What is GitHub’s Artifact Attestation feature and what security guarantee does it provide?

Question

Github — Hard

What is GitHub’s Artifact Attestation feature and what security guarantee does it provide?

Accepted Answer

GitHub's Artifact Attestation generates cryptographically signed records for artifacts built in GitHub Actions. This establishes a verifiable chain of custody, ensuring artifacts come from a specific repository and workflow. The correct answer provides this specific security guarantee. Other options lack this precise mechanism.