[1.8] Reproducible builds, artifact signing, and SBOM outputs

Implement deterministic builds for .deb and ISO, pinned toolchains, hermetic environments, reprotest/diffoscope validation, build attestations (SLSA/in-toto), artifact signing, key management, SBOM generation (SPDX/CycloneDX), and offline verification.

## Scope

This epic covers **13 decisions** and **10 tasks** from the Cortex Linux planning system.

## Source

- **Planning Tool:** [Skilliks](https://planning.skilliks.com)
- **Module:** See internal planning documentation

## Tasks

_Tasks will be added as sub-issues or checklist items as specification is refined._

---
*Epic generated from Cortex Linux strategic planning*


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[1.8] Reproducible builds, artifact signing, and SBOM outputs #8

Scope

Source

Tasks

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[1.8] Reproducible builds, artifact signing, and SBOM outputs #8

Description

Scope

Source

Tasks

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions