Version: main-dev

provenance.output

Title: provenance.output


Type	`object`
Additional properties

Description: Build provenance and supply-chain attestation information.

Property	Pattern	Type	Deprecated	Definition	Title/Description
+ analyzer	No	const	No	-	Unique identifier for the Provenance analyzer.
+ repository	No	string	No	-	The image repository that was analyzed.
+ tag	No	string	No	-	The image tag that was analyzed.
+ has_provenance	No	boolean	No	-	True if SLSA provenance or build attestations were found.
+ has_cosign_signature	No	boolean	No	-	True if a Cosign signature was found.
+ source_tracked	No	boolean	No	-	True if the source repository URL is tracked in metadata.
+ indicators_count	No	integer	No	-	Total number of supply-chain indicators found.
+ indicators	No	array of object	No	-	List of specific supply-chain evidence found (e.g., OCI labels, signatures).

1. Property `analyzer`


Type	`const`

Description: Unique identifier for the Provenance analyzer.

Specific value: "provenance"

2. Property `repository`


Type	`string`

Description: The image repository that was analyzed.

3. Property `tag`


Type	`string`

Description: The image tag that was analyzed.

4. Property `has_provenance`


Type	`boolean`

Description: True if SLSA provenance or build attestations were found.

5. Property `has_cosign_signature`


Type	`boolean`

Description: True if a Cosign signature was found.

6. Property `source_tracked`


Type	`boolean`

Description: True if the source repository URL is tracked in metadata.

7. Property `indicators_count`


Type	`integer`

Description: Total number of supply-chain indicators found.

Restrictions
Minimum	≥ 0

8. Property `indicators`


Type	`array of object`

Description: List of specific supply-chain evidence found (e.g., OCI labels, signatures).

	Array restrictions
Min items	N/A
Max items	N/A
Items unicity	False
Additional items	False
Tuple validation	See below

Each item of this array must be	Description
indicators items	-

8.1. indicators items


Type	`object`
Additional properties

Property	Pattern	Type	Deprecated	Definition	Title/Description
+ type	No	string	No	-	Type of indicator (label, signature, attestation).
+ key	No	string	No	-	The specific metadata key or ID.
+ value	No	string	No	-	The value of the indicator.

8.1.1. Property `type`


Type	`string`

Description: Type of indicator (label, signature, attestation).

8.1.2. Property `key`


Type	`string`

Description: The specific metadata key or ID.

8.1.3. Property `value`


Type	`string`

Description: The value of the indicator.

Generated using json-schema-for-humans on 2026-03-21 at 11:43:37 +0000

1. Property analyzer​

2. Property repository​

3. Property tag​

4. Property has_provenance​

5. Property has_cosign_signature​

6. Property source_tracked​

7. Property indicators_count​

8. Property indicators​

8.1. indicators items​

8.1.1. Property type​

8.1.2. Property key​

8.1.3. Property value​