Amid increasing attacks on open-source software dependencies, the Supply Chain Levels for Software Artifacts (SLSA) framework emerges as a crucial tool for ensuring software artifact integrity and trustworthiness. Launched by the OpenSSF in 2021, SLSA provides a structured approach to securing the software supply chain by automatically generating verifiable metadata that aids in policy decisions. The framework comprises four levels, each building upon the last to enhance security, from documenting a package's build process to enforcing cryptographic signatures and build hardening against tampering. SLSA's effectiveness hinges on the verification of attestations, which organizations are expected to perform automatically using trusted tools, ensuring software integrity throughout the supply chain.