# Trust ## Supply-chain attacks Only crates available in the debian eco system are used. ## Reproducable builds ## Code coverage ## Attestation SLSA Attestation https://github.com/actions/attest-build-provenance ## Signed artifacts Sigstore / cosign