ul> </li><li> <a class="nav-link" href="/spec-stages"> Specification stages </a> </li><li> <a class="nav-link" href="/community"> Community </a> </li><li> <a class="nav-link" href="/blog"> Blog </a> </li><li> <a class="nav-link" href="/spec/v1.0/onepage"> Single-page view </a> </li> </ul> </nav> </div> </aside> <div class="site-main"> <header class="site-header flex-none" x-data="{ fixed: false, hidden: false, lastPos: window.scrollY, scrolledPast: false }" x-ref="navbar" x-on:scroll.window=" fixed = window.scrollY > lastPos ? window.scrollY >= $refs.navbar.offsetHeight : window.scrollY > 0; hidden = fixed && window.scrollY > lastPos; if (window.scrollY > $refs.navbar.offsetHeight && !scrolledPast) { setTimeout(() => $refs.navbar.classList.add('is-scrolled-past'), 500); scrolledPast = true; } else if (window.scrollY === 0) { $refs.navbar.classList.remove('is-scrolled-past'); scrolledPast = false; } lastPos = window.scrollY; " x-bind:class="{ 'is-fixed': fixed, 'is-hidden': hidden, 'menu-open': navOpen }" > <div class="site-header-inner h-full flex items-center gap-5" > <button x-on:click="navOpen = !navOpen" :class="{ 'active': navOpen }" class="mobile-menu-button inline-block hide-laptop"> <span></span> <span></span> <span></span> </button> <a rel="author" href="/" class="logo block"> <img class="logo-white" src="/images/logo.svg" alt="SLSA logo" /> </a> <select id="redirectSelect.hide-laptop" class="select-dropdown p-1 mx-1 my-4 text-black opacity-80 hide-laptop border-gray-400"> <option value="/spec/v1.1/whats-new" class="inline-block">Version 1.1 RC</option> <option selected value="/spec/v1.0/whats-new" class="inline-block">Version 1.0</option> <option disabled value="/spec/v0.1/whats-new" class="inline-block">Version 0.1</option> <option value="/spec/draft/whats-new" class="inline-block">Working Draft</option> </select> <script> var selectEl = document.getElementById('redirectSelect.hide-laptop'); selectEl.onchange = function(){ var goto = this.value; window.location = goto; }; </script> <a class="desktop-github-icon ml-auto" href="https://github.com/slsa-framework/slsa" target="_blank"> <svg width="22" height="22" viewBox="0 0 22 22" fill="currentColor" xmlns="http://www.w3.org/2000/svg"> <path fill-rule="evenodd" clip-rule="evenodd" d="M11.2344 0.150879C5.28641 0.150879 0.468811 4.96848 0.468811 10.9165C0.468811 15.6803 3.55046 19.7039 7.82978 21.1303C8.36806 21.2245 8.56991 20.9016 8.56991 20.619C8.56991 20.3633 8.55646 19.5155 8.55646 18.6139C5.8516 19.1118 5.15184 17.9545 4.93653 17.3489C4.81541 17.0394 4.29059 16.084 3.83306 15.8283C3.45626 15.6264 2.91798 15.1285 3.8196 15.1151C4.66739 15.1016 5.27295 15.8956 5.47481 16.2185C6.44371 17.8468 7.99126 17.3893 8.61028 17.1067C8.70448 16.4069 8.98708 15.9359 9.29659 15.6668C6.90125 15.3977 4.39825 14.4691 4.39825 10.3513C4.39825 9.18051 4.81541 8.21161 5.50172 7.45802C5.39407 7.18888 5.01727 6.08541 5.60938 4.60514C5.60938 4.60514 6.51099 4.32254 8.56991 5.70861C9.43116 5.46639 10.3462 5.34527 11.2613 5.34527C12.1764 5.34527 13.0914 5.46639 13.9527 5.70861C16.0116 4.30909 16.9132 4.60514 16.9132 4.60514C17.5053 6.08541 17.1285 7.18888 17.0209 7.45802C17.7072 8.21161 18.1244 9.16706 18.1244 10.3513C18.1244 14.4826 15.6079 15.3977 13.2126 15.6668C13.6028 16.0032 13.9392 16.6492 13.9392 17.6584C13.9392 19.0983 13.9258 20.2556 13.9258 20.619C13.9258 20.9016 14.1276 21.238 14.6659 21.1303C16.8031 20.4088 18.6602 19.0353 19.9758 17.2031C21.2915 15.3708 21.9994 13.1721 22 10.9165C22 4.96848 17.1824 0.150879 11.2344 0.150879Z" /> </svg> </a> </div> </header> <main class="site-clamp" aria-label="Content"> <header class="content-header"> <h1 class="mb-16">What's new in SLSA v1.0</h1> </header> <div class="site-content has-toc"> <aside class="table-of-contents flex flex-col"> <div class="rounded-lg p-4 border border-gray-400 mb-4"> Status: <a href="/spec-stages" style="display: inline">Approved</a> </div> <div class="flex-auto rounded-lg p-4 border border-gray-400 overflow-auto"> <p class="header-small uppercase">On this page</p> <ul><li><a href="#summary-of-changes">Summary of changes</a></li><li><a href="#stability-and-scope">Stability and scope</a></li><li><a href="#tracks">Tracks</a></li><li><a href="#improvements-to-core-specification">Improvements to core specification</a></li><li><a href="#verification">Verification</a></li><li><a href="#provenance-and-vsa-formats">Provenance and VSA formats</a></li></ul> </div> </aside> <div class="content markdown"> <p>SLSA v1.0 is the first stable release of SLSA, creating a solid foundation on which future versions can expand. This document describes the major changes in v1.0 relative to the prior release, <a href="/spec/v0.1/">v0.1</a>.