The Software Provenance Team aims to improve provenance and supply chain tracking in Nixpkgs by facilitating information exchange between tool authors, package maintainers and the nixpkgs core team. As such, it is responsible for:
- A coherent vision around software provenance in Nixpkgs
- Encouraging and guiding the development of the infrastructure needed to generate high-quality Software Bill of Material documents (SBOMs)
- Improving package metadata related to provenance, e.g. for the purpose of vulnerability matching