Merge pull request ossf#273 from trail-of-forks/ww/homebrew-2023-10

Homebrew: 2023-10 update

alpha/engagements/2023/Homebrew/README.md

@@ -14,6 +14,8 @@ This engagement started in October 2023.
 
 ## Monthly Updates
 
+* [October 2023](./update-2023-10.md)
+
 ## Primary Contacts
 
 * William Woodruff - Trail of Bits

alpha/engagements/2023/Homebrew/update-2023-10.md

@@ -0,0 +1,24 @@
+# Build provenance for Homebrew: October 2023
+
+## Completed
+
+* Designed, implemented, and released
+  [`sigstore-rekor-types`](https://pypi.org/project/sigstore-rekor-types/)
+  to give `sigstore-python` access to DSSE models (in preparation for
+  DSSE support for the Homebrew build and publish attestations).
+
+* Integrated `sigstore-rekor-types` into `sigstore-python`:
+  [sigstore-python#788](https://github.com/sigstore/sigstore-python/pull/788)
+
+* Created
+  [`trailofbits/homebrew-attestation`](https://github.com/trailofbits/homebrew-attestation)
+  as an initial design for the Homebrew attestation formats, with plans
+  to donate the repository to Homebrew once the format is stabilized.
+
+## In progress
+
+* Opened [purl-spec#254](https://github.com/package-url/purl-spec/issues/254)
+  to begin the standardization of a package URL format for Homebrew.
+
+* Began work on DSSE signing and verification support in `sigstore-python`:
+  [sigstore-python#804](https://github.com/sigstore/sigstore-python/issues/804)