</p> <h2 id="summary-of-changes">Summary of changes</h2> <p>SLSA v1.0 is a significant rework of the specification in response to ongoing feedback, filed issues, suggestions for course corrections, and other input from the SLSA community and early adopters. Overall, the changes prioritize simplicity, practicality, and stability.</p> <p>Overall, SLSA v1.0 is more stable and better defined than v0.1, but less ambitious. It corresponds roughly to the build and provenance requirements of the prior version’s SLSA Levels 1 through 3, deferring SLSA Level 4 and the source and common requirements to a future version. The rationale is explained <a href="#stability-and-scope">below</a>.</p> <p>Other significant changes:</p> <ul> <li><a href="#tracks">Division of the levels into multiple tracks</a>, which are separate sets of levels that measure different aspects of software supply chain security</li> <li><a href="#improvements-to-core-specification">Reorganization and simplification of the core specification</a> to make it easier to understand and to provide better guidance</li> <li><a href="#verification">New guidance on verification</a> of artifacts and build systems</li> <li><a href="#provenance-and-vsa-formats">Updated provenance and VSA schemas</a>, with a clearer build model</li> </ul> <h2 id="stability-and-scope">Stability and scope</h2> <p>The v1.0 release marks the first stable version of SLSA. We are confident that the specification represents broad consensus and will not change significantly in the future. Having a stable foundation enables organizations and ecosystems to begin implementing and adopting SLSA with minimal risk of future breaking changes.</p> <p>That said, some concepts from v0.1 had to be deferred to a <a href="future-directions">future version</a> in order to allow us to release v1.0 in a reasonable time frame. The deferred concepts—source requirements, hermetic builds (SLSA L4), and common requirements—were at significant risk of breaking changes in the future to address concerns from v0.1. We believed it was more valuable to release a small but stable base now while we work towards solidifying those concepts in a future version.</p> <p>Going forward, we commit to a consistent <a href="/spec-stages#versioning">versioning</a> scheme based on semantic versioning. Backwards-incompatible changes will result in a major version increase (v2.0, v3.0, etc.); significant backwards-compatible changes will result in a minor version increase (v1.1, v1.2, etc.), while editorial changes may be made without a version increase.</p> <p>For further explanation of the decisions behind v1.0, see the <a href="https://github.com/slsa-framework/slsa-proposals/blob/main/0003/README.md">SLSA v1.0 Proposal</a>.</p> <h2 id="tracks">Tracks</h2> <p>A significant conceptual change from v0.1 is the division of SLSA’s level requirements into multiple tracks. Previously, each SLSA level encompassed requirements across multiple software supply chain aspects: there were source, build, provenance, and common requirements. To reach a particular level, adopters needed to meet <a href="/spec/v0.1/requirements">all requirements in each of the four areas</a>. Organizing the specification in that way made adoption cumbersome, since requirements were split across unrelated domains—improvements in one area were not recognized until improvements were made in all areas.</p> <p>Now, the requirements are divided into SLSA tracks that each focus on one area of the software supply chain. We anticipate this division will make SLSA adoption easier for users. Division into tracks also benefits the SLSA community: developers contributing to SLSA can parallelize work on multiple tracks without blocking each other, and members of the community can contribute specifically to their areas of expertise.</p> <p>SLSA v1.0 defines the SLSA Build track to begin this separation of requirements, with other tracks to come in future versions. The new <a href="levels#build-track">SLSA Build track Levels 1-3</a> roughly correspond to <a href="requirements#build-requirements">Levels 1-3 of v0.1</a>, minus the source requirements. We anticipate future versions of the specification to continue building on requirements without changing the existing requirements defined in v1.0. The specification will likely expand to incorporate both new tracks and additional levels for existing tracks. We currently have <a href="future-directions">plans</a> for Build Level 4 and a Source track.