This is my infographic version of Googles SLSA approach.

PHP Webmin SolarWinds CodeCov Browserify Typosquatting Attack on Package Mirrors Event-Stream Hyperlink1 SLSA Scorecard Deps.dev CNCF Enisa