ponens

← Policy gallery

NIST SSDF: PW — No Open Vulnerability at Release

error

ssdf_pw_no_open_vuln_at_release

secure-development security pure_temporal secure-developmentnistssdfsupply-chainpwrag-red

No known unaddressed vulnerability remains open at release.

Formula

G(Release → ¬open_vulnerability)

Why it matters

SSDF PW/RV: identified vulnerabilities are remediated before release; a known open vulnerability shipping is a security gap.

Examples

passes the practice's evidence is present

fails the required secure-development step is absent

Use it

ponens policies add ssdf_pw_no_open_vuln_at_release --into ./trace.json
ponens trace check ./trace.json