</p> <p>The v1.0 also defines the <a href="principles">principles</a> behind SLSA track requirements, which will guide future track additions. For more information about the rationale for tracks, see the <a href="https://github.com/slsa-framework/slsa-proposals/blob/main/0003/README.md">proposal</a>.</p> <h2 id="improvements-to-core-specification">Improvements to core specification</h2> <p>We’ve simplified and reorganized the specification to make it easier to understand and apply. We’ve also split the requirements into multiple pages to better reflect the division of labor across the software supply chain: producing artifacts, distributing provenance, verifying artifacts, and verifying build platforms.</p> <p><a href="terminology">Terminology</a> has been expanded to fully define all necessary concepts and to be consistent across the specification.</p> <p><a href="levels">Security levels</a> has been completely rewritten to provide a high level overview of the SLSA <a href="#tracks">tracks</a> and levels. Importantly, it explains the benefits provided by each level.</p> <p><a href="requirements">Producing artifacts</a> explains requirements for the software producer and the build platform. While the requirements are largely the same as before—aside from those <a href="#stability-and-scope">deferred</a> to a future version—there are some minor changes to make SLSA easier to adopt. These changes include: renaming, simplifying, and merging some requirements; removing the redundant “scripted build” and “config as code” requirements; merging of the provenance requirements into the recommended <a href="#provenance-and-vsa-formats">provenance format</a>; and splitting the requirements between those for the Producer and the Build platform.</p> <p><a href="distributing-provenance">Distributing provenance</a> <em>(new for v1.0)</em> provides guidance to software producers and package ecosystems on how to distribute provenance alongside artifacts. We hope this brings consistency across open source package ecosystems as they adopt SLSA.</p> <p><a href="verifying-artifacts">Verifying artifacts</a> <em>(new for v1.0)</em> provides guidance to package ecosystems and consumers for how to verify provenance and compare it to expectations. It is discussed more in the following section.</p> <p><a href="verifying-systems">Verifying build platforms</a> <em>(new for v1.0)</em> provides a list of prompts for evaluating a build platform’s SLSA conformance. It covers similar ground as v0.1’s common requirements, but in a different form. It is also discussed in the following section.</p> <p><a href="threats">Threats &amp; mitigations</a> has been updated for v1.0, filling out parts that were missing in v0.1. Note that labels D and E have swapped positions from v0.1 to align with the grouping of Source (A-C), Dependency (D), and Build (E-H) threats.</p> <h2 id="verification">Verification</h2> <p>Another significant change in the v1.0 is documenting the need for provenance verification.</p> <p>SLSA v0.1 specified guidance for how to produce provenance but not how to verify it. This left a large gap as most threats targeted by SLSA are only mitigated by verifying provenance and comparing it to expectations.</p> <p>SLSA v1.0 addresses this gap by providing more explicit guidance on how to verify provenance. This is split between establishing <a href="verifying-systems">trust in build platforms</a> themselves versus establishing <a href="verifying-artifacts">trust in artifacts</a> produced by those build platforms. Build platforms implement the requirements around isolation and provenance generation, and consumers choose whether to trust those build platforms. Once that trust is established, consumers or package managers can verify artifacts by comparing the provenance to expectations for the package in question.</p> <p>Ecosystems are already creating verification tooling, such as <a href="https://github.com/github/roadmap/issues/612">npm’s forthcoming SLSA support</a>. Tooling for organizations that need to protect first-party software is also available, such as <a href="https://github.com/slsa-framework/slsa-verifier">slsa-verifier</a>.</p> <h2 id="provenance-and-vsa-formats">Provenance and VSA formats</h2> <p>SLSA v1.0 simplifies SLSA’s build model and recommended provenance format to make it easier to understand and apply to arbitrary build platforms.