| icon | lock |
|---|---|
| description | Security Model |
- Unprivileged: No sudo/doas required
- Isolated builds: CI runs in rootless containers
- Transparent logs: View build logs with
soar log $pkg
- Checksums: b3sum + sha256sum
- Attestations: GitHub Artifact Attestations
- Signing: minisign signatures
Soar's build process meets SLSA Build L2.