</p> <p>A major source of confusion for SLSA v0.1 was how to model a build and represent it in provenance. The v0.1 spec and v0.x provenance formats were overly rigid about a build’s inputs, differentiating between “source”, “build config”, “entry point”, and so on. Many implementers found that their build platforms did not clearly fit into this model, and the intent of each field was not clear. Furthermore, provenance requirements were described both abstractly in the SLSA specification and concretely in the provenance format, using different language. Implementers needed to jump back and forth and mentally map one concept to another.</p> <p>SLSA v1.0 and the recommended <a href="/provenance/v1">provenance v1 format</a> attempt to address this confusion by simplifying the model and aligning terminology between the two. The main change is to represent all “external parameters” that are exposed to the build platform’s users, instead of differentiating between various inputs. Now, you can represent arbitrary parameters, as long as it is possible to compare these parameters to expectations. Other parts of the provenance format were renamed, though most concepts translate from the old format to the new format. For a detailed list of changes, see <a href="/provenance/v1#change-history">provenance change history</a>.</p> <p>In addition, the recommended <a href="/verification_summary/v1">verification summary attestation (VSA)</a> has been updated to v1.0.</p> <!-- Footnotes and link definitions --> <div class="mt-10 pt-10 border-t flex flex-col sm:flex-row space-between gap-5"> <a href="/spec/v1.0/" class="border rounded px-4 py-2 text-left">&lsaquo; Overview</a> <a href="/spec/v1.0/about" class="sm:ml-auto border rounded px-4 py-2 text-right">About SLSA &rsaquo;</a> </div> </div> </div> </main><footer class="site-footer flex-none h-card text-white"> <div class="site-clamp py-4 flex flex-wrap items-start justify-between w-full"> <div class="w-full md:w-1/3 mb-8 md:mb-0"> <p><strong>SLSA is a cross-industry collaboration.</strong><br> © 2024 The Linux Foundation, under the terms of the <a href="https://github.com/slsa-framework/governance">Community Specification License 1.0</a></p> </div> <div class="w-full md:w-1/3 mb-8 md:mb-0"> <p><strong>Privacy statement</strong><br> We use <a href="https://goatcounter.com">GoatCounter</a> to help us improve our website by collecting and reporting information on how it's used. We do not store advertising or tracking cookies. The information we collect does not identify anyone and does not track an individual's use of the site.</p> </div> <div class="w-full md:w-1/4 mb-8 md:mb-0 flex md:justify-end"> <p> <a href="https://github.com/slsa-framework/slsa/blob/910587ad00cc1f893b1e1ef6af3fb00c382e72f3/docs/spec/v1.0/whats-new.md?plain=1" target="_blank" class="flex gap-4 h5 font-normal"> View source on GitHub <svg width="22" height="22" viewBox="0 0 22 22" fill="none" xmlns="http://www.w3.org/2000/svg"> <path fill-rule="evenodd" clip-rule="evenodd" d="M11.2344 0.150879C5.28641 0.150879 0.468811 4.96848 0.468811 10.9165C0.468811 15.6803 3.55046 19.7039 7.82978 21.1303C8.36806 21.2245 8.56991 20.9016 8.56991 20.619C8.56991 20.3633 8.55646 19.5155 8.55646 18.6139C5.8516 19.1118 5.15184 17.9545 4.93653 17.3489C4.81541 17.0394 4.29059 16.084 3.83306 15.8283C3.45626 15.6264 2.91798 15.1285 3.8196 15.1151C4.66739 15.1016 5.27295 15.8956 5.47481 16.2185C6.44371 17.8468 7.99126 17.3893 8.61028 17.1067C8.70448 16.4069 8.98708 15.9359 9.29659 15.6668C6.90125 15.3977 4.39825 14.4691 4.39825 10.3513C4.39825 9.18051 4.81541 8.21161 5.50172 7.45802C5.39407 7.18888 5.01727 6.08541 5.60938 4.60514C5.60938 4.60514 6.51099 4.32254 8.56991 5.70861C9.43116 5.46639 10.3462 5.34527 11.2613 5.34527C12.1764 5.34527 13.0914 5.46639 13.9527 5.70861C16.0116 4.30909 16.9132 4.60514 16.9132 4.60514C17.5053 6.08541 17.1285 7.18888 17.0209 7.45802C17.7072 8.21161 18.1244 9.16706 18.1244 10.3513C18.1244 14.4826 15.6079 15.3977 13.2126 15.6668C13.6028 16.0032 13.9392 16.6492 13.9392 17.6584C13.9392 19.0983 13.9258 20.2556 13.9258 20.619C13.9258 20.9016 14.1276 21.238 14.6659 21.1303C16.8031 20.4088 18.6602 19.0353 19.9758 17.2031C21.2915 15.3708 21.9994 13.1721 22 10.9165C22 4.96848 17.1824 0.150879 11.2344 0.150879Z" fill="white"/> </svg> </a> <br> This site is powered by <a href="https://www.netlify.com">Netlify</a> </p> </div> </div> <div class="site-clamp py-4 flex items-start justify-between w-full mb-16 md:mb-0"> <a rel="author" href="/"><img src="/images/logo.svg" alt="SLSA logo" /></a> </div> </footer> </div> </body> </html>